Plaintiff Alleges That Marriott’s Website Installed Tracking Software on Her Browser
Marriott International secretly deploys spyware on its website that accesses visitors’ devices and installs "pen register" and "trap and trace" tracking software that monitors and reports visitors’ online habits after they leave the website, alleged plaintiff Monica Sanchez’s California Invasion of Privacy Act complaint removed Monday (docket 2:24-cv-04882) to U.S. District Court for Central California in Los Angeles. “The harm caused by this intrusion is grave,” said the complaint, filed May 3 in Los Angeles County Superior Court. Law enforcement historically used pen registers to record the numbers of outgoing calls from a particular telephone line, while trap and trace devices were used to record the numbers of incoming calls to that same phone line, said the complaint. Individuals who use devices to connect to a website “are typically anonymous and expect to remain anonymous,” it said. But some “rogue” website operators secretly attach a “tracking beacon” to visitor devices that are then used to track and surveil users, it said. Using tracking software, a website owner “can correlate a grouping of fragments and the connections between them to create a unique digital profile of each individual website visitor,” in a process known as digital fingerprinting, it said. If a website owner can link a unique digital profile created by digital fingerprinting to a particular individual, the website owner “can assemble a detailed picture of a person’s private life,” including that person’s political and religious affiliations, said the complaint. Sanchez alleges that when she visited Marriott.com, the website’s code caused its tracking beacon to be installed on her browser, it said. Marriott and the beacon’s developer then used the beacon to collect the California resident’s IP address, it said. Marriott and the beacon’s developer also used the information collected to analyze website data and marketing campaigns, conduct targeted advertising, and ultimately boost Marriott’s revenue, it said. Sanchez didn’t give Marriott her prior consent to install or use the tracking beacon on her browser, nor did Marriott obtain a court order before installing or using the beacon, it said. Sanchez therefore has had her privacy invaded by Marriott’s violations of Section 638.51(a) of the California penal code, said the complaint. Marriott denies all of Sanchez’s alleged claims, any wrongdoing and that Sanchez is entitled to any relief, said its notice of removal.