LEGAL EAGLE SPOTLIGHT federal and state wiretapping statutes, general privacy laws and unfair competition regulations. The potential financial exposure is significant — CIPA, for example, allows for statutory damages of $5,000 per violation, and class actions can multiply this risk into the millions. In addition to state laws, plaintiffs may allege that a bank has breached its obligations under the Gramm-Leach-Bliley Act (GLBA) by disclosing consumers’ financial or other non-public personal information without providing proper advance notice. As a result, banks face a complex patchwork of state and federal regulations, making it essential to understand and address these risks proactively. Recent lawsuits have named major banks including JPMorgan Chase, Capital One and TD Bank for embedding tracking pixels on their websites, allegedly transmitting customer information to Navigating the Rising Risk of Website Tracking Litigation What Independent Banks Need to Know By Shawn Tuma, Attorney, Spencer Fane LLP As independent banks continue to invest in digital platforms to better serve their customers and communities, the use of website tracking technologies such as cookies, pixels and session replay tools has become commonplace. These tools are essential for improving user experience, supporting marketing efforts and ensuring operational efficiency. However, a surge in lawsuits and regulatory scrutiny across the country has made website tracking a significant legal and reputational risk for banks of all sizes, including those serving towns and rural communities across the U.S. Leaders in the banking industry must understand the evolving landscape of website tracking litigation, recognize which activities can trigger claims and implement robust compliance strategies to protect their banks. If your bank receives a legal demand or lawsuit related to website tracking, experienced legal counsel can make all the difference. Understanding the Legal Landscape: Why Banks Are at Risk Although much of the recent focus has been on California’s privacy laws, the risk of website tracking litigation extends nationwide. Importantly, a bank does not need to be physically located in California, conduct business there or even have California-based customers to be targeted. Plaintiffs’ attorneys can bring claims under California law if an individual from California accesses the bank’s website and alleges a violation. Banks and financial institutions are increasingly accused of using website tracking tools that collect and share user data with third parties without proper disclosure or consent. These claims often cite violations of the California Invasion of Privacy Act (CIPA), various 18 | The Show-Me Banker Magazine
RkJQdWJsaXNoZXIy MTg3NDExNQ==