January 31, 2023

Volume XIII, Number 31


January 30, 2023

Subscribe to Latest Legal News and Analysis

Third Circuit Denies Rehearing En Banc, Amends Opinion in Key Pennsylvania Wiretap Case Over Internet Third-Party Marketing

Last week, the United States Court of Appeals for the Third Circuit denied rehearing en banc in a case about the application of Pennsylvania’s Wiretapping and Electronic Surveillance Control Act (“WESCA”), 18 Pa. C.S. § 5701 et seq., and issued an amended opinion to “clarify issues raised” by the defendants—an online retailer and an internet marketing company. The order leaves in place the Third Circuit’s August 2022 judgment in favor of the plaintiff consumer, which held that, dependent on further fact finding, defendants may be liable under WESCA for “intercepting” the consumer’s interactions with the retailer’s own website.

In Popa v. Harriet Carter Gifts, Inc., No. 21-2203, 2022 U.S. App. LEXIS 28799 (3d Cir. Oct. 18, 2022), the plaintiff visited and interacted with retailer Harriet Carter’s website. Harriet Carter’s website contained JavaScript code that sent an HTTP GET request to defendant third-party marketer NaviStone, which in turn loaded cookies and code on the plaintiff’s browser that sent details on the plaintiff’s website interaction to NaviStone’s servers in Virginia. Plaintiff alleged that the defendants were liable under WESCA for “intercept[ing]” the plaintiff’s electronic communications (NaviStone) or “procur[ing]” another to “intercept” the communications (Harriet Carter).  

The District Court granted summary judgment in favor of the defendants by holding that (i) NaviStone could not have “intercepted” communications under WESCA because it was a direct recipient of the communications and (ii) NaviStone acquired any communications in Virginia, where its servers are located, not Pennsylvania.

The Third Circuit, however, vacated and remanded the District Court’s grant of summary judgment.  

As more fully addressed in the amended opinion, the Third Circuit held that a 2012 amendment to WESCA—which added an “intended recipient” exception to the definition of “intercept,” but only for law enforcement officers—meant that the defendants could not “avoid liability merely by showing that [plaintiff] unknowingly communicated directly with NaviStone’s servers.”  

The Third Circuit also held that the situs of an online “interception” under WESCA is not where the servers are located, but “the point where [defendant] routed th[e] communications to its own servers.” 

Because no evidence was in the record as to where the plaintiff’s browser was located when NaviStone’s code was loaded, the Court remanded for further factfinding. Although the Third Circuit rejected the bases for the District Court’s judgment, it left open on remand the possibility that Harriet Carter’s privacy policy sufficiently alerted the plaintiff about the interception so as to constitute “prior consent” to an interception under WESCA (and thus absolving defendants of liability).

As the defendants’ rehearing briefing noted, Popa has already proven to be a significant case for the plaintiffs’ bar in Pennsylvania. Since the Third Circuit’s original opinion in August, over ten cases alleging similar WESCA violations have been filed in federal courts in Pennsylvania. See Defendants’ Fed. R. App. P. 28(j) Letter, Popa v. Harriet Carter Gifts, Inc., No. 21-2203 (3d Cir. Sept. 23, 2022), ECF No. 82-1 (collecting cases). Most notably, this decision has spawned more complaints involving the use of session replay software, an emerging privacy litigation field. Because session replay software is frequently used by the operators of commercial websites to enhance the experience of website visitors, it is broadly used across industries—making many take note of the rise in claims and accompanying litigation risk. 

For more on this developing area of privacy litigation and other related topics, stay tuned. CPW will be there to keep you in the loop.

© Copyright 2023 Squire Patton Boggs (US) LLPNational Law Review, Volume XII, Number 299

About this Author

Kristin L. Bryan Litigation Attorney Squire Patton Boggs Cleveland, OH & New York, NY
Senior Associate

Kristin Bryan is a litigator experienced in the efficient resolution of contract, commercial and complex business disputes, including multidistrict litigation and putative class actions, in courts nationwide.

She has successfully represented Fortune 15 clients in high-stakes cases involving a wide range of subject matters.

As a natural extension of her experience litigating data privacy disputes, Kristin is also experienced in providing business-oriented privacy advice to a wide range of clients, with a particular focus on companies handling customers’ personal data. In this...

James M. Brennan Litigation Lawyer Squire Patton Boggs

James (Jim) Brennan is an associate in the Litigation Practice Group, where he represents clients in complex commercial litigation matters in state and federal courts. Prior to joining the firm, Jim clerked for Chief Judge D. Brooks Smith of the US Court of Appeals for the Third Circuit. Before that, he was an associate at an AmLaw 100 law firm in New York City.