Sephora.com may be recording your chats, alleges a recent CIPA Class Action
A recent class action under the California Invasion of Privacy Act (CIPA) accused Sephora of illegally recording and sharing communications of consumers with the chatbot on their website.
A California resident, Ruth Martin, has filed a class action complaint against Sephora, claiming that the company has illegally recorded and shared the online conversations of their customers. The complaint alleges that the website did not take written consent from the users before recording or sharing their conversations, thereby violating the CIPA.
Sephora USA, Inc., a Michigan corporation, owns and operates the website Sephora.com. The beauty products company Sephora is well-known worldwide. Consumers who visit their website, can interact with an automated chatbot. Given the nature of their business, consumers often share personal information with the chatbots. The complaint alleges that Sephora recorded and shared contents of the conversations without users’ consent, “even when such conversations are private and deeply personal.”
“Defendant has covertly embedded code into its chat feature that automatically records and creates transcripts of all such conversations.”
Ruth Martin v. Sephora USA, Inc., 1:22-cv-01355
The CIPA Class Action alleges that Sephora.com shared customer private communications with Hubspot or Salesforce in real time.
On October 23, Plaintiff Martin filed the CIPA complaint against Sephora USA, Inc. in the Eastern District of California. Plaintiff Martin has also filed other complaints alleging similar violations, including one against Lovisa, a jewelery brand.
Numerous class actions claiming similar CIPA violations have only recently been filed. Some of the cases include class actions against Journeys.com, against Saucony.com, and against Gamestop.com. If these complaints are accurate, a lot of other websites might also be breaking the law. Which would result in many more class action lawsuits in the near future.
This class action is filed on behalf of all California residents who used the chat feature on Sephora.com from a cell phone. The complaint seeks to recover $5,000 in statutory damages for each class member. The complaint speculates that at least 5,000 California residents have been affected by this breach. It wouldn’t be a surprise if the number of affected consumers is much larger.
CIPA prohibits recording a conversations without the consent of all parties to the conversation.
“The California Invasion of Privacy Act (“CIPA”) prohibits both wiretapping and eavesdropping of electronic communications without the consent of all parties to the communication. Compliance with CIPA is easy, and the vast majority of website operators comply by conspicuously warning visitors when their conversations are being recorded or if third parties are eavesdropping on them.”
“Unlike most companies, Defendant ignores CIPA. Instead, Defendant both wiretaps the conversations of all website visitors and allows a third party to eavesdrop on the conversations in real time during transmission. Why? Because, as one industry expert notes, “Live chat transcripts are the gold mines of customer service. At your fingertips, you have valuable customer insight. . .When people are chatting, you have direct access to their exact pain points.) See https://www.ravience.co/post/improve-marketing-roi-live-chat-transcripts“
Ruth Martin v. Sephora USA, Inc., 1:22-cv-01355
Want to stay up to date on class actions that concern you? Register for the free weekly newsletter from ClassActionNews.com.
What could this class action mean to you?
While shopping on a website, we enjoy treating the chatbot as our personal shopping assistant. Inadvertently, we often disclose “highly personal and sensitive data” in our communications. If these allegations are true, then many websites could be recording our chats. Sharing it with other companies which specialise in analysing the chats to extract commercially useful information about us. That is a serious privacy invasion.
If consumers had known their chats would be recorded and shared, some might have been more cautious. The complaint raises serious allegations about Sephora, and other company’s “secret” data collection practices. That these would “shock and appal” the consumers.
Why are companies sharing or analysing our conversations with their chatbots? What do they stand to gain from it? Read our investigation on how chatbots may be sharing your conversations with others to find out all the answers.
Is there anything you can do to secure your privacy?
The California Invasion of Privacy Act allows affected consumers to recover up to $5,000 in statutory damages.
Have you visited Sephora.com, or any of these other websites, and shared any information with their chatbot? If so, you may have suffered similar privacy violations too. You have to stand up to protect your privacy rights.
If you are a California resident, the California Invasion of Privacy Act could offer a remedy to you.
We can help you investigate your potential CIPA claims. Please contact us to consult a class action lawyer at ClassActionNews today. You may also be eligible to recover up to $5,000 for any similar violations you have suffered.
Subscribe Now to our weekly Newsletter and stand a chance to recover up to $5,000 too.
