Consent Via “Clickwrap” Defeats Privacy Claims–Javier v. Assurance
Assurance’s site included this screen display:
(Screenshot note: you see the hatted-A, which is normally an indicator of some formatting problem with the page. This suggests that the page didn’t load properly or this isn’t an authentic screenshot of what Javier saw. The court doesn’t address this defect with the screenshot, but I would have wanted to know more if I had been the judge).
Retroactive Consent. Javier claimed that ActiveProspect’s tracking started before he purportedly consented, so his consent came too late. The court responds:
The court adds in a footnote: “The data collection here occurred mere minutes and seconds before Javier gave consent during a single website visit. The Court does not address facts not before it, such as where data was collected months or weeks before.”
I’m not sure if this issue has been addressed in the literature. If not, writing about retroactive privacy consent sounds like a good paper topic. There are other scenarios to address. Could Assurance/ActiveProspect have cured the lack of consent if they immediately flushed the tracked data at the session end if Javier hadn’t asked to view his quote? Would a cookiewall or similar pop-up notification have provided sufficient consent to permit tracking immediately?
This ruling does not address the situation where a prospective customer visits the site but never clicks through the screenshot above. It appears Assurance and its vendor will still track and record the user, but the user won’t have consented via the “clickwrap,” but also wouldn’t receive any unsolicited phone calls because the user didn’t enter a phone number. What happens in that case? I wonder if Article III standing would pose a barrier there.
Case citation: Javier v. Assurance IQ, LLC, 2021 WL 940319 (N.D. Cal. March 9, 2021)