This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Insights Insights
| 1 minute read

More Website Session-Replay "Wiretapping" Claims Struck Down

A federal court has rejected two wiretapping claims based on the use of session-replay technology, which is a common internet tool used to study and improve user experience on a website. These claims, and other similar claims based on different pre-internet laws, have become increasingly common in the last two years following favorable rulings in two federal circuits. These cases are, largely, an effort to retrofit pre-internet laws for online privacy claims. Fortunately, for the most part, the cases are not seeing much success so far.  

Why It Matters

The attached article highlights two cases -- against Papa John's Pizza and Gamestop -- that were recently thrown out by a federal judge in Pennsylvania. Among other things, the judge held that the respective plaintiffs could not establish local jurisdiction over a national website's use of session replay technology and, crucially, that even if a plaintiff could show interception of electronic communications (wiretapping), it could not show injury based on the kind of information at issue. The judge also cited "the increasing number of courts" who find no injury in these claims.  

From the perspective of smaller website operators, the fact that an "increasing number of courts" is rejecting these claims is good news. They came somewhat out of left field, and are being used to target common internet technologies with laws that long predate the internet of today. Small companies can easily run up a huge bill trying to defend or settle these claims, most of which are only very tangentially related to the company's actual operations.  

The session replay suits against Papa John's are part of an influx of lawsuits that have been filed against online retailers nationwide in the wake of rulings out of the Ninth and Third circuits last year that boosted statutes in California and Pennsylvania prohibiting the unauthorized interception of electronic communications.


data security and privacy, hill_mitzi, insights, retail