Now who doesn’t love the Container Store? If you are someone who loves being organized, the Container Store has it all.
Not so fortunate for the Container Store, however, a lawsuit was recently filed against them for violations of CIPA, Section 631 and violations of the California Unauthorized Access to Computer Data Act, Section 502(e).
So, what happened?
The plaintiff Anne Heiting alleges that while she visited the Container Store’s website, containerstore.com, she utilized the chat box feature. However, unbeknownst to her, she alleges her conversations were being recorded and exploited for “commercial surveillance purposes” without her consent.
Heiting states that in the Container Store’s website, iFrame is a code that embeds content from another website, Salesforce. This code intercepts inquiries that consumers believe are being sent directly to the Container Store. Once Salesforce gains access to the user’s information, Heiting alleges it stores it for its own purposes.
As a reminder, Section 631 claims come in three varieties: (1) TCPA compliance records, (2) web session analytics, and (3) chat boxes. Of the three, chat boxes are definitely the most dangerous!
Now you folks already know (because I’ve been talking about it so much the past few months), that when you employ a third-party vendor on your website for analytic purposes, CONSENT is a must. And as we’ve seen in Javier, the consent should probably be obtained BEFORE any recording takes place.
Chat box features on websites are becoming more and more common. But as a website owner, if you are employing a third-party vendor that is essentially “listening in” to that conversation, you should definitely be doing something to ensure the consumer is aware and that you are obtaining the consumer’s consent.
With $5,000 per violation of exposure, you definitely do not want to get hit with a putative class action!