SoylentNews is people
SoylentNews
Intel is among the growing list of companies being sued for allegedly violating American wiretapping laws by running third-party code to track interactions, such as keystrokes, click events, and cursor movements, on its website.
The plaintiff, Holly Londers, claims she visited Intel's website approximately a dozen times in the twelve months to January 2021, and during those visits the chip maker "utilized tracking, recording, and/or 'session replay' software to contemporaneously intercept [her] use and interaction with the website, including mouse clicks and movements," and information that she input, pages visited and viewed, and dates and times of visits.
The lawsuit has been brought under the 2020 Florida Security of Communications Act, which makes it a crime to intentionally intercept another person's electronic communications without prior consent.
Londers's complaint does not specify the session replay software involved but The Register understands from a conversation with one of the attorneys involved that it's believed to be Clicktale, which was acquired in 2019 by Contentsquare, a maker of similar analytics software.
[...] However, the attorney on the Florida case who spoke with The Register said the central issue is whether website visitors gave informed consent. And he voiced optimism that the Florida cases will survive motions to dismiss because Florida's wiretapping law is a strong consumer protection statute.
Since Cohen v. Casper Sleep (2017) in New York, there have been at least two dozen such wiretapping privacy claims, mostly in California and Florida – both states with applicable privacy statutes. Those who have been sued over this include Banana Republic, Blizzard, CVS, Fandango, Foot Locker, Frontier Airlines, General Motors, Home Depot, Old Navy, Nike, Norton, Ray-Ban, T-Mobile, and WedMD, among others.
The New York case was dismissed in 2018 for failure to properly state a claim [PDF]. But most of the California and Florida cases continue to plod along and may yet make it to trial, or more likely, settlement.
These claims got a boost from the 2020 Ninth Circuit Court of Appeals decision [PDF] that refused to dismiss wiretapping claims against Facebook for tracking people even when they've logged out of the social networking service. A week ago, the US Supreme Court declined to hear Facebook's appeal to undo that decision.
[...] The Register asked Intel and Contentsquare to comment on the wiretapping lawsuit, and both companies declined. ®
Get ourTech Resources
(Score: 2) by KilroySmith on Tuesday March 30 2021, @07:50PM (10 children)
I'm not involved in web development, or website analytics, so I'm throwing this out for those who are.
What useful information does a website get from "keystrokes, click events, and cursor movements" that goes above and beyond the information they'd get natively from navigation? Sure, you can tell that I clicked in the "Username" field, and typed in my username, but you'd get that anyway when I hit enter. Why would they pay for analytics that make the user experience slow, laggy, and painful, and what do they get out of doing so?
(Score: 0) by Anonymous Coward on Tuesday March 30 2021, @08:06PM (6 children)
- find errors or pinpoint areas of confusion on input forms
- see how users engage with a page, what is interesting or where they leave the page
(Score: 1) by Ethanol-fueled on Tuesday March 30 2021, @08:17PM (3 children)
- Identifying cross-site users by their unique fingerprint
(Score: 0) by Anonymous Coward on Tuesday March 30 2021, @09:29PM (2 children)
That's not what these telemetry analytics are for. Don't get your evils confused.
(Score: 2, Insightful) by Ethanol-fueled on Tuesday March 30 2021, @09:48PM (1 child)
I meant to say that certain patterns of timing and movement could identify 1 or more users, or a group of specific users at least with a large sample size.
I wasn't referring to browser/configuration fingerprinting. But if you still mean what you said I'll take your word for it. Intel, after all, seems more interested in furthering the woke agenda [techspot.com] rather than making decent silicon. No surprise given that they are a Jewish company, but their declining dominance in silicon is suspect. Perhaps they're getting low-key sanctioned for collaborating with the enemy, or otherwise releasing or getting their backdoors hacked to unfriendly nations who used it to their advantage.
(Score: 1, Informative) by Anonymous Coward on Tuesday March 30 2021, @11:43PM
Intel has been taken over by people who do not view engineering as the key, overwhelming focus of the company, as is obvious by your link. They got so big and wealthy, they thought they couldn't fail. Well, they can and they have for years now. Wokeness does nothing to get you to the next design node.
(Score: 1, Interesting) by Anonymous Coward on Tuesday March 30 2021, @09:58PM (1 child)
- stealing your passwords for credential stuffing attacks, because they can see what you typed in the password field
(Score: 0) by Anonymous Coward on Tuesday March 30 2021, @10:34PM
You mean those ⬤⬤⬤⬤⬤⬤⬤⬤⬤?
(Score: 0) by Anonymous Coward on Tuesday March 30 2021, @08:21PM
"What is the best location to place button X when we compare experiment A against control C? How many more people find/don't find the button?"
I mean, they're fiddling with match-sticks anyway. It's bullshit and numbers for numbers' sake. They got onto the bandwagon of "telemetry inherently makes you product better by just being present and therefore we must telemetrize". In the end, does it matter? Not really...
(Score: 2, Interesting) by Anonymous Coward on Tuesday March 30 2021, @08:40PM (1 child)
There are a few valid security reasons (and I played around with it briefly strictly for that purpose) but it is a deep rabbit hole and there are plenty of easier, less intrusive methods. I don't use any trackers -- but if there is a hack attempt (normally script kiddies) I record and retain the ip address and URL indefinitely. Keep at it and the i.p. automatically gets blocked for a few days.
But imo this "wiretapping" absolutely pales in comparison to all the other Orwellian b.s. going on.
(Score: 2) by HiThere on Tuesday March 30 2021, @10:51PM
While true, you can't prosecute unless someone has passed a law that enables this.
Yeah, there's lots worse stuff. But much of that isn't legally actionable. If this is, then go for it.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.