As reported on Hunton’s Privacy and Information Security Law blog, on June 28, 2018, the Governor of California signed AB 375, the California Consumer Privacy Act of 2018 (the “Act”). The Act introduces key privacy requirements for businesses, and was passed quickly by California lawmakers in an effort to remove a ballot initiative of the same name from the November 6, 2018, statewide ballot. We previously reported on the relevant ballot initiative. The Act will take effect January 1, 2020. Continue Reading California Consumer Privacy Act Signed, Introduces Key Privacy Requirements for Businesses
Oregon’s Fair Work Week Act (also known as Oregon’s predictive scheduling law) (the “Act”) is proceeding full speed ahead and will add significant challenges and costs for retailers. The majority of the Act goes into effect on July 1, 2018. Following similar ordinances regulating employee hours passed at municipal levels in Emeryville, California; New York City; San Francisco; San Jose; Seattle; and Washington, D.C., Oregon becomes the latest jurisdiction and the first state to enact a predictive scheduling law. Continue Reading Oregon Becomes Latest Jurisdiction and First State to Enact Predictive Scheduling Law
Since the United States Supreme Court’s decisions in Goodyear Dunlop Tires Operations, S.A. v. Brown, 564 U.S. 915 (2011) and Daimler AG v. Bauman, 134 S. Ct. 746 (2014)—and particularly in light of the Court’s more recent decisions in Bristol-Myers Squibb Co. v. Superior Court, 137 S. Ct. 1773 (2017) and BNSF Ry. Co. v. Tyrrell, 137 S. Ct. 1549 (2017)—courts across the country have applied a more exacting standard for assessing whether defendants can be subject to general personal jurisdiction in a particular forum. Under this standard, a plaintiff must demonstrate that the defendant’s contacts with the forum are so continuous and systematic as to render it “essentially at home” there. In most instances, a company is “essentially at home” only in the state where it is incorporated and the state where it operates its principal place of business. This has been a largely positive result for companies in the retail product industry that may have strategic incentive to avoid becoming subject to “all purpose” general personal jurisdiction in each state in which their products are sold. Continue Reading Challenging the Consent-Based Theory of General Personal Jurisdiction in Pennsylvania
This past week, several consumer actions made headlines that affect the retail industry.
FTC Crack Down on “American Made” Marketing Claims Continues in Settlement with Bollman Hat Company
The FTC announced a settlement in the third case in the last 12 months involving deceptive “Made in USA” claims. Here, the FTC alleged that the Bollman Hat Company and its subsidiary deceived consumers with marketing campaign slogans of “Made In USA,” “American Made Matters,” and “Choose American” for its hats and third-party products, despite more than 70 percent of their hat styles being wholly imported finished products. The FTC also alleged that Bollman launched an “American Made Matters” seal campaign in 2010 that misled consumers in which and how many products Bollman and the companies that leased the seal were actually made in America. Continue Reading Consumer Protection in Retail: Weekly Roundup
On October 23, 2017, the Federal Trade Commission issued a policy enforcement statement providing additional guidance on the applicability of the Children’s Online Privacy Protection Rule (“COPPA Rule”) to the collection of children’s audio voice recordings. The FTC previously updated the COPPA Rule in 2013, adding voice recordings to the definition of personal information, which led to questions about how the COPPA Rule would be enforced against organizations who collect a child’s voice recording for the sole purpose of issuing a command or request. Continue Reading FTC Issues Policy Statement on COPPA and Voice Recordings
On September 5, 2017, the FTC announced that Lenovo, Inc. (“Lenovo”) agreed to settle charges that its preloaded software on some laptop computers compromised online security protections in order to deliver advertisements to consumers. The settlement agreement (the “Settlement”) is between Lenovo, the FTC and 32 State Attorneys General. Continue Reading FTC Announces Settlement with Lenovo Regarding Preinstalled Laptop Software
On August 7, 2017, the FTC announced that it obtained a court order temporarily halting an online marketing scheme that deceptively lured shoppers into expensive negative option plans. The FTC alleged in its complaint that defendants used initial low-cost “trial” offers to hook consumers into expensive monthly shipments for tooth-whitening products without properly disclosing the terms and conditions of the deal or properly obtaining their consent. Continue Reading FTC Continues Crackdown on Misleading Online Marketing Tactics
Recently, the United States Court of Appeals for the Second Circuit affirmed the district court’s finding in Reyes v. Lincoln Automotive Financial Services that a customer could not revoke prior express consent for purposes of the Telephone Consumer Protection Act (“TCPA”) if that consent was provided as consideration in a binding contract. In a ruling that departs from two other circuit decisions, Gager v. Dell Fin. Servs., LLC, 727 F.3d 265 (3d Cir. 2013) and Osorio v. State Farm Bank F.S.B., 746 F.3d 1242 (11th Cir. 2014), the Second Circuit held that bargained-for written consent cannot be unilaterally withdrawn by a consumer.
As reported on Hunton’s Privacy and Information Security Law blog, on June 21, 2017, the Federal Trade Commission updated its guidance, Six-Step Compliance Plan for Your Business, for complying with the Children’s Online Privacy Protection Act (“COPPA”). The FTC enforces the COPPA Rule, which sets requirements regarding children’s privacy and safety online. The updated guidance adds new information on situations where COPPA applies and steps to take for compliance. Continue Reading FTC Releases Guidance on COPPA Compliance
On June 1, 2017, the new Cybersecurity Law went into effect in China. This post takes stock of (1) which measures have been passed so far, (2) which ones go into effect on June 1 and (3) which ones are in progress but have yet to be promulgated. Continue Reading Cybersecurity Law Goes Into Effect in China