Stripe—Stripe faced class action lawsuits alleging Stripe.js tracks users across websites and devices without consent
Multiple class action lawsuits were filed against Stripe alleging its JavaScript library (Stripe.js) collects user data beyond fraud prevention, including browsing behavior across websites. A 2021 California federal court ruled privacy claims could proceed, finding plaintiffs had not consented to data dissemination to third parties. A 2024 lawsuit against Crumbl Cookies alleged Stripe's tracking codes persist on browsers after purchases, enabling cross-device identification. Stripe maintains data collection is for fraud prevention.
Scoring Impact
| Topic | Direction | Relevance | Contribution |
|---|---|---|---|
| User Privacy | -against | primary | -1.00 |
| Overall incident score = | -0.662 | ||
Score = avg(topic contributions) × significance (medium ×1) × confidence (0.66)
Evidence (2 signals)
Class action lawsuit alleged Stripe's tracking codes persist on browsers and enable cross-device identification
A May 2024 class action lawsuit against Crumbl Cookies alleged Stripe's web-tracking technology secretly intercepts consumer activity, installs persistent tracking codes that remain after purchases, and enables cross-device identification. The suit claimed Stripe collects names, emails, addresses, IP addresses, and payment details through embedded tracking in merchant websites.
Federal court ruled Stripe must face consumer privacy claims over data collection on purchases
A California federal judge ruled that a potential consumer class action against Stripe could proceed with invasion of privacy claims. Judge Yvonne Gonzalez Rogers found that while users consented to Stripe collecting data, they did not consent to Stripe disseminating personal information to other third parties including merchants and customers.