InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Federal District Court Enforces Arbitration Clause Included in Clickwrap Terms
On March 26, the U.S. District Court for the Northern District of Illinois required arbitration of a dispute regarding alleged overcharging by an Internet service provider (ISP) because the consumer had agreed to an arbitration provision included in the ISP’s clickwrap terms of service. Sherman v. AT&T Inc., No. 11-C-5857, 2012 WL 1021823 (N.D.Ill. Mar. 26, 2012). The court held that the plaintiff’s assent to the terms during the online activation process constituted acceptance of those terms, regardless of when he believed the contract was formed. To activate his Internet service, the plaintiff was required to confirm through an online process that he had read and agreed to the ISP’s terms of service. The activation and confirmation page included a link to the terms of service, which included an agreement to arbitrate all disputes. The plaintiff argued (i) that his contract with the ISP was formed during a phone call with an ISP customer service agent pursuant to which he ordered the service, prior to the online activation process, and therefore the terms of service do not apply, and (ii) the terms were not expressly incorporated into the broader conditions of his contract and were procedurally unconscionable. The district court granted the ISP’s motion to compel arbitration of the plaintiff’s allegation (made on behalf of a putative class) that the ISP systematically overcharged consumers for residential Internet service by advertising promotional plans while actually charging standard rates.. The court reasoned that vendors may enclose the full legal terms with their products rather than reciting them prior to purchase, for practical purposes, even if the full terms are not delivered until after the consumer’s order and payment. The court also held that the terms were not procedurally unconscionable, as they were not difficult to find, read or understand, and the plaintiff had a full and fair opportunity to review the terms prior to activation.
New York State Court Refuses to Enforce Website's Forum Selection Clause
On March 20, New York’s District Court of Nassau County refused to enforce a forum selection clause because the defendant did not make an affirmative effort to reasonably communicate that key term to the other party or otherwise do enough to ensure the clause became a part of the parties’ contract. Jerez v. JD Closeouts, LLC, No. CV-024727-11, 2012 WL 934390 (N.Y. Dist. Ct. Mar. 20, 2012). The plaintiff filed suit alleging that products ordered over the Internet following an e-mail solicitation from the defendant were defective. The defendant moved to dismiss, arguing that a forum selection clause in the parties’ contract required that the dispute be heard in a Florida state court. The court found that the forum selection clause was not reasonably communicated through any of a printed contract, a confirming letter agreement incorporating provisions from the website by reference, or a click-through acceptance. Rather, the court found, the clause was included in terms and conditions “buried” and “submerged” on the defendant’s website, on a page “that could only be found by clicking on an inconspicuous link to the company’s ‘About Us’ page.” The court denied the defendant’s motion to dismiss.
Washington Federal Court Allows Data Privacy Case Against IMDb to Proceed
On March 28, the U.S. District Court for the Western District of Washington held that actress Huong Hoang’s lawsuit against website IMDb.com pled sufficient facts to move forward on her breach of contract and Washington Consumer Protection Act claims, based in part on the website’s privacy policy. Hoang v. Amazon.com, Inc., No. C11-1709MJP (W.D. Wash. Mar. 28, 2012). IMDb, a subsidiary of Amazon, moved to dismiss Ms. Hoang’s four claims. Although two claims were dismissed, the court found that the defendant did not show that Ms. Hoang gave IMDb permission to use her information provided when subscribing to the website to search public records for additional information about her. Plaintiff pointed to a statement in the IMDb privacy policy that it would “carefully and sensibly” manage how information about customers is used and shared, and that “[y]ou can choose not to provide certain information….” Plaintiff alleges that IMDb used the personal information she provided, including credit card information, to locate her date of birth, among other things. Ms. Hoang alleged that IMDb then added her date of birth and age to its website, causing her to lose roles and decrease her earnings. Defendant’s motion to dismiss the remaining claims was denied.
WSJ's Price-Change Clause Allows Company to Spin Off Barron's with Additional Charges
On March 12, the U.S. District Court for the Southern District of New York ruled that Dow Jones & Company Inc. did not engage in unfair business practices or breach its contract with customers when it spun off Barron’s and added an additional fee for continued access to the publication. Lebowitz v. Dow Jones & Co. Inc., No. 06-2198, 2012 WL 795525 (S.D.N.Y. Mar. 12, 2012). The Wall Street Journal Online subscriber agreement stated that Dow Jones could change or add charges by giving its customers advance notice. Dow Jones notified customers in December 2005 that as of January 2006 it would charge separately for online access to the Wall Street Journal and Barron’s, thereby requiring existing customers to pay an additional fee for access to both. Dow Jones announced the change using pop-ups on its Wall Street Journal and Barron’s sites, which the court held was sufficient notice under the contract. The court also held that Dow Jones’s right change the price did not make the contract illusory.
Facebook's Forum-Selection Clause Enforceable Against Plaintiff Minors
On March 8, the U.S. District Court for the Southern District of Illinois ruled that minors who used Facebook are bound by the forum-selection clause contained in the website’s terms of service, to which they agreed when they signed up for Facebook. E.K.D. v. Facebook Inc., No. 11-461 (S.D. Ill. Mar. 8, 2012). The plaintiffs, a group of minors suing Facebook for improperly using their images in advertising, argued that because they were minors when they signed up, the forum selection clause could not be enforced. The court rejected this argument, holding that under California contract law the minor plaintiffs could not void the forum selection because they continued to use and benefit from Facebook after agreeing to the terms of service. The court further held that transferring the case to the Northern District of California would not unduly burden the plaintiffs and was permitted by 28 U.S.C § 1404.
FRB Releases Study on Use of Mobile Financial Services
On March 14, the Federal Rserve Board (FRB) released the results of a survey on the use of mobile financial services in the U.S. The findings, as summarized in the FRB release and report, include: (i) one in five Americans with mobile phones used their mobile phone to access financial accounts last year; (ii) mobile banking is poised to expand further over the next year, with usage possibly increasing to one in three mobile phone users by 2013, (iii) mobile banking use is highly correlated with age, (iv) underbanked consumers were relatively heavy users of mobile services, and widening use of mobile technology can expand access to financial servicers for underserved populations, (v) reviewing account balances was the most common activity, followed by account transfers, and (vi) consumers with mobile devices that do not use mobile banking cited either a lack of need or security concerns.
Ohio Enacts Cyber Fraud Enforcement Legislation
On March 9, Ohio Governor Kasich signed SB 223, which will give the Ohio Attorney General the authority investigate suspected cyber fraud cases, and to subpoena phone records, IP addresses, payment information, and witness testimony when the AG has reasonable cause to believe that a person or enterprise has engaged in, is engaging in, or is preparing to engage violations of state cyber fraud laws. The bill also alters the thresholds for determining the severity of cyber fraud charges, creating a new charge of first degree felony for frauds involving $1 million or more. The changes will take effect on June 7, 2012.
First Circuit Upholds Dismissal of Claims Against Third-Party for Failure to Protect Personal Information
On February 28, the U.S. Court of Appeals for the First Circuit upheld the dismissal of a putative class action brought against a securities clearing company for alleged failures to protect certain personal information. Katz v. Pershing, LLC, No. 11-1983, 2012 WL 612793 (1st Cir. Feb. 28, 2012). In this case, the plaintiff was the customer of a brokerage firm that used defendant Pershing LLC’s online clearing system, but the customer had no direct relationship with the defendant. The plaintiff alleged that Pershing had contractual and statutory obligations to encrypt and protect the personal information of brokerage firm customers. Specifically, the plaintiff alleged various contract claims, including one that Pershing’s failures constituted a breach of its contract with the brokerage. She also claimed that Pershing violated Massachusetts consumer protection laws. The First Circuit upheld the district court’s dismissal, holding that the agreement between the brokerage and the defendant clearing firm did not confer any benefits on the plaintiff – the brokerage’s customer. The court stated that the separate contractual agreements between the plaintiff and her brokerage on the one hand, and between the brokerage and the defendant clearing firm on the other, could not be mixed and matched. The court also held, with regard to claims that Pershing violated the state data protection law, that plaintiff’s claims of potential harm from unprotected data were purely theoretical and “simply do[] not rise to the level of a reasonably impending threat.” As such plaintiff lacked standing to bring the statutory claims. Because the court found that the plaintiff lacked standing, it did not reach the issue of whether the Massachusetts data privacy law provides a private right of action.
SEC and CFTC Propose Rules Regarding Detecting Identity Theft
On February 28, the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC, together with the SEC, the Commissions) jointly issued proposed rules that would require entities subject to the Commissions’ jurisdiction to address identity theft in two ways: (i) financial institutions and creditors would be required to develop and implement a written identity theft prevention program designed to detect, prevent, and mitigate identify theft with either certain existing accounts or opening new accounts, and (ii) credit and debit card issuers subject to the Commissions’ jurisdiction would be required to assess the validity of change-of-address notifications under certain circumstances. Section 1088 of the Dodd-Frank Act transferred authority over certain parts of the Fair Credit Reporting Act from the Federal Trade Commission to the Commissions for entities they regulate. The Commissions’ proposed rules are substantially similar to rules adopted in 2007 by the FTC and other federal financial regulatory agencies that previously were required to adopt such rules. The proposed rules set out the four elements that regulated entities would be required to include in their identify theft prevention programs: (i) identify relevant red flags, (ii) detect the occurrence of red flags, (iii) respond appropriately to the detected red flags, and (iv) periodically update the program to reflect changes in risks to customers or to the safety and soundness of the financial institution or creditor from identity theft. The Commissions issued jointly proposed guidelines in an appendix to the proposed rules to assist regulated entities in formulating and maintaining a Program that would satisfy the proposed rule requirements. The Commissions are accepting comments on the proposal through May 7, 2012.
Federal Court Holds Combination of Clickwrap Agreement and 30-Day Right to Cancel Letter Made Arbitration Clause Clear to User
Recently, the U.S. District Court for the District of Colorado held that a clickwrap agreement combined with a follow up thirty-day right to cancel letter presented users with an arbitration clause in a reasonably conspicuous manner. Grosvenor v. Qwest Corp., No. 09-02848, 2012 WL 602655 (D. Colo. Feb. 23, 2012). The plaintiff brought suit against his internet service provider (ISP), Qwest Corporation, claiming that Qwest violated a lifetime price guarantee for the service. Qwest moved to compel arbitration. The court held that although the terms were not presented in the clearest manner, they were sufficiently conspicuous and provided an opportunity for a reasonable user to review them. The installation software provided to the plaintiff specifically mentioned the existence of an arbitration clause, directed the plaintiff to the ISP's website to review the agreement, and required that the plaintiff accept the terms before installing the software. The court raised concerns that once directed to the ISP website to review the arbitration terms, the plaintiff was required to click through two pages to find the terms. Despite this, the court stated that, as a matter of law, the multiple clicks requirement does not prevent contractual formation. Moreover, a follow up "Welcome Letter" sent to the plaintiff by the ISP again identified the arbitration clause and provided plaintiff with an opportunity to cancel the service within thirty days. The court decline to determine whether either the clickwrap agreement or the letter would be sufficient on their own, but together they rendered the contractual terms sufficiently clear for a reasonable user. In the end, the court found the arbitration agreement unenforceable on other grounds.