Privacy and Gift Card Compliance Lessons From Recent Cases for - - PowerPoint PPT Presentation

The audio portion of the conference may be accessed via the telephone or by using your computer's

• speakers. Please refer to the instructions emailed to registrants for additional information. If you

have any questions, please contact Customer Service at 1-800-926-7926 ext. 10.

Presenting a live 90-minute webinar with interactive Q&A

Class Action Claims Against Retailers: Deceptive Pricing, False Advertising, Privacy and Gift Card Compliance

Lessons From Recent Cases for Pursuing, Defending or Avoiding Claims

Today’s faculty features:

1pm Eastern | 12pm Central | 11am Mountain | 10am Pacific TUESDAY, MARCH 1, 2016

Amy Pierce, Esq., Pillsbury Winthrop Shaw Pittman, Los Angeles Kai Richter, Partner, Nichols Kaster, Minneapolis Stephanie A. Sheridan, Partner, Sedgwick, San Francisco

Tips for Optimal Quality

Sound Quality If you are listening via your computer speakers, please note that the quality

• f your sound will vary depending on the speed and quality of your internet

connection. If the sound quality is not satisfactory, you may listen via the phone: dial 1-866-869-6667 and enter your PIN when prompted. Otherwise, please send us a chat or e-mail sound@straffordpub.com immediately so we can address the problem. If you dialed in and have any difficulties during the call, press *0 for assistance. Viewing Quality To maximize your screen, press the F11 key on your keyboard. To exit full screen, press the F11 key again.

FOR LIVE EVENT ONLY

Continuing Education Credits

In order for us to process your continuing education credit, you must confirm your participation in this webinar by completing and submitting the Attendance Affirmation/Evaluation after the webinar. A link to the Attendance Affirmation/Evaluation will be in the thank you email that you will receive immediately following the program. For additional information about continuing education, call us at 1-800-926-7926

• ext. 35.

FOR LIVE EVENT ONLY

Program Materials

If you have not printed the conference materials for this program, please complete the following steps:

• Click on the ^ symbol next to “Conference Materials” in the middle of the left-

hand column on your screen.

• Click on the tab labeled “Handouts” that appears, and there you will see a

PDF of the slides for today's program.

• Double click on the PDF and a separate page will open.
• Print the slides by clicking on the printer icon.

FOR LIVE EVENT ONLY

CLASS ACTION CLAIMS AGAINST RETAILERS

Amy Pierce, Pillsbury Winthrop Shaw Pittman

amy.pierce@pillsburylaw.com

Stephanie Sheridan, Sedgwick LLP

stephanie.sheridan@sedgwicklaw.com

Kai Richter, Nichols Kaster, PLLP

krichter@nka.com

5

Overview

• Class actions against retailers

― Identify trends and case law developments ― Identify strategies from both plaintiff and defense perspective ― Identify proactive steps for retailers to mitigate the risk of class actions

• Hottest litigation trends and related case law developments

― False advertising ― Deceptive pricing ― Made in U.S.A. ― Transparency in Supply Chain ― Song-Beverly Credit Card Act ― Data privacy ― Telephone Consumer Protection Act ― Gift cards

6

FALSE ADVERTISING

7

False Advertising

• Deceptive Sale Pricing
• Made in the U.S.A.
• California Transparency in Supply Chains Act of 2010

8

Photo: Koshy Koshy, Hot & Sour - – Creative Commons

Deceptive Pricing Claims

Historically, pricing practices have been enforced by the FTC. In the last two years, a wave of private actions have targeted dozens of retailers. Claims in those cases generally fall into two categories:

• Perpetual Sales Claims

― Based on the retailer’s own former price ― CA’s Former Price Law (Cal. Bus. & Prof. Code § 17501) ― Theory: Plaintiffs claim that retailers create a fake "original" price in order to

• ffer the item for sale at a discounted "sale" price; this leads consumers into

believing they are getting a bargain, even though the item never actually sold for the "original" price.

• Price Comparison Claims

9

Deceptive Pricing Claims

• Perpetual Sales Claims
• Price Comparison Claims

― Comparisons to Third-Parties: Listing a "Compare At" price deceives consumers into believing that the same item has sold at a third-party retailer for that price, when in reality no other retailers offer the item for the comparison price,

• r offer it for less than the comparison price. Thus, the consumer is deceived

into believing that he or she is getting a bargain that is illusory. ― Outlet Retailers: Listing a reference price previously used by the outlet’s full- priced counterpart. In many cases, however, the item was manufactured exclusively for the outlet. The claim here is that consumers thought they were buying products from the full-priced store at a substantial discount, when in reality, the products were never sold at the full-priced stores.

10

Deceptive Pricing Claims

• In the last year, courts have granted several motions to dismiss deceptive

pricing cases involving “Compare At” prices: ― Rubenstein v. Neiman Marcus, Branca v. Nordstrom, Sperling v. DSW, Sperling v. Stein Mart

• During the same time period, two “perpetual sales” cases settled for $50

million each.

• In response to those settlements, plaintiffs have begun incorporating

“perpetual sales” claims into their claims against outlet retailers.

11

Deceptive Sale Pricing – CA Statutes

• Value determinations; Former price advertisement (Cal. Bus. & Prof. Code §

17501) ― “For the purpose of this article the worth or value of any thing advertised is the prevailing market price, wholesale if the offer is at wholesale, retail if the offer is at retail, at the time of publication of such advertisement in the locality wherein the advertisement is published.” ― “No price shall be advertised as a former price of any advertised thing, unless the alleged former price was the prevailing market price as above defined within three months next immediately preceding the publication of the advertisement or unless the date when the alleged former price did prevail is clearly, exactly and conspicuously stated in the advertisement.”

• Possible defenses that have been asserted (with some success)

― Failure to state a Claim Lack of proof ― Lack of standing Plaintiffs cannot prevail on class certification

12

Deceptive Sale Pricing – Prior Suits

Numerous retailers have been the subject of suits:

• Dell
• Kohl’s
• J.C. Penney
• Justice
• TJ Maxx
• Sears
• Nordstrom
• Michael Kors
• HomeGoods
• Burlington Coat Factory
• Tween Brands
• Ross Stores
• Kenneth Cole
• Neiman Marcus
• Gap
• Michaels
• Ralph Lauren
• Saks
• Marshall’s
• Best Buy
• Select Comfort
• Guess

13

Deceptive Sale Pricing – Federal Law

• Cases build on well-established case law regarding reference price schemes
• FTC v. Colgate-Palmolive Co., 380 U.S. 374, 387 (1965) (“It has long been

considered a deceptive practice to state falsely that a product ordinarily sells for an inflated price but that it is being offered at a special reduced price, even if the offered price represents the actual value of the product and the purchaser is receiving his money's worth.”)

• FTC v. Standard Education Soc., 302 U.S. 112, 114 (1937)
• FTC Regulations also prohibit deceptive reference pricing. See 16 C.F.R. § 233.1

The advertiser should be especially careful … that the [reference] price is one at which the product was openly and actively offered for sale, for a reasonably substantial period of time, in the recent, regular course of his business, honestly and in good faith—and, of course, not for the purpose of establishing a fictitious higher price on which a deceptive comparison might be based.

• In January 2014, 4 members of Congress wrote to the Chair of the FTC asking it

to investigate this practice.

14

Deceptive Sale Pricing – State Law

• Successful claims brought under California’s Unfair Competition Law,

False Advertising Law and Consumer Legal Remedies Act

• Spann v. J.C. Penney Corp., 2015 WL 1526559 (C.D. Cal. Mar. 23, 2015)
• Hinojos v. Kohl’s Corp., 718 F

.3d 1098 (9th Cir. 2013)

• Brazil v. Dell, Inc., 2010 WL 5387831 (N.D. Cal. Dec. 21, 2010)

But See Rubenstein v. Neiman Marcus, 2015 WL 1841254 (C.D. Cal. Mar. 2, 2015); Sperling v. DSW, Inc., 2016 WL 354319 (C.D. Cal. Jan. 28, 2016)

• Claims under other state laws have fared less favorably – for now
• Shaulis v. Nordstrom, Inc., 2015 WL 4886080 (D. Mass. Aug. 14, 2015)
• Kim v. Carter’s, Inc., 598 F

.3d 362 (7th Cir. 2010)

15

Deceptive Sale Pricing – Settlements

• Settlement values have been substantial
• J.C. Penney: $50 million
• Justice Stores: $50 million
• Dell: $26,648,950 (estimated value)

16

Made in the U.S.A.: Federal and California Standards

• Under the FTC’s “Made in the USA” standard, a company can only describe a

product as being “Made in the USA” when “all or virtually all” of it was made

• domestically. According to FTC guidelines, “all or virtually all” means that “all

significant parts and processing that go into the product must be of U.S. origin. That is, the product should contain no—or negligible—foreign content.”

• California’s “Made in the USA” law is much stricter than the FTC’s, forbidding

manufactures from labeling products as “Made in the USA” unless every component in the product was completely made in the U.S.

• This stricter standard led to a string of lawsuits in 2014 and 2015 against

retailers (mostly high-end denim manufacturers and retailers) alleging that components, such as zippers and threads, were not domestically sourced.

17

Made in the U.S.A.

• On September 1, 2015, California

S.B. 633 was signed into law amending Business & Professions Code § 17533.7 (the “Made in the U.S.A.” law), relaxing California’s standard for merchandise labeled as “Made in the U.S.A.” and aligning the requirement more closely with the federal standard

• Response to Kwikset Corp. v. Superior Court, 51 Cal. 4th 310, 246 P

.3d 877 (2011) and its progeny

• The amendment resulted in the settlement of several pending claims, such as

Paz v. Adriano Goldschmied, where AG provided a $20 voucher or a pair of free pants to the class members. The motion for preliminary approval said the

• riginal retail value of the jeans distribution is $4 million.

18

Photo: Denise Krebs, American Flag on the Fourth of July - Creative Commons

Made in the U.S.A., Cont’d

• As of January 1, 2016, merchandise can be labeled “Made in the U.S.A.” if:

― “all of the articles, units, or parts of the merchandise obtained from outside the United States constitute not more than 5 percent of the final wholesale value of the manufactured product” or ― “the manufacturer makes a showing that it cannot produce or obtain a certain article, unit, or part” within the U.S. for reasons other than cost and that the article, unit, or part does not constitute more than 10% of “the final wholesale value of the manufactured product”

• FTC standard for products labeled and marketed as “Made in the U.S.A.”

requires that “all or virtually all” of a product be made in the U.S., examining the foreign content of a product as a whole.

― According to FTC’s guidelines, “all or virtually all” means that “all significant parts and processing that go into the product must be of U.S. origin,” or “the product should contain no — or negligible — foreign content”

19

Made in the U.S.A.: Current Litigation

• Late 2015 saw a second wave of litigation
• Unlike the first wave, which targeted denim and clothing manufacturers, the

second wave targeted consumable goods, such as energy drinks, condiments, and pet foods that contain non-domestically sourced components.

• California’s “Made in the USA” law is based on California’s “Made in California”

law, which may provide guidance to courts in interpreting the new statute.

20

California Transparency in Supply Chains Act of 2010

• This Act’s stated intent is “to ensure

large retailers and manufacturers provide consumers with information regarding their efforts to eradicate slavery and human trafficking from the supply chains, to educate consumers on how to purchase goods produced by companies that responsibly manage their supply chains, and, thereby, improve the lives of victims of slavery and human trafficking.” (Civ. Code §1714.43)

21

Photo: David Pacey, hand chain lock - Creative Commons

Who is subject to the Act and what is required?

• Every “retail seller” and “manufacturer” doing business in California and

having annual worldwide gross receipts above $100 million must disclose its efforts to eradicate slavery and human trafficking from its direct supply chain. ― Principal Business Activity Code under N. American Industry Classification System: Manufacturing (311110-339900) or Retail Trade (441110-454390)

• Required Disclosures  Actions the retail seller or manufacturer is taking  if

any  in five areas: ― (1) Verification ― (2) Audits ― (3) Certification ― (4) Internal accountability, and ― (5) Training

22

Where are the disclosures to be made? And, who is enforcing this Act?

• The company’s website homepage must have a “conspicuous and easily understood

link” to the required disclosures

• The California Attorney’s Office is the sole enforcer of the Act; however, private

law firms are filing class actions premised on disclosures made in the entity’s disclosures ― Attorney General’s Resource Guide is available at https://oag.ca.gov/sites/all/files/agweb/pdfs/sb657/resource-guide.pdf

• In August of 2015, civil actions were filed premised on the disclosures made to

comply with the Act but under characterized as violations of California’s unfair competition law and false advertising law

• Defenses that have been asserted (with some success)

― Safe Harbor Doctrine Failure to state a Claim ― Lack of standing Lack of proof

23

SONG-BEVERLY CREDIT CARD ACT

Song-Beverly Credit Card Act

• The Song-Beverly Credit Card Act is intended to conform to the federal Truth in

Lending Act. Section 1747.08 prohibits entities that accept credit cards from requesting personal identification information (“PII”) as a condition of payment.

• Personal identification information is defined as information concerning the

cardholder that is not available on the face of the card, including the cardholder’s address and telephone number. § 1747.08(b).

• Party City Corp. v. Superior Court concluded that a ZIP code, without more,

does not constitute PII.

• Pineda v. Williams-Sonoma Stores, Inc., held that PII includes a cardholder’s

ZIP code, disagreeing with Party City, reasoning that by defining the cardholder’s address as PII, the Legislature must have intended to protect the component parts of the cardholder’s address too.

25

Davis v. Devanlay Retail Group, Inc.: Song- Beverly and the consumer perception test

• Plaintiff alleged that Devanlay (Lacoste) violated Song-Beverly by requesting

and recording PII from customers who paid with credit cards. Davis argued that Song-Beverly prohibited retailers from requesting any information while the customer is at the point of sale, regardless of whether the customer believed the information was a condition of payment.

• Rejecting Davis’ argument, the court explained that Song-Beverly violations

turn on whether consumers would perceive the store’s request for information as a “condition” of the use of a credit card.

• Thus, the Davis test of whether retailers have violated Song-Beverly is based
• n a consumer’s reasonable belief—an objective test—and not whether the

transaction has reached an official end.

26

Davis v. Devanlay Retail Group, Inc.

• Notably, the Ninth Circuit in Davis certified to the California Supreme Court

the question of whether retailers could ask for PII, provided consumers would not reasonably believe the information was a condition of payment.

• The California Supreme Court declined to respond to the question, pointing to

the Harrold v. Levi Strauss & Co. decision.

• Unlike Davis, which held that Song-Beverly imposes a consumer perception

test, Harrold questioned whether any request after the transaction is completed would violate Song-Beverly.

27

Harrold v. Levi Strauss & Co.: Song-Beverly does not prohibit data collection after transaction

• Plaintiff claimed that Levi’s violated Song-Beverly by asking for her email

address in conjunction with a credit card transaction. According to Plaintiff, a Levi’s employee asked for her email before handing over her purchases, thereby arguing that, for purposes of Song-Beverly, the transaction is not finished until the customer leaves the POS.

• Harrold established a bright-line test to assist retailers in complying with the

Song-Beverly Act.

• The Harrold court held retailers do not violate Song-Beverly by requesting a

customer’s email information after the customer has been provided a receipt.

• The court reasoned that consumers could not reasonably believe that such a

request was a condition of payment, because the transaction had already concluded.

28

Apple v. Superior Court (Krescent): Song- Beverly does not apply to online purchases of electronically downloadable products

• In Apple, the Plaintiff argued that Apple violated Song-Beverly by requiring

his telephone number and address to purchase media on iTunes.

• The California Supreme Court held that Song-Beverly does not prohibit online

retailers from collecting PII as a condition of accepting credit card payment for electronically downloadable products.

• The Court looked to the Legislative intent discussed in Pineda v. Williams-

Sonoma, and distinguished the case because Apple involved online purchases.

• The Court noted that Song-Beverly was intended to protect customer privacy,

but not at the expense of fraud protection, as demonstrated by the fact that the statute permits certain limited fraud prevention collection methods.

29

Ambers v. Beverages & More, Inc.

• In Ambers, Plaintiff alleged BevMo violated Song-Beverly by requiring Plaintiff

to provide PII as a condition of completing an online purchase, which Plaintiff would later pick up in store.

• Applying the Supreme Court’s logic in Apple, the Second District Court of

Appeal concluded that Song-Beverly permits retails to use PII to prevent fraud.

• The Court reasoned that protection of customer privacy was outweighed by

retailers’ need to verify cardholder identity, since standard procedures used in person-to-person transactions are unavailable.

• Also, the Court concluded that the transaction was completed at the moment

Plaintiff purchased the alcohol, not when he picked it up from the store.

• A month later, in Ambers v. Buy.com, the Ninth Circuit followed the reasoning

in Apple, holding that Buy.com did not violate Song-Beverly in requesting PII to purchase tangible goods that would be shipped directly to the consumer (that is, without picking up the goods in store as in BevMo).

30

31

DATA BREACH LITIGATION

• Unauthorized and unlawful acquisition, disclosure, viewing, or use of

confidential, sensitive, or protected information

• Litigation typically involves personal information of consumers or employees,

e.g.: ― Social Security Numbers ― Credit card, debit card, or account numbers, along with passwords and/or PINs ― Driver’s license or ID numbers

What Is A Data Breach?

32

• In 2002, states began passing laws requiring notice to individuals whose

personal information was involved in a data breach. ― 47 states plus the District of Columbia now have such laws. ― So far, no Federal notification law has been enacted.

• This resulted in the proliferation of class action data-breach litigation.

History Of Data Breach Litigation

33

• Courts initially held plaintiffs did not have standing under Article III. Found that an

increased risk of future harm through identity theft or fraud was not an injury in fact.

• In 2007, the 7th Circuit held plaintiffs had standing due to the increased risk of

future harm, analogizing to tort cases involving exposure to toxic substances or defective medical equipment. Pisciotta v. Old Nat'l Bancorp, 499 F .3d 629, 634-35, 637 (7th Cir. 2007).

• Pisciotta marked a turning point for the viability of data breach litigation.

History (Cont.)

34

CIRCUIT SPLIT

History (Cont.)

CIRCUIT SPLIT STANDING NO STANDING Krottner v. Starbucks Corp., 628 F .3d 1139 (9th Cir. 2010) – Theft of laptop subjected employees to increased risk

• f harm; held sufficient to establish

injury in fact. Remijas v. Neiman Marcus Grp., LLC, 794 F .3d 688 (7th Cir. 2015) – Hackers stole Neiman Marcus customers’ credit card info, and plaintiffs claimed injuries associated with resolving fraudulent charges and taking identity-theft preventative measures; held sufficient to establish injury in fact. Reilly v. Ceridian Corp., 664 F .3d 38 (3d Cir. 2011), cert. denied, 132 S. Ct. 2395 (2012) – Hacker infiltrated payroll system but no evidence personal data was used; held to be hypothetical, future injury insufficient to confer standing.

35

• Negligence
• Breach of fiduciary duty
• Breach of contract/implied contract
• Negligent misrepresentation
• Unjust enrichment
• Consumer-protection laws
• State data-breach laws

― But most don’t provide a private cause of action

Types Of Claims

36

• Approximately 110 million Target customers had their credit card information stolen
• 2 components to the class litigation:

― Consumer plaintiffs

― Motion to dismiss denied in part1 ― Settled for $10 million plus fees and costs ― People with actual damages get paid first

― Financial institution and bank plaintiffs

― Motion to dismiss denied in part2 ― Target, Visa and certain Visa issuers settled for $67 million ― Other financial institutions who did not already settle with Target later settled for $39.4 million

1 In re Target Corp. Data Sec. Breach Litig., 66 F

. Supp. 3d 1154 (D. Minn. 2014)

2 In re Target Corp. Customer Data Sec. Breach Litig., 64 F

. Supp. 3d 1304 (D. Minn. 2014)

Case Study: Target

37

CASE FACTS SETTLEMENT

Sony PlayStation Hackers acquired PlayStation users’ logins and some credit card info $15 million Sony employees Hackers released emails/documents $8 million Heartland Payment Systems Hackers stole credit card info of 130 million consumers $2.4 million - Consumers $60 million – Visa $3.6 million – Amex $41.1 million - MasterCard Stanford Hospital & Clinics Patient information was made available

• n website

$4.1 million AvMed Laptops stolen, compromising SSNs and health records $3.1 million Vendini Data breach of online ticket seller exposed credit card numbers $3 million Schnuck Markets Hackers obtained magnetic strip data $2.1 million LinkedIn User names and passwords exposed $1.25 million Countrywide Financial Former employee stole 2 million SSNs $6.5 million

Settlement Value Examples

38

Pending Case Examples

In re Anthem, Inc. Data Breach Litigation, No. 15-MD-02617-LHK (N.D. Cal.)

• MTD denied, 2016 WL 589760 (N.D. Cal. Feb. 14, 2016)

In re Experian/T-Mobile Data Customer Data Security Breach Litigation, MDL

• No. 2676

In re Home Depot, Inc. Data Breach Litigation, No. 1:14-md-02583-TWT (N.D. Ga.)

• Motion to dismiss pending

Remijas v. Nieman Marcus Group, LLC, No. 14 C 1735 (N.D. Ill.)

• Dismissal for lack of standing reversed by 7th Circuit

In re U.S. Office of Personnel Management Customer Data Security Breach Litigation, MDL No. 2664

39

TELEPHONE CONSUMER PROTECTION ACT

40

Telephone Consumer Protection Act

• The “TCPA” restricts telephone

solicitations using an auto-dialer (ATDS) to place calls (47 U.S.C. § 227)

• Text messages are calls

See Satterfield v. Simon & Schuster, Inc., 569 F .3d 946 (9th Cir. 2009))

• Penalties of between $500  $1,500 for each unlawful text message

41

Photo: Sean MacEntee, iPhone 4 apps– Creative Commons

Telephone Consumer Protection Act, Cont’d

• On and after October 16, 2013, prior express written consent is required to

send a text message to a customer that is marketing/advertising or dual purpose ― New rules  In re Rules and Reg’s Implementing the Tel. Consumer Prot. Act of 1991, 27 F .C.C.R. 1830, 1839, 1856-67 (Feb. 15, 2012) 

https://apps.fcc.gov/edocs_public/attachmatch/FCC-12-21A1.pdf

― Interpretation of new rules  TCPA Omnibus Declaratory Ruling and Order (July 10, 2015)  https://www.fcc.gov/document/tcpa-omnibus-

declaratory-ruling-and-order ― Appeals followed, and consolidated appeal is pending ― FCC’s brief  http://tcpablog.com/wp- content/uploads/2016/01/Consolidated-Appeal-Respondent-Brief.pdf

― Clarification re Omnibus Declaratory Ruling 

https://www.gpo.gov/fdsys/granule/FR-2015-10-09/2015-25682

42

What is prior express written consent?

• Prior to October 16, 2013, prior express consent was required to send

a text message to a customer

• Now prior express written consent is required
• Written consent must be both:

― signed by the consumer and be sufficient to show that she/he

― received “clear and conspicuous disclosure” of the consequences of providing the requested consent (i.e., she/he will receive future calls/texts via an ATDS from sender) ― agrees unambiguously to receive such calls/texts to her/his cell phone

―

• btained “without requiring, directly or indirectly, that the agreement

be executed as a condition of purchasing any good or service”

43

What is a valid signature?

• One obtained in compliance with the

E-SIGN Act satisfies the requirements (e.g., email, website form, text message, telephone keypress, or voice recording)

• An “electronic signature” is “an

electronic sound, symbol,

• r process attached to or logically associated with a contract or other

record and executed or adopted by a person with the intent to sign the record” Sender bears the burden of proving that a clear and conspicuous disclosure was provided and unambiguous consent was obtained

44

Photo: Sebastien Wiertz, Signature – Creative Commons

What are open issues?

• Plaintiffs are focusing on technical violations of the TCPA and ambiguities in

the FTCA and its implementing regulations ― What constitutes an ATDS? ― What constitutes human intervention? ― What constitutes prior express written consent under different text messaging program models? ― What disclosures suffice?

• Do plaintiffs (and the putative class) lack Article III standing?

― Supreme Court granted certiorari in Robins v. Spokeo, Inc. (9th Cir. 2014) 742 F .3d 409, cert granted, 82 U.S.L.W. 3689 (U.S. Apr. 27, 2015) (No. 13- 1339).

45

What are potential pitfalls?

• Customer consents to receive 4 text messages but receives 5
• Customer gives consent, but the customer is only 16 years old
• Cell phone number provided does not belong to the customer
• Customer changes her/his phone number and the old number is assigned to

someone else who has not consented to receive text messages

• Managing opt-outs and customer complaints

46

Recent TCPA Settlements

• Capital One - $75,455,098
• HSBC - $39,975,000
• Bank of America - $32,083,905
• Met Life - $23,000,000
• LifeTime Fitness - $15,000,000
• Wells Fargo - $13,859,103
• Walgreens - $11,000,000
• Burger King - $8,500,000

47

48

GIFT CARD LAW

Gift Card Law

• CARD Act
• Cash Redemption of Gift Cards
• Fraud/Chargebacks Relating to Gift

Card Purchases

• Federal Prepaid Access Rules and

Regulations

49

Photo: Damian Gadal, Gift giving – Creative Commons

CARD Act

• Expiration Date Limitations
• Card may not expire < 5 years after issue date
• Expiration date must be stated clearly and conspicuously
• Fee Restrictions
• No fees unless no activity for 1 year
• Only one fee per month
• Disclosures Required
• Does Not Preempt More Restrictive State Laws
• Some states prohibit expiration dates altogether (Ex: MN)
• Some states prohibit fees altogether (Ex: MN)
• Some states have other restrictions

50

Cash Redemption of Gift Cards

• Several states’ gift card laws require certain gift cards to be redeemable for

cash if the card balance is less than $ X ― Requests can be made both in-store and online

• These states currently include:

― California Oregon ― Colorado Rhode Island ― Maine Texas ― Massachusetts Vermont ― Montana Washington ― New Jersey

• Many companies have an appropriate policy and related point-of-sale (POS)

procedures, however, they are sued because their employees allegedly do not follow the policy

51

Photo: Steven Depolo, Money Hand Holding Bankroll – Creative Commons

What are “best practices?”

• Fundamentally, recognize the need to both train and retrain your employees
• n your gift card cash redemption policies and POS procedures
• What are “best practices” for avoiding litigation?

― There is not a one-size-fits-all approach ― Different industries face unique challenges, requiring varied approaches

• Bests practices may include:

― Training new employees not only on the policy and POS procedures but

• n the consequences to the company and to the employee if the policy

and procedures are not followed ― Periodically retraining your employees (and management) on your policy and POS procedures ― Requiring employees to confirm in writing that they received training and retraining on your policy and POS procedures

52

What are best practices? Cont’d

― Identifying optimal times for retraining employees, which may be both high gift card sales months as well as high gift card redemption months, and may be several times a year ― Including reminders of the policy and POS procedures as part of the employees’ pre-shift meetings, especially during high gift card sales and redemption months ― Posting reminders of the policy and POS procedures in employee break- rooms or similar areas, especially during high gift card sales and redemption months ― Including reminders of the policy in more frequent communications with management teams ― Auditing employees’ (and the management’s) compliance with the policy and POS procedures, which may include, for example, quizzing employees or even a secret shopper

53

Fraud/Chargebacks Relating to Gift Card Purchases

• Gift card-related fraud may be on the rise because

there is a growing secondary market for gift cards ― A customer purchases gift cards with a credit card, sells the gift cards to a third-party(ies), and then calls credit card company reporting the purchase as fraudulent, requesting a chargeback ― A cardholder claims that there are funds

• n the gift card but the company’s system

says the card balance is $0

54

Photo: GotCredit, Fraud - Creative Commons

Fraud/Chargebacks Relating to Gift Card Purchases

• How does the company protect itself from a fraudster?

― Train employees to identify and report potential fraud

― Suspicious activity ― Unusual gift card purchasing behaviors

― Limit the total value in gift cards that may be purchased by a single individual using a credit card both on-line and in-store ― Require a manager’s approval for sales of gift cards over $$ ― Verify that the purchaser is who she/he says she/he is ― Publicly disclose company’s policy when it suspects fraud

55

Federal Prepaid Access Rules and Regulations

• Bank Secrecy Act and its implementing regulations, 31 C.F.R. Chapter X, are

designed to deter, detect, and prevent money laundering and terrorist financing ― Closed-loop and open-loop gift card programs are covered

• Is the company a “provider of prepaid access”?

― A “provider of prepaid access” is “the participant within a prepaid program that agrees to serve as the principal conduit for access to information from its fellow program participants.” 31 C.F .R. § 1010.100(ff)(4). ― A “prepaid program” is “an arrangement under which one or more persons acting together provide(s) prepaid access.” 31 C.F .R. § 1010.100(ff)(4)(iii).

56

What is a “gift card program?”

• A gift card program is not a prepaid program if:

― “(A) [i]t provides closed loop prepaid access to funds not to exceed $2,000 maximum value that can be associated with a prepaid access device or vehicle on any day; [or] … ― (D)(1) … (ii) [f]unds not to exceed $1,000 maximum value and from which no more than $1,000 maximum value can be initially or subsequently loaded, used, or withdrawn on any day through a device or vehicle; and ― (2) [i]t does not permit: (i) f]unds or value to be transmitted internationally; (ii) [t]ransfers between or among users of prepaid access within a prepaid program; or (iii) [l]oading additional funds or the value of funds from non- depository sources.”

57

What is a “seller of prepaid access?”

• A “seller of prepaid access” is “[a]ny person or business that receives funds or

the value of funds in exchange for an initial loading or subsequent loading of prepaid access if that person: ― (i) [s]ells prepaid access offered under a prepaid program that can be used before verification of customer identification under [Section] 1022.210(d)(1)(iv) [of the BSA Regulations]; or ― (ii) [s]ells prepaid access (including closed loop prepaid access) to funds that exceed $10,000 to any person during any one day, and has not implemented policies and procedures reasonably adapted to prevent such a sale.” 31 C.F .R. § 1010.100(ff)(7).

58