Skip to content

December 4, 2017

Casper’s mattresses may be comfortable, but its alleged data collecting isn’t

by John_A

Casper may want its customers to get a good night’s rest on its mattresses, but no matter how comfortable these beds might be, Casper’s alleged practice of illegally collecting customer data may make it hard to sleep soundly. The bed in a box company is now facing a federal lawsuit that accuses it and software company NaviStone of collecting information from visitors to the Casper website to try to determine their identities.

The lawsuit, which is seeking to be granted class-action status, claims that New Yorker Brady Cohen visited casper.com “several times over the past six months while he was shopping for a new mattress,” as CBS reported. But what Cohen (and most customers) didn’t realize was that Casper utilized NaviStone’s technology to figure out Cohen’s personally identifiable information (PII), such as his name and postal address, all without his explicit consent. The lawsuit alleges that Casper can keep tabs on a user’s keystrokes, mouse clicks, and more, helping the company obtain detailed data on user habits.

As the filing asserts, “…when connecting to a website that runs this remote code from NaviStone, a visitor’s IP address and other PII is sent to NaviStone in real-time. This real-time interception and transmission of visitors’ electronic communications begins as soon as the visitor loads casper.com into their web browser.” It continues, “The intercepted communications include, among other things, information typed on forms located on casper.com, regardless of whether the user completes the form or clicks ‘Submit.’”

Casper, for its part, has denied the charges, branding them as nothing but a “blatant attempt to cash in on and extort a successful, high-growth startup.”  And for its part, NaviStone also seems surprised by the lawsuit. The company readily admits on its site that it allows clients to reach “previously unidentifiable website visitors,” but that it still complies with privacy laws.

“The first NaviStone heard of this lawsuit was when it was filed,” NaviStone said in a statement. “As a result, we have not had the opportunity to speak to the plaintiff or his attorneys about their concerns. We are hopeful that, once that conversation takes place, we can clear up any misunderstandings they may have regarding what NaviStone does — and does not.” All the same, NaviStone has come under fire this year, particularly after Gizmodo published a story on the 100-plus companies that appear to use the company’s code. Since that piece ran, companies including Wayfair and Road Scholar have revealed that they no longer use NaviStone, and just maybe, Casper will follow.

Editors’ Recommendations

  • Google’s Waymo vs. Uber: Everything you need to know
  • Here’s how to clear cookies so your browser doesn’t get fat from the munching
  • Apple AR glasses: News and rumors about ‘Project Mirrorshades’
  • This real-time map of antivirus fails is roasting MalwareBytes’ competitors
  • Amazon’s patent for 1-click buying just expired, so hold onto your wallets




Advertisements
Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: