• by Wendy Davis , 4 hours ago

Siding against the University of Phoenix, a federal judge ruled this week that the company must face a privacy lawsuit over allegations that it disclosed data about students' video-viewing activity to Facebook via its analytics software -- the Meta pixel.

The ruling stemmed from a class-action complaint filed last year by Illinois resident and University of Phoenix enrollee Janielle Dawson, who said her courses included prerecorded videos. She alleged that every time she used the school's website, it ran tracking software from outside companies -- including Meta's Facebook.

Among other specifics, Dawson alleged that the school transmitted her Facebook ID -- a series of numbers tied to her Facebook account -- combined with her video-viewing history, to Meta Platforms.

Her complaint included claims that the University of Phoenix violated federal and Illinois wiretap laws -- which prohibit electronic eavesdropping -- and the federal Video Privacy Protection Act. The video privacy law, which dates to 1988, prohibits video providers from disclosing consumers' personally identifiable video-viewing history without their consent.

The lawsuit is one of numerous privacy cases filed in the last several years over online tracking technology.

The University of Phoenix urged U.S. District Court Judge Mary Rowland in the Northern District of Illinois to dismiss the case at an early stage. The school contended that even if the allegations in the complaint were proven true, they wouldn't show that the company violated the video privacy law or wiretap laws.

The school raised numerous arguments in support of its bid for dismissal -- including that a federal appellate court in New York ruled last year that companies don't violate the Video Privacy Protection Act by transmitting video viewers' Facebook IDs to Meta.

The 2nd Circuit Court of Appeals said in that matter that a consumer's Facebook ID is not "personally identifiable" because it wouldn't allow an "ordinary person" to figure out the consumer's name.

Rowland disagreed with the 2nd Circuit's conclusion.

She ruled that "personally identifiable" information includes information that is capable of identifying someone, as opposed to information that in itself identifies someone.

"Concluding otherwise would defy common sense and allow a [video provider] to skirt liability by disclosing information other than names that readily can be used to identify a consumer," she wrote.

The ruling allows Dawson to proceed with the allegation that the school wrongly shared data with Meta.

Dawson additionally alleged in the complaint that the school violated the video privacy law by sharing data with other tech companies via their analytics software -- including Google, LinkedIn and TikTok. But Rowland said Dawson couldn't proceed with the video privacy claim against those other companies because the complaint failed to spell out how they could have identified her.

University of Phoenix also unsuccessfully urged Rowland to dismiss the wiretap claims, arguing that both the federal and Illinois statutes allow interceptions of electronic communications as long as one party consents. The school argued that because it was a party to the alleged data transmissions -- and, according to the complaint, consented to the data transfers -- the claims should be dismissed.

Rowland rejected that argument for now, ruling that Dawson could move forward with wiretap counts regarding alleged disclosures to Facebook, Google and other tech companies.