Massachusetts’ Supreme Court recently entertained the notion that a law dating back to the 1960s, originally intended to prevent eavesdropping on phone calls and telegraphs, might also encompass the collection of users’ browsing data by website operators without their explicit consent.
This potential interpretation emerged during oral arguments as the court considered two proposed class action lawsuits accusing hospitals of violating the Massachusetts Wiretap Act by allowing third-party companies, such as Meta Platforms (Meta) and Alphabet’s Google, to gather data on website visitors.
The lawsuits, filed by Kathleen Vita in 2023, allege that Beth Israel Deaconess Medical Center and New England Baptist Hospital unlawfully transmitted users’ browsing activities to Google and Meta without authorization.
While the trial court refused to dismiss the cases last year, citing the applicability of the wiretap law to internet tracking, the hospitals’ lawyer argued that such an interpretation was absurd given the law’s origins preceding the internet era.
However, some justices on the Supreme Judicial Court appeared receptive to the idea of extending the law’s coverage to modern technological advancements, citing a previous decision in 2013 that applied the law’s protections to cell phones and text messages.
Justice Frank Gaziano emphasized the need to adapt to contemporary methods of communication, suggesting that traditional notions of wiretapping no longer apply in today’s digital landscape.
The case has drawn significant attention from industry groups, including the U.S. Chamber of Commerce and National Retail Federation, who caution against the potential ramifications of holding website operators liable for using popular analytics tools like Google Analytics and Meta Pixel.
Similar cases filed
While similar cases have been filed across the country, some courts have dismissed them.
The Chamber of Commerce expressed concern that the Massachusetts lawsuits could reverse this trend, exposing numerous commercial website operators to legal jeopardy.
Plaintiffs’ lawyer Patrick Vallely argued that the essence of the case lies in hospitals enabling technology companies to eavesdrop on sensitive communications between healthcare consumers and providers.
Conversely, the hospitals’ attorney contended that the use of analytics technology fell within the exemption for activities conducted in the ordinary course of business, such as website development and marketing.
During the proceedings, Justice Scott Kafker questioned whether selling information to ad agencies or Google aligned with a hospital’s core business activities.
Justice Dalila Argaez Wendlandt also expressed skepticism regarding the defense’s arguments but suggested a prospective ruling could mitigate the potential for damages against website operators.
By making the ruling prospective, the court could afford website operators the opportunity to adjust their practices accordingly.
The outcome of this case, Kathleen Vita v. New England Baptist Hospital, et al, holds significant implications not only for the hospitals involved but also for website operators across Massachusetts. It underscores the evolving legal landscape surrounding online privacy and the extent to which longstanding laws can be adapted to address modern technological practices.
