Is Your Video History Really Private? What The Athletic Lawsuit Reveals About Hidden Data Sharing

Every time you click “play” on a video, whether it’s a game recap, a press conference, a highlight reel, or an investigative story, you probably assume only you and your device know what you watched, but behind the scenes, most online streaming platforms quietly run dozens of tracking tools that collect, store, and transmit your viewing behavior.

For years, this was invisible to users. But a wave of lawsuits, including the one against The Athletic, is exposing just how much information websites have been funneling to Facebook, advertisers, and data analytics companies, often without clear consent.

Today, millions of sports fans are learning a hard truth: your video history may not be nearly as private as you thought.

How Video Viewing Data Can Identify Specific Users

It might seem harmless that a website knows which videos you’re watching. But the moment a company links your viewing history to something that identifies you, such as your Facebook ID, email address, or device identifiers, that data becomes highly sensitive and highly valuable.

Here’s why:

Tracking the exact videos you watch reveals patterns about your interests, habits, beliefs, and personal routines. When paired with identifiers, it can outline:

• What teams or players you follow
• When and how often you engage with content
• Your location or device
• Your browsing behavior across websites
• Your inferred demographic information

This level of detail is exactly why federal privacy law steps in.

What “Personally Identifiable Information” Means Under the VPPA

The Video Privacy Protection Act (VPPA) was designed to prevent companies from secretly sharing consumers’ video-watching histories with third parties. Under the law, “personally identifiable information” (PII) is defined broadly. It includes anything that can identify you as the person who watched a specific video.

Examples of PII under the VPPA include:

• Your name
• Email address
• Device IDs
• IP addresses
• Cookies associated with your profile
• Facebook IDs
• Login information
• Any code or marker that ties you to your video activity

Even something as simple as a hidden cookie or pixel that transmits your Facebook user ID alongside your viewing history qualifies as a violation.

This is why the allegations against The Athletic are so significant: the claim argues the site paired video titles with users’ Facebook identifiers and sent them to Meta without proper consent.

How Websites Use Tracking Pixels and Cookies to Send Data to Facebook or Advertisers

Most consumers have never heard of “tracking pixels,” but these tiny pieces of code are embedded across thousands of websites, often without users realizing it.

Here’s how they work:

1. You visit a website and watch a video.
    
2. The site’s tracking pixels or cookies automatically fire in the background.
    
3. These trackers collect data such as:
   • Which video you viewed
   • How long you watched
   • Your device details
   • Whether you were logged into Facebook
      
4. The pixel then sends that information to Meta, advertisers, analytics vendors, and other third parties.
    

Some pixels, even ones placed by accident, collect far more information than companies intend. But regardless of intent, transmitting your viewing history without explicit written consent can violate federal law.

Why Users Rarely Realize Their Data Is Being Shared

If this kind of tracking sounds invasive, that’s because it is. So why don’t most people know it’s happening?

Because companies rarely make it obvious.

Common reasons include:

1. Consent notices are vague or hidden

“By using this site, you agree to our terms” is not clear consent for sharing video-watching history.

2. Privacy policies are long, confusing, and outdated

Many policies never mention pixels or specify what data is being sent to Facebook.

3. Tracking happens silently

There’s no pop-up, no alert, and no checkbox when pixels activate.

4. Companies themselves may not realize what the technology is sending

Third-party tools can over-collect data, leading to unintended privacy violations.

The Athletic case brought these issues into public view, showing how easily companies can mishandle information users never knew they were sharing.

The Athletic Case as a Wake-Up Call for Subscribers

For readers who watched videos on The Athletic, this lawsuit is a clear signal: you can no longer assume that your viewing history is private.

Claims allege that The Athletic:

• Collected users’ viewing histories
• Paired those histories with Facebook identifiers
• Transmitted that data to Meta
• Did so without obtaining the required written consent

Because The Athletic is owned by The New York Times, the case also raises questions about how other large media providers manage user data.

The VPPA exists to stop precisely this kind of conduct, and it gives users powerful legal tools, including the right to seek $2,500 per violation.

Millions of readers may be eligible.

What Consumers Can Do to Reclaim Control Over Their Privacy

You don’t need to be a tech expert to protect yourself. These steps can help you reclaim privacy today:

1. File a VPPA claim if you watched videos on The Athletic

This allows you to exercise your full rights under federal law and potentially receive compensation.

2. Adjust your Facebook privacy settings

Disable tracking and unlink third-party app permissions you don’t recognize.

3. Clear cookies regularly

This reduces the amount of persistent tracking data tied to your identity.

4. Use privacy-focused browsers or extensions

Tools like tracker blockers and privacy-first browsers limit the data companies can access.

5. Review your subscriptions and app permissions

Many sites track far more than they need to provide basic service.

6. Know your rights under the VPPA

You can request that companies delete your viewing history and stop sharing your data.

The more consumers take action, the more pressure companies face to be transparent.

What counts as “video history” under privacy law?

Any record of the videos you watch qualifies, including titles, descriptions, timestamps, progress data, and viewing patterns. If a website tracks and stores what you watched, it counts as video history under the VPPA.

How can companies link my viewing data to my identity?

They do it using identifiers such as:

• Cookies
• Login information
• IP addresses
• Facebook IDs
• Device advertising IDs

Once these markers are paired with your viewing data, it becomes personally identifiable.

Is this kind of tracking common across streaming sites?

Yes. Many websites use Facebook Pixel, Google Analytics, or similar tools. These services often collect more information than users realize. The Athletic case is one of many recent VPPA lawsuits targeting this exact practice.

Why does Facebook collect this data?

Meta uses viewing data to:

• Personalize ads
• Build behavioral profiles
• Track engagement across the web
• Sell targeted advertising services

Facebook’s business model relies heavily on collecting data about user interests, including what they watch.

How does the VPPA stop companies from doing it?

The VPPA prohibits companies from sharing a user’s viewing history along with identifiers that can reveal who watched. Violations can result in statutory damages of up to $2,500 per user, plus attorneys’ fees.

What if I never gave written consent?

If you didn’t explicitly agree in writing to have your viewing data shared, the company may have violated the VPPA. Generic privacy policies or cookie banners are not considered valid consent under this law.

Can I request that a company delete my viewing history?

Yes. Under the VPPA and many state privacy laws, you have the right to request deletion of your stored video history. Companies must comply or provide a valid reason for refusal.

Are browsers like Safari or Chrome safer for privacy?

Safari blocks many trackers by default. Chrome is improving but still allows substantial tracking unless you adjust settings. Privacy-focused browsers like Firefox or Brave offer even stronger protections.

Could this lawsuit force platforms to be more transparent?

Yes. These cases often lead companies to:

• Remove tracking pixels
• Update consent processes
• Change data-sharing policies
• Stop sending video data to Facebook

VPPA lawsuits frequently trigger industry-wide reforms.

What steps can I take to protect my viewing information today?

You can:

• File a VPPA claim if you may have been affected
• Clear cookies and tracking data
• Limit Facebook’s ability to track your browsing
• Use privacy-focused browsers
• Disable third-party trackers with extensions
• Regularly review app and website permissions
   

Taking action now helps ensure your video history stays private, just as it should be. To learn more about your legal options, contact Morgan & Morgan today for a free case evaluation.