Trap and Trace Class Action Against United HealthCare
Los Angeles law firm Tauler Smith LLP recently filed a trap and trace class action against United HealthCare. The national health insurance provider has been accused of collaborating with controversial social media company TikTok to unlawfully collect data from website visitors. These actions would constitute clear violations of the California Invasion of Privacy Act (CIPA), which prohibits companies from using website tracking software to gather personal information about customers. The plaintiffs in the digital privacy class action are pursuing substantial monetary damages for the alleged privacy breaches.
For more information about the lawsuit against United HealthCare, keep reading this blog. And to learn whether you might be eligible to join the class action, contact us directly.
What Is a Trap and Trace Device?
California Penal Code § 638.50(c), which is part of the California Invasion of Privacy Act (CIPA), places considerable restrictions on companies that use trap and trace devices. The statute defines a trap and trace device as “a device or process that captures the incoming electronic or other impulses that identify the originating number or other dialing, routing, addressing, or signaling information reasonably likely to identify the source of a wire or electronic communication, but not the contents of a communication.” A person, company, or other entity that wishes to use a trap and trace device must first obtain a court order.
The CIPA, codified as Cal. Penal Code 630, often serves as the basis for lawsuits against companies accused of unlawfully wiretapping or eavesdropping on customer conversations. The statute was enacted for the purpose of curbing the invasion of privacy that often results from the use of certain technologies that pose a threat to the free exercise of personal liberties. The CIPA extends civil liability for surveillance that uses technology generally, and the Trap and Trace Law specifically imposes civil liability and statutory penalties against companies that unlawfully install pen registers or trap and trace software without first obtaining a court order.
Consumer Protection Class Action Filed Against United HealthCare
The recent consumer protection class action lawsuit involving the trap and trace law was filed in the Los Angeles County Superior Court. The defendant in the case is United HealthCare Services, Inc., a private insurance company that provides health insurance plans to consumers. According to the lawsuit, United HealthCare installed a data collection process on its website, https://www.uhc.com, for the purpose of tracking and tracing the identity and source of visitors to the site. United HealthCare allegedly worked with scandal-ridden social media company TikTok to unlawfully share the customer data.
“Fingerprinting”
The software that United HealthCare installed on its website was created by TikTok for the purpose of identifying site visitors. The TikTok software on the United HealthCare website runs code via a process known as “fingerprinting” that enables the company to collect as much data as it can about anonymous site visitors, including device and browser information, geographic information, and URL tracking. This information is then matched with existing data that TikTok has previously acquired from hundreds of millions of Americans who use the social media platform.
Similar allegations of unlawful data collection in collaboration with TikTok have been made in other trap & trace class action lawsuits recently filed in California courts.
“Advanced Matching”
United HealthCare has also been accused of using trap and trace devices to help TikTok collect website visitor information via a process known as “Advanced Matching.” This is a feature that allows TikTok to scan the website for recognizable form fields containing confidential customer information, such as email addresses, phone numbers, and routing information.
Class Action Lawsuit: United HealthCare Surveilled Website Visitors Without Consent
Visitors to the United HealthCare website have a reasonable belief that their web activity will be secure because the website intake page informs users that the information they share is “secure.” But the California class action lawsuit against the health care provider alleges that this is false: customers’ personal information and activity on the site is scanned and sent to TikTok so that its source can be identified through fingerprinting and deanonymization. The lawsuit accuses United HealthCare of giving TikTok access to consumer data without obtaining express or implied consent.
TikTok’s “Best Practices” Policy
Alarmingly, TikTok allegedly has a “best practices” policy encouraging companies like United HealthCare to capture this customer data “as early as possible” and “as frequently as possible.” The class action lawsuit filed in the L.A. County Superior Court accuses United HealthCare of following TikTok’s best practices to help the social media company gather customer information as soon as a user visits the website: code on the site automatically sends information to TikTok to match the user with TikTok’s fingerprint.
By definition, there is no way for a site visitor to consent to the tracking of their activity because the TikTok software is deployed automatically when a user lands on the United HealthCare website. Site visitors have no way of knowing about the trap and trace devices, and United HealthCare does not even attempt to obtain visitors’ consent.
United HealthCare Accused of Unlawfully Sharing Customer Data with TikTok
Digital privacy is a growing concern for many Americans, particularly as more and more companies commit consumer fraud. One of the most troubling allegations against United HealthCare in the recent trap and trace lawsuit is that the company may be helping TikTok acquire personal information about website visitors. TikTok is owned by the Chinese government, and there are serious concerns that the social media company may be sharing user data with an adversarial foreign country. In fact, the U.S. Congress recently passed legislation that would require TikTok to be sold to a different entity or face a permanent ban in the United States. Additionally, the director of the National Security Agency (NSA) has identified TikTok as “a platform for surveillance” that poses a possible cybersecurity risk to the country.
The class action lawsuit against United HealthCare highlights a major problem with data collection on the United HealthCare website: user data is allegedly being shared with third parties who have the ability to harm California citizens through data aggregation. Moreover, the fact that this is a healthcare provider means that vulnerable American citizens could be targeted based upon their specific medical issues and uninsured status.
Plaintiffs Seek Monetary Damages for Violations of California’s Trap & Trace Law
The class action lawsuit against United HealthCare accuses the healthcare provider of violating California’s Trap and Trace Law. If United HealthCare is found liable in the civil suit, plaintiffs who visited the company’s website may be eligible for substantial monetary damages. That’s because the California Invasion of Privacy Act (CIPA) imposes both statutory damages meant to compensate victims and punitive damages meant to discourage future violators. The law also allows for successful plaintiffs to recover reasonable attorney’s fees and costs.
Did You Visit the United HealthCare Website? Contact the Los Angeles Consumer Protection Lawyers at Tauler Smith LLP
Did you visit the United HealthCare website and fill out any forms or provide any personal information? If so, you may be eligible to pursue monetary damages for an invasion of privacy violation. That’s because United HealthCare has been accused of using trap & trace technology to help third parties unlawfully collect the confidential information of website visitors.
The California consumer protection lawyers at Tauler Smith LLP are representing plaintiffs in a class action lawsuit against United HealthCare. For more information, call 310-590-3927 or email us.