In Oceanside Health Prods. LLC v. Instock Goodies Inc., No. SACV 23-00266-CJC (DFMx), 2023 U.S. Dist. LEXIS 76671, at *10-11 (C.D. Cal. May 2, 2023), Judge Carney found in a non-CCPA tort case that the mere inclusion of CCPA privacy notices on a website was insufficient to demonstrate that a corporation intended to subject itself to tort claims in California.

Plaintiff’s argument that “Defendant’s inclusion of California’s privacy laws” on its website establishes personal jurisdiction because it “demonstrates that Defendant knew conducting business with California could subject it to liability under state law,” (Opp. at 9), is without merit. It is true that under the “Using Personal Information” heading on the Privacy Policy page of Defendant’s website, there is a section addressing the California Consumer Privacy Act (CCPA). (See Belanger Decl. Ex. I.) But including potentially applicable privacy laws on its website does not necessarily show that a defendant expressly aimed its sales at a particular state. See Voodoo SAS v. SayGames LLC, 2020 WL 3791657, at *5 (N.D. Cal. July 7, 2020) (finding that inclusion in privacy policy of section addressing the CCPA “show[ed] that SayGames knew Jelly Shift might be purchased by California residents,” but “d[id] not indicate that SayGames specifically aimed Jelly Shift at California residents.”); Will Co. v. Does 1-20, 2022 WL 18878042, at *4 (W.D. Wash. Dec. 19, 2022) (“References to United States’ laws in JuicyAds’ terms of service agreement is not sufficient to show Defendants’ intentional actions were expressly aimed at this forum.”); Will Co. v. Lee, 47 F.4th 917, 926 (9th Cir. 2022) (“[I]t would be insufficient for Defendants to have simply anticipated people from the United States might access and to have set up pages to make sure they could do so lawfully.”). In short, the Court is not persuaded that the reference to the CCPA in Defendant’s privacy policy demonstrates express aiming at California.