Third-Party Pixel Tracking Technology Liability

Klein Moynihan Turco LLP


Klein Moynihan Turco LLP (KMT) maintains an extensive practice, with an international client base, in the rapidly developing fields of Internet, telemarketing and mobile marketing law, sweepstakes and promotions law, gambling, fantasy sports and gaming law, data and consumer privacy law, intellectual property law and general corporate law.
Recently, companies have found themselves defending allegations that the use of third-party pixel tracking technology on their websites violates state consumer privacy laws. Fortunately, these claims do not...
United States Privacy
To print this article, all you need is to be registered or login on

Recently, companies have found themselves defending allegations that the use of third-party pixel tracking technology on their websites violates state consumer privacy laws. Fortunately, these claims do not always survive the dismissal stage of litigation proceedings. In Nienaber v. Overlake Hosp. Med. Ctr., 2024 WL 2133709 (W.D. Wsh. May 13, 2024), plaintiff alleged that defendant, a hospital, shared her private data with Meta, formerly Facebook, and other third parties by using third-party pixel tracking software on its website and private patient portal. The Court dismissed plaintiff's claims, finding that plaintiff failed to plausibly allege: (1) that any of her sensitive data was transmitted to third parties from defendant's public facing website; or (2) that pixel tracking software was even used on the patient portal. Conversely, some of these cases do survive the dismissal stage, such as in Vonbergen v. Liberty Mutual Ins. Co., which we discussed in this piece.

If your company's website utilizes third-party pixel tracking software, now is a good time to consider: (1) the prospect of potential legal liability for doing so; and (2) the defenses that you may have if confronted with allegations that the use of third-party pixel tracking software violates state privacy laws.

Liability and Defenses to Third-Party Pixel Tracking Claims

The Federal Wiretap Act ("FWA") imposes civil and criminal liability for intentionally intercepting communications unless that interception falls within one of the exceptions articulated in the statute. Although the Federal Wiretap Act originally covered only wire and oral conversations, it was amended in 1986 to encompass electronic communications as well (e.g., emails or other messages sent via the Internet). Please note that because the FWA allows for single-party consent, companies rarely face liability under the FWA.

Similarly, every state has codified its own law imposing liability for illegally wiretapping communications. Many of these state laws permit consumers to bring private rights of action that can result in significant monetary liability. For instance, the California Invasion of Privacy Act ("CIPA") makes it unlawful for a person to intentionally, and without the consent of all parties to a communication, "eavesdrop upon or record the confidential communication" using an "electronic amplifying or recording device." Importantly, CIPA permits a private right of action and recovery of: (1) $5,000 per violation; or (2) three times the amount of actual damages, if any; and (3) injunctive relief.

Likewise, the Pennsylvania Wiretapping and Electronic Surveillance Control Act ("WESCA") allows "[a]ny person whose wire, electronic or oral communication is intercepted, disclosed or used in violation of [the statute]" to bring suit against "any person who intercepts, discloses or uses or procures any other person to intercept, disclose or use, such communication." This statute allows consumers to recover: (1) actual damages, or liquidated damages up to $1,000, whichever is greater; (2) punitive damages; and (3) reasonable attorneys' fees and other litigation costs.

The State of Washington's wiretapping law is analogous to CIPA and WESCA in that it requires consent from all parties before recording a communication. Also, like CIPA and WESCA, Washington's wiretapping law contemplates private rights of action and allows for the recovery of: (1) actual damages, including mental pain and suffering, or liquidated damages of $100 per day for each day of the violation, but not to exceed $1,000; and (2) reasonable attorneys' fees and other litigation costs.

As our readers know, plaintiffs' attorneys are now regularly bringing class action lawsuits alleging that companies violate CIPA and WESCA by employing third-party pixel tracking software which records and/or stores a visitor's activity on their websites.

Fortunately, defenses to these claims exist, including: (1) obtaining prior express consent from consumers; (2) third-party tracking technology is an extension of the website, and the information tracked is not being used for the third-party's own purposes; (3) information, such as IP addresses, browsers and device types, and the time and duration of a website visit are not "content," within the meaning of the statutes; and (4) the information tracked is not intercepted "in transit." In addition, there are certain jurisdictional defenses that can be invoked in moving to dismiss third-party pixel tracking technology claims.

Consumer Privacy Lawsuits Will Continue

Courts of law are now struggling with how to apply antiquated state laws to the rapidly-evolving technological landscape. Given this uncertainty, online businesses should anticipate that third-party pixel tracking software lawsuits will continue. As such, it is imperative that businesses evaluate their data collection technology practices, and how consent to use that data is obtained from website visitors.

The attorneys at Klein Moynihan Turco have a wealth of experience in all aspects of consumer privacy and marketing law. Our first-rate litigation defense team will use this experience to ensure that your business gets top of the line representation in the event that you are named as a defendant in a lawsuit.

If you need assistance with defending a lawsuit or updating your privacy practices and procedures, please email us at or call us at (212) 246-0900.

California Court Holds That Website Recording Is NOT Wiretapping

Does The Use Of Chatbots Constitute Wiretapping?

Help! I Was Served With A CIPA Lawsuit

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More