
According to the complaint for this class action, American Airlines, Inc. uses session replay technology that wiretaps the communications of visitors to its website. This, the complaint alleges, is a violation of both the federal Wiretap Act and the California Invasion of Privacy Act (CIPA).
A class and a subclass have been defined for this action:
The Class is all persons in the US whose communications were intercepted by American Airlines or its agents.
The Subclass is all persons in California whose communications were intercepted by American Airlines or its agents.
The complaint quotes the federal Wiretap Act as saying that any person who “intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication” has violated this act. Similarly, CIPA forbids the unauthorized tapping of or connecting with telephonic or wire communications sent from or received anywhere within California.
Even so, the complaint alleges, American Airlines has intercepted and connected to “electronic communications through the use of ‘session replay’ spyware that allowed [American Airlines] to read, learn the contents of, and made reports on … interactions on [American Airlines’s] website.”
Session replay, according to the complaint, allows companies to record every move of visitors to a company’s website, including “mouse movements and clicks, keystrokes, search items, information [entered] into the website, and pages and content viewed while visiting the website.” The recording can then be replayed, redirected, and examined, without the consent or knowledge of the person whose communications were recorded.
Session replay is not like normal analytics in that, instead of recording aggregate statistics, the complaint alleges, it records a particular individual’s website visit in real time.
“The purported use of ‘session replay’ technology is to monitor and discover broken website features[,]” the complaint claims. But “the extent [of information] and detail collected by users of the technology, like [American Airlines], far exceeds the stated purpose” and the expectations of the visitors to the website.
The complaint alleges that session replay recordings may pick up personal or sensitive information entered during a session, which the complaint claims “may expose website visitors to identity theft, online scams, and other unwanted behavior.”
“In 2019,” the complaint says, “Apple warned application developers using ‘session replay’ technology that they were required to disclose such action to their users, or face being immediately removed from the Apple Store.”
Apple is not the only party concerned with the use of this technology. The complaint lists links to a number of articles, such as “The Dark Side of ‘Replay Sessions’ That Record Your Every Move Online.”
Article Type: LawsuitTopic: Privacy
Most Recent Case Event
American Airlines Wiretapping of Website Visitor Communications Complaint
October 6, 2022
According to the complaint for this class action, American Airlines, Inc. uses session replay technology that wiretaps the communications of visitors to its website. This, the complaint alleges, is a violation of both the federal Wiretap Act and the California Invasion of Privacy Act (CIPA).
American Airlines Wiretapping of Website Visitor Communications ComplaintCase Event History
American Airlines Wiretapping of Website Visitor Communications Complaint
October 6, 2022
According to the complaint for this class action, American Airlines, Inc. uses session replay technology that wiretaps the communications of visitors to its website. This, the complaint alleges, is a violation of both the federal Wiretap Act and the California Invasion of Privacy Act (CIPA).
American Airlines Wiretapping of Website Visitor Communications Complaint