The New Marketing Threat: The Legal Risk of Email Pixels

Organizations leveraging email marketing that includes tracking pixels should be paying attention to a new wave of class action lawsuits that may impact their marketing practices.  

The new class actions are similar to the Meta pixel cases we have seen filed under the California Invasion of Privacy Act in the U.S. and under GDPR in the EU. Throughout 2024, there have been a number of class actions filed against large retailers such as Patagonia, Home Depot, and TJX Companies (Marshalls, Home Goods, T.J. Maxx, etc.), alleging that certain uses of pixels in emails (described as “email spy pixels”) violate Arizona’s Telephone, Utility and Communication Service Records Act[1].

The Arizona law specifically prohibits, “knowingly procur[ing]… a public utility record, telephone record or communication service record of any resident of this state without the authorization of the customer to whom the record pertains or by fraudulent, deceptive, or false means.”[2] The Act  was initially enacted to cover unauthorized disclosure of “telephone records” and, in 2007, was later expanded to include “public utility records” and “communication service records”[3]. Critically, the Act provides for a private right of action.

The Complaints

The ongoing cases allege that the email pixels are invasive and the tracking of IP address, device ID, and logged general engagement metrics (i.e., time opened, time read, etc.) would constitute a “communication service record”.  The complaints allege that since companies failed to receive lawful, valid consent from the consumer, the use of email pixels  violates the Arizona law.

Some of the cases have a motion to dismiss pending, with the defendants arguing that the Act was intended for telecommunications carriers and that tracking whether an email is opened or read does not fit within the legislative definition of “communication service record”.

Potential Impact and Next Steps

These cases are still pending, however organizations should stay up to date as the outcome could have serious implications for organizations leveraging email marketing.  Potential impacts include:

  • The necessity to implement a geofencing solution for email marketing messages to Arizona residents;
  • Preparation for regulatory scrutiny, including maintenance of enhanced records of compliance, such as consent tracking;
  • Consideration of alternatives to email pixels that will provide similar levels of data.

Until a verdict is announced, businesses that are serving marketing emails to consumers in Arizona should assess whether email pixels are being used in their commercial emails.  In the event that they are, steps should be taken to evaluate the use and necessity of those pixels for Arizona residents, determine whether their use needs to be disclosed in the communications or platforms, and implement appropriate consent mechanisms. If you would like to discuss your company’s use of advertising technologies, contact Tueoris at bryttni.cimo@tueoris.com.


[1] Ariz. Rev. Stat. Ann. §44-1376 et seq.

[2] Id. at §44-1376.01.

[3] A communication service record is defined as “a record that includes subscriber information, including name, billing address, length of service, payment method, telephone number, customer IDs, bills or access logs, records of the path of an electronic communication between the point of origin and the point of delivery and the nature of the communication service provided, such as caller ID, automatic number ID, voice mail, email, paging or other service features.”

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Bryttni Cimo

Posted on

August 22, 2024