The U.S. District Court for the Southern District of Florida denied Zumba’s motion to dismiss a putative class action alleging violations of the Video Privacy Protection Act (“VPPA”) in Catherine Kueppers et. al. v. Zumba Fitness, LLC, Case No. 24-cv-61983-WPD, 2025 WL 3553598. The case was brought by Plaintiffs Catherine Kueppers and Kathleen Summy, challenging Zumba’s alleged disclosure of video-viewing information to third parties without user consent.
According to the complaint, Zumba operates the website zumba.com, where it sells access to prerecorded, dance workout videos. Plaintiffs allege that Zumba embedded tracking pixels from Meta and Pinterest on its website, which transmitted users’ personally identifying video-viewing information to third parties. The alleged disclosures included information about which video materials a user requested or obtained, coupled with identifiers such as Facebook IDs, without first obtaining user consent.
Both named Plaintiffs allege that they purchased a Zumba instructor training course that included prerecorded video content, provided personal information in connection with the purchase, and later viewed the videos while logged into Facebook. They allege that Zumba disclosed their identifiers and URLs associated with the purchased video content to Meta, without authorization.
In reviewing the scope and purpose of the VPPA, the Court observed that the statute applies beyond traditional video rental stores and can encompass online video service providers, including websites that deliver prerecorded video content.
Zumba argued that the complaint failed to allege the disclosure of “personally identifiable information” as defined by the VPPA, contending that it did not disclose specific video titles and that the information shared would not allow an ordinary person to identify an individual’s video-viewing habits. The court rejected these arguments. It found that allegations that Zumba disclosed URLs to webpages containing the video content were sufficient to constitute disclosure of “specific video materials,” even if individual video titles were not expressly named. The court aligned itself with the majority of district courts that have held that linking a user identifier with a URL associated with video content can satisfy the statute’s requirements.
The court also declined to adopt a strict “ordinary person” test requiring that any member of the public be able to identify a viewer from the disclosed information. In the absence of binding Eleventh Circuit precedent, the court concluded that it is sufficient at the pleading stage to allege that the recipient of the information, such as Meta or Pinterest, could reasonably and foreseeably identify which videos a person obtained. The complaint alleged that Meta could easily link Facebook IDs transmitted via the tracking pixel to specific users, and that Pinterest could similarly associate encrypted cookies with identifiable user profiles. These allegations were found adequate to state a claim under the VPPA .
Finally, the court addressed Zumba’s argument that it did not “knowingly” disclose any protected information because it did not itself possess users’ Facebook or Pinterest identifiers. The court rejected this position, holding that the intentional installation and use of tracking pixel technology on Zumba’s website was sufficient to plausibly allege knowing disclosure. At the motion to dismiss stage, plaintiffs were not required to prove intent, only to plausibly allege it, which the court found they had done.
With recent VPPA class settlements reaching almost a million dollars, we’ll keep a close eye on whether Zumba can dance its way out of this one.
CIPAWorld 