On July 6, 2021, a federal judge in the Southern District of Florida dismissed a wiretapping suit brought by Mariana Cardoso (“Plaintiff”) against Whirlpool Corporation (“Whirlpool” or “Defendant”). Specifically, the Plaintiff alleged that Whirlpool violated the Florida Security of Communications Act (“FSCA”) by intentionally intercepting her electronic communications through “session replay” software that Defendant was utilizing on its website, whirlpool.com. The Court agreed with the Defendant that the Plaintiff failed to state a claim under the FSCA. However, the Court has, “in an abundance of caution,” granted the Plaintiff leave to amend her complaint within fourteen (14) days.
What claims can be brought under the FSCA?
Key Terms of the FSCA
The FSCA prohibits businesses from “intentionally intercept[ing], endeavor[ing] to intercept, or procur[ing] any other person to intercept or endeavor to intercept any wire, oral, or electronic communication.” In order to state a claim under the FSCA, one must sufficiently plead that: 1) there was an oral, wire or electronic communication; 2) it was intentionally intercepted, disclosed or used; and 3) it was done in violation of the FSCA.
Basis of the Wiretapping Suit
“Session replay” software is a tool used by website owners to track computer-to-computer data communications, such as mouse movements and clicks, keystrokes, search terms, and pages and content viewed while visiting websites. The Plaintiff claimed that session replay software goes beyond traditional website cookie or analytical tools, by storing information that may be leaked to third parties. The wiretapping suit also alleges that “interception of Plaintiff’s electronic communications allowed Defendant to capture, observe, and divulge Plaintiff’s personal interests, browsing history, queries, and habits as she interacted with and browsed Defendant’s website.” Plaintiff alleged that this was all done without her knowledge or consent.
The Court granted the Defendant’s motion to dismiss for failing to state a claim under the FSCA. The Court found that elements of this case were nearly identical to a case that was decided in Florida state court on June 17, 2021. In that case, Jacome v. Spirit Airlines, Inc., the court held that the FSCA did not apply to session replay software used on a commercial website and that the plaintiff failed to allege sufficiently that: 1) electronic communications were intercepted; 2) an electronic, mechanical, or other device was used to effect interception; and 3) the plaintiff had a reasonable expectation of privacy when visiting the website. The judge in the Whirlpool case, found the Florida state court ruling persuasive and came to the same conclusion.
The marketing industry should take note that both federal and state courts in Florida have now found that session replay software does not violate the FSCA. This is comforting to businesses that utilize this technology for purposes of: 1) evidencing proof of consumer registration; and 2) tracking other site activity for subsequent marketing initiatives.
Operating a website can make one the target of various lawsuits. Businesses must be aware of both federal and state laws that can hold them accountable for practices that toe the line of violating certain electronic communications and/or consumer privacy regulations. Speaking with knowledgeable counsel can help prevent lawsuits and the stress that accompanies them.
If you need to review your website policies or need assistance with navigating consumer privacy law, please e-mail us at firstname.lastname@example.org, or call us at (212) 246-0900.
The material contained herein is provided for informational purposes only and is not legal advice, nor is it a substitute for obtaining legal advice from an attorney. Each situation is unique, and you should not act or rely on any information contained herein without seeking the advice of an experienced attorney.