Lewis Roca Blog

Plaintiffs’ counsel have developed a new weapon in their arsenal for privacy litigation involving tracking pixels:  Arizona’s “Telephone, Utility and Communication Service Records Law,” A.R.S. § 44-1376 et seq. 

Privacy Litigation Regarding Tracking Pixels

Over the past few years, numerous businesses have been hit with putative class-action lawsuits asserting that their use of tracking pixels and related tools for digital analytics is unlawful under various state or federal privacy laws or regulations.  Until recently, relatively few of those cases had been filed in Arizona courts or under Arizona law. 

In the past few weeks, however, multiple such cases have been filed in Arizona courts, asserting claims under Arizona law, including A.R.S. § 44-1376 et seq.  Among other things, plaintiffs in these cases assert that businesses using tracking pixels are violating the Arizona Telephone, Utility and Communication Service Records Law, which was enacted in 2006, because they are knowingly procuring “communication service records” (as defined in the statute) without customer authorization or by deceptive means.  

As a result of these cases, and because neither the law nor plaintiffs’ theories have been thoroughly tested at this point, it appears that Arizona might become a new battleground for nationwide privacy litigation.

If you have been sued for an alleged violation of A.R.S. § 44-1376 et seq., or if you have questions about Arizona privacy law, please contact John Gray, CIPP/US, or another member of Lewis Roca’s Data Privacy and Cybersecurity Group. As the chair of Lewis Roca’s Data Privacy and Cybersecurity Group, John represents clients in various regulatory investigations and litigation matters relating to privacy or data-protection issues, including data-breach class actions. He also advises clients on compliance with the California Consumer Privacy Act (CCPA), the EU’s General Data Protection Regulation (GDPR), and various other laws and regulations pertaining to data privacy and protection.

Lewis Roca’s Data Privacy and Cybersecurity Group has extensive experience navigating the cybersecurity and data privacy issues associated with regulated industries and general business operations. Our lawyers successfully protect and defend clients’ most confidential data, relying on our technical training in electrical engineering and computer science as well as certifications from professional privacy organizations. We routinely review and follow the multitude of cybersecurity and data privacy laws at the federal and state level in the United States in addition to those pursuant to key international regulations.