>
Popular pizza chain Papa John’s is being sued for wiretapping its own website.
The plaintiff is asking at least $100 per day of violation, per person, and given that this is a class-action lawsuit, the damages could be quite substantial if the company is found guilty.
According to the lawsuit filed in a federal court in Southern California earlier this week, Papa John’s installed what is known as “session replay software” — software capable of recording a user’s session on the website and then play again. That way, the company can see exactly where users clicked, hovered their mouse, when they decided to leave the shopping cart, and pretty much everything else that was part of their session with Papa John’s.
Violation of the US Wiretap Act
While this type of tracking is nothing new, and many companies use it to improve the website and its performance, Papa John’s went too far, plaintiffs argue, and in the process – the US Wiretap Act, as well as the California Privacy Violation Act. (opens in new tab) Act (CIPA).
“The alleged use of ‘session replay’ technology is to monitor and discover faulty website functions, but the scope and detail collected by users of the technology … far exceed its stated purpose,” the lawsuit reads.
The plaintiff is now asking for “the highest of $10,000 or $100 per day for each violation”. In addition, he is seeking $2,500 in legal damages for multiple CIPA violations. At this time, the amount of the possible fine is unknown, but the plaintiff argues that “millions” of people have been unlawfully spied on. That means that if the company is found guilty, the fine could also run into the millions.
Papa John’s is currently silent on the matter.
Session replay software is part of the usual arsenal of every marketing and IT department and is mostly used to monitor and improve the user experience.
Through: The register (opens in new tab)