New Privacy Software Helps Lawyers Defend Against Rising Pixel, Tracker, and Session Recording Lawsuits

Over the past year, we’ve seen privacy-related legal actions brought against companies from Federal, State, and Regulatory agencies, and private classes that focus heavily on data privacy violations related to website tracking. Law firms with data privacy practices are seeing a substantial uptick in questions from clients concerned with these topics, and clients who require defense against a pending legal action.

What is the adtech at the core of these issues, and why is it a concern?

As a quick refresher, let’s review what pixels, trackers, and session recording tools, which are the tools at the heart of these legal actions, actually do. Pixels are tiny, transparent, and often invisible graphical elements embedded in web pages or emails. Scripts attached to these pixels collect data for various purposes, such as measuring website traffic, understanding user behavior, and delivering targeted advertising.

Trackers similarly collect data for various purposes, including advertising, analytics, and personalization, but come in different forms, such as cookies, scripts, tags, and fingerprinting techniques.

Lastly, session recording tools (like HotJar, CrazyEgg, and Glassbox) capture and record user interactions and activities on websites or within applications. It involves recording user sessions, including mouse movements, clicks, keystrokes, and scrolling behavior, to analyze user behavior, improve website usability, and enhance user experience.

All these tools aim to measure engagement or personalize or improve the user experience by better understanding the users’ preferences, behaviors, and demographics. It’s important to note that often the website owner or the organization’s marketing department will place these trackers onto the website but are often unaware they are violating any regulations.

Although many of these technologies have been used for years, data privacy regulations are finally catching up. When The Markup reported in August 2022 that several hospitals were sharing patient data with Facebook via the “Meta Pixel,” it set off alarms among privacy regulators and plaintiffs’ attorneys. In December 2022, the Department of Health and Human Services Office of Civil Rights issued a memo warning against the use of tracking technology on healthcare websites as they may be sharing sensitive health data, clarifying that it violates HIPAA.

Hospital and healthcare websites have been hit hard since this clarification. Over 18 class-action lawsuits have been filed against hospitals and counting, alleging they are sharing health data via online trackers. The FTC fined GoodRx and Betterhelp for using online tracking technologies without explicit user consent, and the director of the Department of Health and Human Services’ Office for Civil Rights recently clarified that it’s a priority of their office to crack down on those who violate the regulations on trackers.

Besides healthcare, we’ve seen plaintiffs’ attorneys bring class-action lawsuits related to sharing video streaming data from websites to Facebook via the Meta pixel under the Video Privacy Protection Act. Other class-action lawsuits have been filed under state wiretapping laws related to using session recording tools to record users’ web activities without their knowledge or consent.

Using tech to defend against (or hopefully avoid) these issues for clients

One way that law firms can get a handle on all of this activity is to leverage privacy software that automates the discovery of the online data at the core of these concerns. Whether clients are facing a lawsuit or regulatory action or seeking proactive guidance on addressing this emerging pixel problem, leveraging emerging privacy technology can bring a real competitive advantage to law firms.

“Regulators such as the FTC are heavily investing in their technology capabilities and recent complaints make it clear that plaintiffs and investigative journalists are using similar tools to identify and evaluate these technologies on websites. Organizations need to take note and get in front of the issue,” remarks Brian Segobiano, Chief Privacy Officer at Epsilon Economics, a leading digital forensics firm based in Chicago.

There’s plenty of technology out there to choose from, so we’ll recommend a few key things that we recommend looking for when evaluating privacy tools.

Attorneys should look for technology that:

  • Is accessible and straightforward to grasp without requiring them to become technical experts on adtech. Look for tools that provide contextualization and prescriptive information around which trackers are considered “risky,” why, and if they’ve been named in prior lawsuits or are known to share data with unauthorized third parties.
  • Saves time identifying and auditing all third-party trackers, pixels, and session recording tools on the client’s website with automatic scanning. This visibility will help them understand what’s going on without relying on the client’s marketing, IT, or web team to provide that information.
  • Can easily export analysis, reports, and recommendations from the tool to share with clients or to include in case files, helping save time formatting and compiling information.
  • Provides detailed documentation of the exhaustive list of all the tracking technologies, what pages they are on when they were first seen, and what data they’re collecting.

The benefits of bringing data discovery in-house

Lawyers can conduct light forensics and discovery work in-house with the right privacy software, offering them significant advantages, especially if they’re handling a high volume of these cases. Why?

  • With the proper tools, lawyers can take on and close more privacy-related cases quicker and get paid faster by replacing the manual and tedious information-gathering tasks for discovery with automation.
  • Instead of outsourcing forensics work, lawyers can leverage easy-to-use tools to save money and time coordinating between multiple parties.
  • Improve the client-law firm working relationship by turning around work faster, passing on cost-savings from efficiencies, and keeping clients informed of findings with easy-to-understand reports and information.

In addition to defense, law firms who want to provide their clients with value-added services advising clients on what to remove and clean up on their websites can leverage tools with blocking technology to help their clients clean up their sites.

In conclusion, as privacy cases related to these online tracking technologies continue to emerge, law firms can tighten how they manage these cases to increase efficiency, profitability, and revenue by leveraging tools to streamline some tedious work.

 About the Author 

As CEO and Founder of LOKKER, provider of online data privacy and compliance solutions for enterprises, Ian Cohen is dedicated to providing solutions that empower companies to take control of their privacy obligations. Before founding LOKKER in 2021, Cohen formerly served as CEO for, and CPO for Experian, where he focused on consumer-permissioned data. 

Check Also

Safeguarding Against Commingling of Funds: Best Practices for Your Law Firm

As a law firm, it’s crucial to be aware of the significant risk posed by …