A customer named David Kauffman is suing Papa John’s for allegedly violating the U.S. Wiretap Act by illegally wiretapping customers’ electronic communications using a session replay software installed on PapaJohns.com.
According to the lawsuit, Papa John used a type of spyware to track the online activities of those who visit its website and logs everything a user does on the website. The session replay software records information about how visitors use the website, such as mouse movements and clicks, keystrokes, search terms, entered text, and pages and content viewed in an untraceable manner.
The lawsuit also seeks $10,000 or $100 per day in statutory damages for each violation of the Wiretap Act, as well as $2,500 in statutory damages for each violation of the CIPA.
According to the lawsuit, Papa John’s violated both the federal Wiretap Act and the California Invasion of Privacy Act by intercepting and recording customers’ online communications without their knowledge or consent.
In addition, Papa John’s use of session replay software goes far beyond the stated purpose of detecting broken website functionality and enables the defendant to collect enough information about customers to create a detailed profile for each visitor to PapaJohns.com.
The software collects personalized and sensitive information about the browsing habits and activities of consumers used for Papa John’s business development purposes.
“The purported use of ‘session replay’ technology is to monitor and discover broken website features; however, the extent and detail collected by users of the technology… far exceeds the stated purpose,” the lawsuit states.
The sources for this piece include an article in TheRegister.