Harriet Carter Gifts and Navistone are the defendants in a proposed class action that alleges the consumer data broker was hired by the former to intercept and record the communications of visitors to HarrietCarter.com without the users' consent to do so.
According to the lawsuit, which has been removed to Pennsylvania federal court, Navistone “intercepted Harriet Carter website visitors’ keystrokes, mouse clicks, and other electronic communications” in real time in an effort to collect personally identifiable information (PII). Such conduct constitutes a violation of the Pennsylvania Wiretapping and Electronic Surveillance Control Act, the lawsuit argues. Navistone, according to the suit, obtains consumer information via code installed on Harriet Carter’s website, which apparently spies on visitors in real time by “reporting every keystroke and mouse click to the Navistone server”—regardless of whether a user hits “submit” on an order.
“As deployed,” the complaint reads, “Navistone's remote code (deployed by Harriet Carter) functions as a real-time wiretap of users' IP address, keystrokes, and PII and tracks all pages that the user navigates to on the site, linking the user with their potential interest in Harriet Carter products for the purpose of Harriet Carter target-marketing its products to its website users.”
As the case tells it, Navistone maintains a back-end database that houses data and profiles on consumers across the country.No strangerto potentialclass actionlitigation over the allegedsurreptitious trackingofwebsite users, Navistone has reportedly encoded hundreds of other websites with similar code and for similar data-mining reasons. The code itself, the lawsuit says, can only be accessed using a browser’s developer tools.