Robert Greene Tech

Papa John's Has Been Sued for Wiretapping Its Own Website

A customer has sued Papa John's for allegedly violating the US Wiretap Act by installing software on its website that snoops on what a user does while browsing the website. 

The claimant filed the lawsuit in a federal district court in southern California asking for no less than $100 for each day of violation for every person. 

The total amount could be staggering if the respondent be found guilty since the lawsuit is a class action. 

Papa John's Spying? 

The popular pizza chain, according to the lawsuit, installed a software, known as "session replay software", capable of spying on what a customer has clicked or moved the mouse, and every time a customer has abandoned the cart. 

This software is common to all companies that wanted to understand the user's experience better. 

IT experts said the session replay software can give a company the visuals of how a user interacts with its website. It can give the company the necessary information so that it can improve user experience.  

Read Also: Why Data Privacy is More Important Than Ever

Claimant Alleges Papa John's Wiretaps Its Own Website 

Many companies are using the software, but the claimant alleged that Papa John's used it to wiretap its own website. 

The pizza company has violated the US Wiretap Act, and California Invasion of Privacy Act (CIPA), the claimant said. 

The lawsuit said, Papa John's used the software supposedly "to monitor and discover broken website features." 

But the company goes beyond the stated purpose, the lawsuit said. 

Claimant Asks For Damages 

The claimant asked the federal court to have Papa John's pay "greater of $10,000 or $100 per day for each violation." 

Arguing that "millions" of people were spied upon using the software installed on its website, the complainant has demanded $2,500 statutory damages from Papa John's for multiple CIPA violations. 

The pizza company, if found guilty, is going to pay huge fines. 

The complainant alleged that the company used "spyware." He does not mention the name of the software.

He claimed the code Papa John's used on its website is illegal. The company has kept mum on the allegations. 

Session Replay Software Is a Privacy Concern  

The session replay software captures data indiscriminately. It has been a privacy concern for many with companies failing to get the consent of users in tracking and storing their personal data such as name, home address, email address, date of birth, orders, and payment information. 

Poor security over this information could leave the users vulnerable.

Last year, Intel was also accused of wiretapping for using analytics to monitor and track keystrokes, and mouse and cursor movements on its website. 

The software has gained attention from people who raised a privacy issue against it in 2017 after a study was published by researchers from Princeton's Center for Information Technology Policy. 

The study found the scripts of the session replay services such as Yandex, FullStory, Hotjar, SmartLook, SessionCam, among others were used on 482 of the 50,000 websites by Alexa. 

There is a danger that personal information such as email addresses, passwords, and credit card numbers will be captured by the session replay script, the researchers said.

Related Article: Several Honda Models Have a Vulnerability That Lets Hackers Unlock Cars, Start Engines Remotely

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

Tags Papa John's Sued Papa John's Wiretapping US Wiretap Act data privacy

More from iTechPost