In previous posts, we examined the rise of chat and pixel cases under Section 631(a) of the California Invasion of Privacy Act (CIPA), as well as the increasing prevalence of pen register, trap and trace cases, and search bar pixel cases under CIPA Section 638.51. In this post, we discuss other trending privacy claims and offer recommendations to help you avoid becoming a target of website-based privacy lawsuits and arbitration claims.
Alongside these developments, other website privacy claims are evolving and becoming increasingly prevalent in several states. For instance, cases alleging that common email marketing analytics technologies can violate the Arizona Telephone, Utility and Communication Service Records Act (Arizona Act) are on the rise. Major retail companies such as Target1 and Gap2 are facing accusations of violating the Arizona Act by embedding analytics technologies, referred to as "spy pixels" in the complaints, in emails without obtaining consumers' consent. Plaintiffs assert that the data collected, including information on email opening times and locations, frequency of interactions, forwarding, printing and recipient email server types, constitutes "communication service records" under Arizona Act. These data points are very widely used in digital marketing. While many of these cases are currently in the motion-to-dismiss stage, companies using tracking technologies in their email marketing campaigns should be wary of potential lawsuits from Arizona consumers.
Additionally, there has been an uptick in website privacy cases under the Song-Beverly Credit Card Act, a California law established in 1971. These lawsuits allege that gathering personal information, including IP addresses, during online credit card transactions violates the...
