“Ohebshalom v. Dapper Labs is a case that most people have never heard of — but probably should have. It is one of those quiet legal battles that started with a few frustrated users and ended with a five million dollar settlement that sent shockwaves through the entire tech industry.”
The Company Behind the Platforms
ohebshalom v. dapper labs is a blockchain technology company based in Canada. If you have never heard of them, you have probably at least heard of NFTs — those digital collectibles that everyone was talking about a few years ago. Dapper Labs was one of the biggest players in that space.
They built NBA Top Shot, which let basketball fans own officially licensed video highlights stored on a blockchain. Think of it like a digital trading card, except instead of a photo it is a short video clip. The idea caught on fast. People were spending real money — sometimes thousands of dollars — on these clips. Then Dapper Labs expanded. They launched NFL All Day for American football fans. Disney Pinnacle for people who love Disney and Pixar. UFC Strike for martial arts fans. La Liga Golazos for soccer.
Millions of people signed up. They made accounts, linked their emails, watched videos, and bought digital items. It was a thriving little ecosystem.
But behind all of it, ohebshalom v. dapper labs had embedded tracking pixels on their websites.
What Is a Tracking Pixel and Why Does It Matter
If you are not a tech person, the term “tracking pixel” probably sounds confusing. But the concept is actually simple.
A tracking pixel is a tiny piece of code that a website places on its pages. When you visit that page, the pixel fires — meaning it sends a signal to a third-party company, usually something like Facebook or Google. That signal carries information about you and what you are doing on the site.
Companies use these pixels all the time for advertising. It helps them figure out who is visiting their site, what those people are interested in, and how to show them relevant ads later. From a business point of view, it makes sense. From a user’s point of view, it is a bit unsettling — especially when you find out it is happening without your knowledge.
ohebshalom v. dapper labs was running multiple pixels at the same time. Facebook’s pixel. Google’s pixel. Microsoft’s Bing pixel. Snapchat’s pixel. Twitter’s pixel. Every time a user watched a video on one of their platforms, that information — who you are, what you watched — was being shared with all of these companies.
The problem is that there is a law in the United States called the Video Privacy Protection Act. It has been around since 1988, originally written to stop video rental stores from sharing your rental history without permission. Over the years, courts have applied it to online video platforms too. And under that law, you cannot share what videos a person has watched without first getting their proper consent.
ohebshalom v. dapper labs had not done that.
The People Who Sued
Four people decided to do something about it.
Daniel Ohebshalom, Matthew Kimoto, Thomas Fan, and Clinton Brown filed a class action lawsuit against ohebshalom v. dapper labs in 2025. The case landed in the Supreme Court of the State of New York, Nassau County, under Index Number 615987/2025. Judge Lisa A. Cairo was assigned to oversee it.
A class action is different from a regular lawsuit. These four people were not just fighting for themselves. They were fighting on behalf of every single person who had an active account on any Dapper Labs platform between June 2020 and January 2025. That is potentially a huge number of users across NBA Top Shot, NFL All Day, Disney Pinnacle, UFC Strike, and La Liga Golazos.
The claim was straightforward. Dapper Labs violated the Video Privacy Protection Act by using tracking pixels on pages where videos were being shown, which caused users’ personal information and viewing habits to be shared with Facebook, Google, Microsoft, Snapchat, and Twitter — all without consent.
How Dapper Labs Responded
Dapper Labs denied everything. Their position was that they had not broken any law.
But here is the thing about lawsuits — even when you believe you are right, going to trial is expensive, slow, and unpredictable. Legal fees pile up. The process drags on for years. The outcome is never guaranteed. So many companies, even when they are confident in their defense, choose to settle instead.
That is what ohebshalom v. dapper labs did.
They agreed to pay five million dollars to resolve the case. Five million dollars split among all the eligible class members who submitted valid claims. In practical terms, individual users stood to receive up to around five dollars each — not life-changing money, obviously. But that was never really the point.
The more important part of the settlement was this: Dapper Labs agreed to shut down all of those tracking pixels. The Facebook pixel, the Google pixel, the Bing pixel, the Snapchat pixel, the Twitter pixel — all of them suspended. The behavior that caused the whole problem in the first place had to stop.
The final approval hearing for the settlement was set for April 15, 2026. Users who wanted to keep their right to sue Dapper Labs on their own — rather than be part of the class — had to file a written exclusion request by that same date.
Why This Case Goes Far Beyond Dapper Labs
Here is what makes this case genuinely important, and why it deserves more attention than it has received.
Dapper Labs is not unique. What they were doing — running third-party tracking pixels on pages that also show video content — is something that thousands of websites do every single day. News sites do it. Retail stores do it. Healthcare providers do it. Educational platforms do it. If you have a website with any kind of video on it, and you are also running a Facebook or Google pixel, you could be in the exact same position Dapper Labs found itself in.
The Video Privacy Protection Act is not a new law. But courts have increasingly been willing to apply it to modern digital platforms, and plaintiffs’ lawyers have taken notice. Cases like this one are becoming more common. The legal risk is real.
For compliance teams and legal departments inside technology companies, this case is basically a fire alarm going off. It says: look at your website right now. What pixels are you running? On what pages? Are any of those pages showing video content? Do you have proper user consent documented? If not, you have a problem.
The Larger Question of Digital Privacy
Step back for a moment from the legal details and think about what this case actually represents.
You leave a trail every time you go online. The websites you visit, the things you click, the videos you watch – all of that is data and there are entire industries built around collecting it, analysing it, and selling it. Most of the time, users have no idea any of this is happening. The privacy policies are buried in fine print that nobody reads. The consent mechanisms are designed to be confusing. And the tracking happens instantly, invisibly, every time a page loads.
Laws like the Video Privacy Protection Act exist because at some point society decided that there are limits. That you cannot just take someone’s personal information and hand it to a third party without asking first. That people have a right to know what is being done with data about them.
The Dapper Labs case is proof that these laws work — when someone actually enforces them. Four ordinary people, sports fans and digital collectors, decided that what was happening was wrong and took the company to court. And the company paid five million dollars and changed its practices.
What This Means Going Forward
The technology industry has spent years operating in a kind of gray zone when it comes to user data. The attitude was often that as long as something was technically permitted — or at least not clearly prohibited — it was fine to do. Privacy came second to functionality and revenue.
That approach is getting harder to sustain. Laws are becoming stricter. Courts are becoming less forgiving. Users are becoming more aware. And lawsuits like Ohebshalom v. Dapper Labs are becoming more frequent.
Companies that want to avoid ending up in a similar situation need to take a hard look at their data practices. That means being honest in privacy policies about what data is collected and where it goes. This means creating systems that ethically, meaningfully gain the consent of users prior to tracking them. That means treating privacy not as a compliance checkbox, but as a real obligation to the people who use your products.
No suggestions
Final Thoughts
The story of Ohebshalom v. Dapper Labs is, at its core, a simple one. A company was collecting and sharing user data in a way that violated federal law. Users found out. They sued. The company settled for five million dollars and agreed to stop.
But simple stories can have big lessons.
This case is a reminder that digital privacy is not an abstract concept. It is about real people — basketball fans, soccer supporters, Disney collectors — who trusted a platform with their information and expected that trust to be respected. When it was not, there were consequences.
For anyone building technology products, that is worth remembering. The data you collect belongs, in a very real sense, to the people it came from. Handle it accordingly.
