Last month, a New Jersey federal judge applied Third Circuit precedent to hold that the California Invasion of Privacy Act (“CIPA”) does not impose liability for commonplace use of website marketing/analytics pixels under the well-established party exception.  Cole v. Quest Diagnostics, Inc., 2025 WL 88703 (D.N.J. Jan. 14, 2025).

The two plaintiffs in this case asserted, on behalf of a putative class, that Defendant Quest Diagnostics used a website pixel to track and collect data about their website activity for advertising purposes.  Plaintiffs claimed this violated CIPA on the theory that Quest Diagnostics aided and abetted alleged wiretapping of their communications with Quest Diagnostics’ websites.  The Court had initially denied Quest Diagnostics’ motion to dismiss plaintiffs’ claim.

On reconsideration, the Court ordered dismissal with prejudice to “correct a clear error of law” in its prior decision, which had “overlooked” the Third Circuit’s decision in In re Google Inc. Cookie Placement Consumer Privacy Litigation, 806 F.3d 125 (3d Cir. 2015).  As we reported here, CIPA recognizes a party exception, which provides that the recipient of a communication cannot be liable for recording its own communications.   In Google Cookie, the Third Circuit applied this exception to hold that Google was not liable for cookies on plaintiffs’ browsers that collected browsing data: “Google was itself a party to all the electronic transmissions,” because plaintiffs’ “browsers directly communicate with [Google] about the webpages they are visiting.”  The New Jersey district court applied the Third Circuit’s reasoning to hold that the pixel at issue here similarly directed plaintiffs’ browser to send plaintiffs’ data “directly” to the third party.  As a result, Quest Diagnostics could not be held liable for aiding and abetting wiretapping, because no wiretapping occurred.

Quest recognizes that the reasoning in Google Cookie finding no wiretapping in the context of cookies applies equally to website pixels.