Foot Locker Is the Latest Retailer Accused of Violating Consumer Privacy Law In New Suit

A new lawsuit is accusing Foot Locker of violating consumer privacy law.

In a complaint filed in a California District Court on Monday, a plaintiff said the footwear retailer “covertly wiretaps the personal conversations of all visitors” who use the chat feature on its website without their consent and allows at least one third party company to “eavesdrop” on these communications and use the data for their own gain. According to the complaint, Foot Locker’s actions constitute a violation of the the California Invasion of Privacy Act (CIPA), which prohibits wiretapping and eavesdropping of digital communications without the consent of all parties.

The suit say it believes the third party listener is either software platform Smooch or Zendesk — or both.

“Visitors often share highly sensitive personal data with Defendant via the website chat feature,” the complaint noted. “Visitors would be shocked and appalled to know that Defendant secretly records those conversations, and would be even more troubled to learn that Defendant allows a third party to eavesdrop on the conversations in real time to harvest data from the chat transcripts under the guise of ‘data analytics.'”

FN has reached out to Foot Locker for a comment.

According to the complaint, which is seeking class action status, at least 5,000 people were impacted and entitled to $5,000 each in statutory damages, which would result in a total of $25 million in cost to Foot Locker.

With this lawsuit, Foot Locker is the latest retailer to be accused of violating consumer privacy law via its digital properties. In November, Crocs and Adidas were named in two separate class action lawsuits alleging that both brands violated consumer privacy law.

The suit against Crocs alleges that the clog maker “secretly wiretaps the private conversations of everyone who communicates through the chat feature” on its website and that it allows a third party to listen into these conversation in real-time without consumer consent to “harvest data for financial gain.” The suit against Adidas also accuses the brand of illegally wiretapping visitors’ conversations, communications and mouse clicks on its website and sharing the data with its third party technology partners.

Access exclusive content