The Federal Trade Commission (FTC) and U.S. Environmental Protection Agency (EPA) are both considering tightening rules governing the advertising of vehicle fuel economy. New federal regulations, however, may not stem the recent tide of consumer class actions alleging that auto manufacturers have misled consumers with inaccurate miles-per-gallon (MPG) claims.

Since 1975, the FTC has published its Fuel Economy Guide, which advises auto manufacturers and dealers to prominently disclose their vehicles’ estimated city and highway MPG whenever they make fuel economy claims 1 . These MPG estimates must be based on EPA-mandated testing procedures. 2 FTC began soliciting comments on revisions to its Fuel Economy Guide in 2009. In May 2014, FTC issued its most specific questions to date, inviting the public to comment on the following issues:Continue Reading Stricter Rules for Fuel Economy Advertising Are on the Horizon, But Are Unlikely to Put the Brakes on Consumer Class Actions

In January 2014, a blind patron sued Lucky Brand Jeans for discrimination when he was not able to use Lucky Brand’s point-of-sale (“POS”) device to independently complete a debit purchase because the visual touch screen on the POS was not discernible to blind individuals. The plaintiff filed a class action under title III of the Americans with Disabilities Act (“ADA”) in the U.S. District Court for the Southern District of Florida. Recently, the Department of Justice (“DOJ”) filed a Statement of Interest in this case in response to two arguments advanced by Lucky Brand in a motion to dismiss.

Lucky Brand argued that: (1) there is no requirement within the ADA and its regulations mandating that the POS devices have the capabilities requested by the plaintiff; and (2) since blind customers can purchase items by using cash, credit, or by processing their debit card as a credit card, there was no discrimination under the ADA merely because the plaintiff could not use the POS device to use his debit card as a debit card.Continue Reading DOJ’s Recently Articulated Position on the Accessibility of Point-of-Sales Devices

A bill has been introduced in the California legislature that would dramatically increase retailers’ liability for data breaches. Dubbed the “Consumer Data Breach Protection Act,” Assembly Bill 1710 would enact sweeping changes to California’s data breach notification laws, setting short deadlines by which consumers would need to be notified of breaches and increasing the penalties associated with such breaches. AB 1710’s new provisions would apply to all businesses that sell goods or services to California residents and accept credit or debit cards, although the law retains exemptions for certain businesses that are subject to other privacy regulations (such as financial institutions).

The California Retailers Association has already come out in opposition to the bill, and in years past, has successfully fought similar efforts to expand the state’s data breach notification laws. However, given the number of recent high profile data incidents, lawmakers are in a stronger position this year to amend California’s data protection laws. Indeed, as introduced, AB 1710 made only minor nonsubstantive changes to the data privacy laws, but in the wake of various well-publicized data breaches, the bill’s authors substantially amended the bill to increase the “teeth” in the law.

The following briefly summarizes some of the bill’s key proposed changes:

Expands Restrictions on Data Use and Retention. AB 1710 limits retention of “payment-related data” to the amount of time required for “business, legal, or regulatory purposes.” Retention of payment-related data would be prohibited if it is unnecessary for those purposes. The bill also requires businesses to create “payment data retention and disposal” policies specifying the amount of time such data will be retained. The bill prohibits the retention of certain types of data, such as card verification codes, PIN numbers, social security and driver’s license numbers. The bill also forbids the sale of an individual’s social security number. The term “payment-related data” is defined to include all items that fall within the current statutory definition of “personal information,” such as a consumer’s name, social security number, driver’s license number, account numbers, and user name and passwords.Continue Reading California Legislature Seeks to Restrict Data Use and Ramp Up Retailer Liability for Data Breaches

A California state court recently issued a preliminary ruling proposing to assess a statutory penalty against online discount retailer Overstock.com in the amount of $6.8 million for engaging in allegedly false and misleading discount advertising.1 Overstock.com was alleged to have advertised discounted prices that were pegged to the company’s own uncorroborated estimate of undiscounted retail value, rather than on actual data. The case highlights the risk that both online and brick-and-mortar retailers face if they advertise “discounts” from “regular” prices that have never actually been offered in commerce, in violation of the Federal Trade Commission guidelines against deceptive advertising (“FTC Guides”). The case also signals a major new threat to retailers engaging in these kinds of marketing strategies, which are common in the industry.

The Overstock.com case began in 2010, when a group of California district attorneys filed a private action under California’s False Advertising Law, Unfair Competition Law, and Consumer Legal Remedies Act. Their complaint alleged that Overstock.com “routinely and systematically made untrue and misleading comparative advertising claims” by comparing its retail prices to “advertised reference price(s)” (ARPs) that were not the prevailing market prices for its products. The district attorneys claimed that Overstock.com instead used misleading internal formulas designed to “inflate the comparative prices and artificially increase the discounts it claimed to be offering consumers.” The complaint also alleged that because Overstock.com was no longer merely a reseller of distressed merchandise, but was now actively engaged in original design, production and sale of a wide variety of products, it could not possibly advertise a “discount” for such products that were never sold at an undiscounted price.Continue Reading California Court Proposes to Assess $6.8 Million Penalty Against Online Discount Retailer For Engaging in Commonly Used Pricing Claims

The deadline for complying with new Telephone Consumer Protection Act (TCPA) regulations is on Wednesday, October 16, 2013. The new rules, promulgated by the FCC in 2012, govern the circumstances under which telemarketers can contact consumers. Non-compliance puts both telemarketers and those companies that they act “on behalf of” at potential risk. As of October

On September 3, 2013, the U.S. District Court for the Northern District of Illinois dismissed a class action complaint against Barnes & Noble seeking damages based on a data security incident, finding that the plaintiffs lacked standing to bring the claims. This decision reaffirms that retailers may be able to avoid damages for data breaches

On March 6, 2013, the United States District Court for the Northern District of California held that a putative class of LinkedIn premium users lacked standing to pursue state law unfair competition, breach of contract, and negligence claims resulting from a hacking incident. The court dismissed the complaint, concluding that the plaintiffs failed to establish any legally cognizable injury and any causation between the alleged incident and any alleged economic harm.

LinkedIn, the online community for professional networking, offers both free and premium paid accounts to consumers. The Privacy Policy applicable to both types of accounts provides that user information will be protected with “industry standard protocols and technology,” but notes that it provides no guarantee that LinkedIn’s security will be able to prevent all security breaches. On June 6, 2012, hackers infiltrated LinkedIn’s computer systems and posted 6.5 million user passwords and email addresses. LinkedIn subsequently updated its password encryption method to prevent future breaches.

A putative class of premium LinkedIn users filed an amended complaint alleging unfair competition, breach of contract, and negligence claims. LinkedIn filed a motion to dismiss for lack of standing, which the court granted.Continue Reading Allegation of Data Breach Alone Insufficient to Sustain Claims Based on Inadequate Cybersecurity Under California Law

Crowell & Moring is pleased to announce two upcoming presentations regarding consumer protection regulation and enforcement and what President Obama’s second turn will mean for retailers (as well as manufacturers and distributors). With the re-election of President Obama, we can expect the government to continue to add to the existing federal regulations. The discussion panel, which includes former agency

On January 24, 2012, the United States Court of Appeal for the Third Circuit ruled that printing just the month of a credit card’s expiration date on a customer receipt violates the federal Fair And Accurate Credit Transactions Act (FACTA). This is the first federal appeals court to address this issue and confirms that retailers

In a pro-business and pro-arbitration decision, the United States Supreme Court on April 27 struck down as preempted by federal law the California rule that class arbitration waivers in consumer adhesion contracts are unconscionable and thus unenforceable.  The Court’s decision in AT&T Mobility LLC v. Concepcion, 563 U.S. ___ (2011), hinged on Section 2 of the Federal Arbitration Act (“FAA”), which provides that agreements to arbitrate are “valid, irrevocable, and enforceable, save upon such grounds as exist at law or in equity for the revocation of any contract.”  In a 5-4 decision, the divided Court, in an opinion authored by Justice Scalia, concluded that the FAA prohibits states from conditioning the enforceability of certain arbitration agreements on the availability of class arbitration procedures.  The majority reaffirmed its recent pro-arbitration leanings, while at the same time seeming to reject arbitration as an appropriate venue for class claims.

The named plaintiffs, Vincent and Liza Concepcion, alleged that they entered into an agreement with AT&T Mobility LLC to purchase mobile phone service that was advertised as including free phones.  The Concepcions sought to represent a class of AT&T Mobility customers and alleged that AT&T Mobility had engaged in false advertising by charging sales tax based on the value of the phones it advertised as free.Continue Reading Supreme Court Upholds Arbitration Agreement Waiving Customers’ Ability to Bring Class Actions