The Massachusetts Supreme Judicial Court appeared open to an interpretation of the state’s Wiretap Act that could impose enormous liability on businesses that discretely track online communication with their customers through advertising software.
“We can’t decide this case on the practical implications on others, and we should all check our websites,” Justice Dalila Argaez Wendlandt said during oral argument Wednesday in a case about whether New England Baptist Hospital and Beth Israel Deaconess Medical Center violated the Wiretap Act by using tracking technology on their websites.
The consequences of a violation of the Massachusetts Wiretap Act, which was drafted in 1968—decades before internet communication—are severe. Plaintiffs are entitled to the higher of $1,000 for each violation or $100 per day.
“This lawsuit is a little surprising to most web developers,” Wendlandt said.
While the justices appeared concerned about the sweeping implications that applying the law to online consumers’ communications could have on businesses, they looked for justification to limit the application of any ruling to future cases rather than applying it retrospectively. The justices also seemed to believe there should be a distinction between liability for a hospital using tracking software on a webpage that merely posts the “hours of operation of its gift shop,” as Justice Frank Gaziano suggested, and a webpage that engages a consumer in a conversation, like a chat window.
“Doesn’t it have to be a two way communication” to implicate the statute, Justice Scott Kafker asked the consumer’s attorney, Shapiro Haber & Urmy LLP Partner Patrick Vallely.
David Quinn Gacioch, a McDermott Will & Emery partner representing the two hospitals being sued, said the plaintiff did not allege that she engaged in a back-and-forth, but rather “that she browsed the website to review preexisting content.”
Vallely said this interaction still constitutes a conversation that implicates the state wiretapping statute.
New England Baptist Hospital “allows technology companies to eavesdrop on highly sensitive communications” between the business and the website user, including inquiries about health and treatment, said Vallely.
The consumer, Kathleen Vita, brought her lawsuit following an $18.4 million settlement in a case against Partners Healthcare and Dana-Farber Cancer Institute that, according to New England Baptist, revealed “the magnitude of potential liability under the Act as applied to public website browsing in 2023.”
To side with the consumers would be to find that this type of “massive civil liability and criminal exposure” for a widespread practice is “not absurd,” said Gacioch.
The case is Vita vs. New England Baptist Hospital, Mass., No. SJC-13542, oral argument 4/3/24.
To contact the reporter on this story:
To contact the editor responsible for this story:
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.