Federal Wiretap Law: Illinois Court Rejects Claims Against Deploying Web Analytics Tools – Privacy Shield
Wireless claims have been made of The privacy plaintiff bar, and the healthcare industry in particular, is focused on recent filings (up to two dozen new class actions filed each day). Wireless laws have a long history in the civil and cyber worlds, dating back largely to the 1960s. Frequently applying outdated laws and case law to modern technology is challenging. And this is a recurring theme in the realm of privacy litigation. While much of the impetus has come from new state privacy laws (such as the CCPA, Virginia’s CPDA, and the Illinois BPA), the plaintiff’s bar has the opportunity to rehash old theories and claims applied to new technology. These laws are in favor of judicial frustration.
Wiretap Act. Many of these recent telecom cases involve claims for violations of the federal Wiretap Act and state wiretapping laws, sometimes based on the plaintiff’s state of residence and other times the state in which the website operator or defendant is based. This is often the starting point of contention: which of these wiring rules apply to whom. Importantly, federal wiretapping laws and each state’s wiretapping laws can differ in meaningful ways. For example, Illinois differs from California, Alabama from New York, and Connecticut from Massachusetts. Of relevance here, the federal wiretapping statute generally prohibits the interception of electronic communications by another party without the consent of one party, and even then the interception may not be for purposes of criminal or malicious conduct. look out
18 USC §§2511(1)(a), (c)-(d), (3)(a)..
Illinois federal court decision. A recent decision by the US District Court for the Northern District of Illinois illustrates this point. In a class action lawsuit against a Chicago hospital, the plaintiff alleges that the hospital consensually and fraudulently included third-party code on its website and patient portal in violation of the federal wiretapping statute and various state and tort laws. Plaintiff claims this code is invisible to website and portal users and allows personally identifiable patient data to be transferred to social media and adtech companies for advertising purposes. This follows other recent lawsuits alleging that plaintiffs use website performance and adtech tracking mechanisms (such as cookies, pixels, or web beacons) or generally other third-party material to collect personal information and share that information with others without their knowledge or consent. Visit the website. For example, this plaintiff alleges that when a user clicks on the hospital’s “Schedule Your Appointment Now” button, the hospital “transmits the patient’s personally identifiable information and redirects the patient’s ‘click’ content to third-party social media companies using the Schedule Your Appointment Now button.”
In its denial of the motion, the court held that the defendant’s hospital was a party to the communications and that there was no interference that violated the federal wiretapping statute: “It shall not be unlawful under this chapter.” [i.e., the Federal Wiretap
Act] Unless a person acting under color of law is a party to a communication to intercept a wire, oral or electronic communication, or such communication is intercepted unless one of the parties to the communication has given prior consent. With intent to commit any crime or tort in violation of the Constitution or laws of the United States or any state.
On its motion to dismiss, the court held that there was no interference with the defendant’s hospital being a party to the communications in violation of the federal wiretapping statute. Examining what the court described as a split between the First, Seventh and Ninth Circuit Courts and the Third Circuit, the court found the hospital sued under the federal wiretapping statute for interception of communications. In doing so, the Court considered the criminal or nuisance nature of the federal wiretapping statute and concluded that the gratuitous transmission of metadata or website activity is not a criminal or nuisance activity.
The court summarized the plaintiff’s question of violation of the federal wiretapping statute:
Any person who (a) knowingly intercepts, attempts to intercept, or intercepts or attempts to intercept another person, any wire, oral or electronic communication” (among other things) may be subject to civil penalties; 18 USC § 2511(1)(a), (5)(a)(ii). The same applies to any person who intentionally discloses or uses, or attempts to disclose or use, the content of the intercepted communication. 18 USC § 2511(1)(c), (d). Section 2511(2)(d) of the Act provides an exception if a person terminating a relationship “is a party to the relationship or one of the parties to the relationship has given prior consent to such intervention.” This is called a “party exception” but only if “the communication is intercepted to commit any crime or tort in violation of the constitution or laws of the United States or any state.” 18 USC § 2511(2)(d). Further, section 2511(3)(a) provides that “a person or entity Providing electronic communication services to the public It must not intentionally disclose the content of any communication. . . When the Service is transferred from the recipient of the address or the recipient of such communication to another person or entity. . . ” 18 USC § 2511(3)(a) (emphasis added).
According to this court, the Third Circuit held that “when the defendant is the intended medium of communication, he is necessarily ‘one of the parties’ and the communication interference is protected by the parties.”
This court disagreed with the Ninth Circuit’s interpretation of the parties. While the plaintiff relied heavily on recent guidance from the Department of Health and Human Services (HHS) to argue that online surveillance technologies may violate HIPAA, the court agreed with the defendant that the regulatory guidance (whether applicable, the court did not decide) ․ It applies only to the future.” Meaning, the court examines the technical aspects of the case and “the hypotheses presented by [plaintiff] It seems to show only what happens when an individual – patient or not – clicks on certain areas [defendant’s] Public website.
[Plaintiff] It does not describe what patient data looks like when disclosed. [] The patient entered her [online]portal and travel through it.”
The court then held that the defendant hospital was not a provider of “electronic communications services” as contemplated by the federal Wiretap Act, because it simply provided the software in the ordinary course of business; Instead, the company that provides the software for patient portal services or the software itself falls into that category. Ultimately, the court dismisses four of the five counts in the complaint (including a claim for violation of the Illinois Consumer Protection Act) pending only the plaintiff’s claim for violation of the Illinois Deceptive Trade Practices Act.
Why is this important?: More lawsuits are coming; Prepare yourself immediately. For example, as industries such as health care increasingly rely on websites to offer goods and services, there may be more complaints and lawsuits about how those websites operate and the information they collect. Legal teams must closely review their organization’s website activity and functionality, review and update their organization’s privacy and security statements, and understand and mitigate their organization’s risks.
The content of this article is intended to provide a general guide to the subject. You should seek specialist advice regarding specific circumstances.
We offer you some site tools and assistance to get the best result in daily life by taking advantage of simple experiences