Not everybody loves a good cookie, and plaintiffs’ lawyers are proving it. In California, routine website cookies, pixels, and analytics tools are increasingly being cited as evidence of illegal “interception” under the California Invasion of Privacy Act (CIPA), particularly when users were never given a meaningful choice.

Picture this: you run an online store. You add the Meta Pixel to track conversions and improve ads. It’s standard practice, until a demand letter arrives accusing you of “wiretapping” your own customers under a 1967 California privacy law.

The California Invasion of Privacy Act (CIPA) is keeping a lot of lawyers busy these days, and not just in California. We’ve seen clients receive demand letters from California plaintiffs' firms claiming that the use of third-party cookies, pixels, and other tracking technology on their websites violates CIPA by functioning as a “trap and trace” device.