Florida website tracking litigation is gaining momentum this year, with plaintiffs increasingly invoking the Florida Security of Communications Act (FSCA) to challenge common website analytics and advertising tools, especially where those tools allegedly capture and share sensitive user communications. The FSCA is an old state wiretap statute now aimed at modern website tracking. The FSCA provides for liquidated damages of up to $1,000 per violation.

Specifically,  a 2025 ruling resulted in a decision that changed Florida’s legal landscape and opened the door for a possible flood of FSCA claims. W.W. v. Orlando Health, Inc., No. 6-24-cv-1068-JSS-RMU, 2025 WL 722892 (M.D. Fla. Mar. 6, 2025). In Orlando Health, the plaintiff alleged that the defendant’s website intercepted communications about her healthcare treatment, then used that information for advertising purposes, and did so through third-party pixels that intercepted and transmitted the plaintiff’s communications with the website including “the plaintiff’s health conditions,” “desired treatment,” and “preferred doctors.” Id. at 2. The plaintiff further alleged the information was used to serve targeted advertisements.

The court cited the legislative intent of FSCA, emphasizing that the legislature specifically intended to protect private medical information. On that basis, the court concluded the plaintiff adequately alleged interception of contents under FSCA. In other words, the theory that the website tools captured substantive healthcare communications was sufficient, at least at the motion to dismiss stage. Since this decision, plaintiffs have filed hundreds of similar wiretap claims in small claims court under the FSCA arising out of website tracking technology. This may be a signal that Florida federal courts may allow similar privacy and wiretapping pleadings to survive early challenges.

The combination of alleged interception of content, the use of third-party pixels, and the statute’s liquidated damages framework are perhaps the driving forces for the emerging FSCA litigation trend.

Photo of Kathryn Rattigan Kathryn Rattigan

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security…

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security compliance. Kathryn helps clients review, revise and implement necessary policies and procedures under the Health Insurance Portability and Accountability Act (HIPAA). She also provides clients with the information needed to effectively and efficiently handle potential and confirmed data breaches while providing insight into federal regulations and requirements for notification and an assessment under state breach notification laws. Prior to joining the firm, Kathryn was an associate at Nixon Peabody. She earned her J.D., cum laude, from Roger Williams University School of Law and her B.A., magna cum laude, from Stonehill College. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Read more about Kathryn Rattigan
Show more Show less