The most recent attempt to apply the Video Privacy Protection Act to 21st-century technology hit a roadblock when a federal court judge tossed the suit.

Chad Eichenberger claimed that when ESPN transmitted his Roku device identifier (he used the device to watch the sports channel’s videos) to Adobe for purpose of data analytics, the company violated the VPPA prohibition on transmitting personally identifiable information (PII) and viewing history.

ESPN moved to dismiss the putative class action and U.S. District Court Judge Thomas S. Zilly agreed, finding the plaintiff’s factual allegations “too speculative.”

“Because the information allegedly disclosed is not PII (i.e., plaintiff’s Roku device serial number and his viewing records), plaintiff’s legal theory fails,” the court wrote. “Although ESPN could be found liable under the VPPA for disclosing both ‘a unique identifier and a correlated look-up table’ by which plaintiff could be identified as a particular person who watched particular videos, plaintiff does not allege sufficient facts to support his theory that Adobe already has a ‘look-up table.’”

“Even if Adobe does ‘possess a wealth of information’ about individual consumers, it is speculative to state that it can, and does, identify specific persons as having watched or requested specific video materials,” the judge added.

Judge Zilly dismissed the suit without prejudice, allowing Eichenberger to file an amended complaint.

To read the order in Eichenberger v. ESPN, Inc., click here.

Why it matters: Plaintiffs have made multiple attempts to apply the statute – enacted in 1988 in response to the release of U.S. Supreme Court nominee Robert Bork’s video rental records – to more recent technology, with varying levels of success. Similar suits are pending against CNN and Dow Jones, although a Georgia federal court recently dismissed comparable claims against Cartoon Network, in which it reached a conclusion similar to Judge Zilly’s ruling that the transmission of a device identifier alone (in that case, Android IDs) is insufficient to trigger liability under the statute.