The Perplexity CIPA Lawsuit Affirms that Tracker and Consent Risk Continues to Be a Theme of 2026

A lawsuit against Perplexity applies a traditional privacy theory to a new setting: tracking technology inside a high-trust user experience.

In Doe v. Perplexity AI, Inc. et al., filed March 31, 2026 in the Northern District of California, the plaintiff alleges that Perplexity disclosed users’ conversations and identifiers to Meta and Google without consent and asserts claims under CIPA (California’s Invasion of Privacy Act) and other privacy-related theories.

The Alleged Tracking Stack

The complaint identifies a comprehensive set of tracking technologies deployed on Perplexity’s platform:

• Meta Pixel — Facebook’s tracking pixel for conversion measurement and retargeting
• Google Ads — Advertising conversion tracking
• Google DoubleClick — Display advertising and remarketing
• Meta’s Conversions API — Server-side event tracking to Meta
• Firebase — Google’s mobile and web app development platform with analytics
• Google Analytics — Standard web analytics

The complaint alleges those tools began sharing data with these parties as soon as a user landed on the homepage, before the user clicked a button or entered a prompt. It further alleges that once users began interacting with the product, Perplexity disclosed opening prompts, follow-up questions, email addresses, cookies, and other identifiers to Meta and Google for advertising and analytics purposes.

Consent Problems

The complaint also alleges significant consent failures:

• Users were not adequately informed that their conversations and related data would be disclosed to third parties
• Some sign-up flows did not require affirmative agreement to terms or privacy disclosures before use

Those allegations have not yet been proven out by law, but the complaint should put organizations on notice that CIPA complaints are no longer a fringe risk.

A Growing Trend

We’re not surprised. For the last six months we’ve seen wiretapping claims increase in both volume and size of targeted organizations. Reuters recently noted that pixel-tracking litigation continues to expand in 2026, with disputes often focusing on whether companies deployed tracking tools in ways users did not expect, especially where sensitive information may be involved.

Reuters also points to a practical problem many organizations know well: tracking technologies can accumulate across tags, plug-ins, marketing tools, and app components over time, making them difficult to fully map or govern internally.

In practice, that means some deployments may sit outside normal governance channels and become hard for legal, privacy, security, or leadership teams to see clearly.

What Organizations Should Do

A focused web-tracking audit can test the site or app as it actually behaves:

1. Identify what loads before consent — Test in a pre-consent state to catch premature tracking
2. Show where data is going — Map all third-party data flows
3. Surface undocumented tools — Find tracking technologies that may not be fully documented internally
4. Capture archival proof — Document behavior with artifacts that can be used to efficiently resolve legal complaints

If issues are found, remediation can narrow or remove unnecessary tracking from sensitive workflows, or prompt a change of terms or consent conditions.

The Bottom Line

The Perplexity case is still in the complaint phase, leaving us to see how parties and the court treat this cause of action. However, this is a good reminder that from small to large organizations, privacy risk often comes from ordinary technical choices that stay unnoticed until someone looks closely.

If your organization hasn’t looked closely at your tracking, consent, and terms of use choices — with artifacts to prove behavior — it’s past time to mitigate this risk.

Footnotes:

• The Doe v. Perplexity AI, Inc. et al. complaint can be found here
• The Reuters article can be found here

If resolving risks related to tracking have stalled or have not started in your organization, review our Web-Tracking Services page for the process we use, and feel free to contact us if you need additional support.