A Papa John’s customer is alleging that the pizza chain tracks keystrokes and mouse clicks on its website, effectively violating federal wiretapping law, according to a class-action lawsuit.
The suit, filed in the Southern District of California, alleges the popular pizza chain uses “session replay” software that allows the company to view and replay a customer’s visit to its website. The session replay software allowed the company to “read, learn the contents of, and make reports on Plaintiff’s and Class Members’ interactions on Defendant’s website,” according to the lawsuit.
According to the suit, the use of the session replay tool was made “without the knowledge or prior consent” of users.
Session replay software isn’t new but has come under fire in recent years, having been accused of being used to spy on users and potentially gain deeply personal information about them.
The lawsuit claims that the use of the software on Papa John’s’ website constitutes a violation of the U.S. Wiretap Act, as well as the California Invasion of Privacy Act (CIPA). Session replay software has been challenged in the courts, and the legality of the software is still being litigated.
The lawsuit seeks damages of “the greater of $10,000 or $100 per day for each violation” as well as $2,500 in damages for multiple CIPA violations. The class of the lawsuit has not yet been decided, but the lawsuit argues that “millions” of people were unlawfully spied on.
Papa John’s did not reply to a request for comment.