Two More Reasons To Create Or Review Your Terms Of Use And Privacy Policy: Class Action Suits Based On New Jersey’s Consumer Protection Law And Delaware’s New Online Privacy Act

  • By:Larry Silverman
  • 0 Comment

4/19/2016

As urged in previous posts — “Are Your Website Terms & Conditions and Privacy Policy Compliant?” and “Why Does My Website Need Terms of Use and a Privacy Policy?,” any company conducting business online (which means just about everyone) should create “Terms of Use” and a “Privacy Policy” carefully crafted to the operations of your company. Moreover, even if you already have these legal terms, those policies should be carefully reviewed to insure that they comply with recent changes in the law. Two examples of such recent changes are discussed in this post.

New Jersey’s Consumer Protection Laws

Plaintiff’s class action lawyers have recently “discovered” New Jersey’s Truth-in-Consumer Contract, Warranty and Notice Act (the “TCCWNA”), N.J.S.A. § 56:12-14, et seq. The reasons for the popularity of consumer class actions predicated on the TCCWNA are readily obvious. First, the statute provides for statutory damages and attorneys’ fees to consumers even where actual financial loss or injury cannot be established. Second, there is no “exception” in the law for a seller’s good faith effort to comply with the statute. And third, the Act applies to consumers and “prospective” consumers.

The TCCWNA is a consumer protection statute that grants a private right of action if a seller’s writing, including online terms and conditions, contains language that violates any “clearly established legal right of a consumer or responsibility of a seller” under New Jersey or federal law. N.J.S.A. § 56:12-15. Importantly, as noted, the Act applies to both consumers and “prospective consumers” and, just as importantly, does not require a contractual relationship with the seller. Instead, the law only requires that the seller “offer” or “display” the offending provision. The New Jersey Supreme Court has made it clear that the Act extends to a commercial website’s “Terms of Use.” Shelton v. Restaurant.com, Inc., 214 N.J. 419, 441-42 (N.J. 2013). Since most, if not all, businesses have an online presence, and any retailer of any size (even those located outside of the state of New Jersey) are likely to reach customers located in New Jersey, the scope of the TCCWNA cannot be understated. Accordingly, language in a company’s “Terms of Use,” such as disclaimers and limitations of liability clauses, can subject that company to potential class action exposure, particularly since the New Jersey Supreme Court has made it clear that the Act “is a remedial statute, entitled to a broad interpretation.” Id.

One of the website clauses often targeted are limitations of liability provisions designed to hold the seller harmless from most damages incurred by the consumer. Class action lawyers have argued that such clauses violate the TCCWNA because they violate New Jersey law prohibiting such limitations. See Martinez-Santiago v. Public Storage, 38 F. Supp. 3d 500, 511 (D.N.J. 2014). Other provisions that have been the subject of class action suits include indemnity provisions and disclaimers, both of which are commonly used in online terms of use. To make matters worse, so-called savings clauses providing that a particular clause will not be effective if it is contrary to the law of the state in question are specifically barred by TCCWNA (N.J.S.A. § 56:12-16) so that use of such a savings clause itself may constitute a violation of the TCCWNA. Martinez-Santiago v. Public Storage, 38 F. Supp. 3d 500, 511 (D.N.J. 2014).

Fortunately, there are steps your company can take to lessen its risks of class action exposure predicated on this statute. A review or “audit” of your online “Terms” should be conducted. That review or “audit” should include:

  • a careful comparison between all of the New Jersey statutes aimed at protecting consumers and the specific limitations and requirements of your “Terms”
  • revisions to those “Terms” to make it clear which “Terms” apply to New Jersey residents
  • the inclusion of carefully written arbitration clauses with class action waivers to reduce the exposure to consumer class actions
  • review and revisions to the notice provisions of your “Terms” to make sure users affirmatively accept those “Terms”

Delaware’s Online Privacy And Protection Act (DOPPA)

The second recent change in the law that should lead your company to create or review its online legal policies is the passage of Delaware’s Online Privacy and Protection Act (DOPPA). Effective January 1, 2016, Delaware became the second state, joining California, to require operators of commercial websites that collect personally identifiable information to post online privacy policies. Prior to this Delaware Act, most privacy policies sought to comply with the California requirements, since California was the only state to require the posting of a “Privacy Policy.” Given that 40% of top selling mobile apps do not have a “Privacy Policy” at all and that a large percentage of existing policies may not comply with this new Delaware law, it is probably a good time for your company to create a “Privacy Policy” or audit and change its existing policy.

There appear to be three primary differences between the California and Delaware laws. First, while the California law protects “consumers” – that is, persons who purchase goods or services online – the Delaware law has a broader reach as it protects “users,” defined as any individual that uses an internet website, online or cloud computing service, online application, or mobile application. Second, the California law covers commercial websites or online services, while the new Delaware law also covers cloud computing services and mobile applications. Third, California defines the “Operators” to whom the law applies as any person or entity that owns a website or online service that collects and maintains personally identifiable information from consumers residing in California, while the Delaware law applies to any “person who owns an internet website, online or cloud computing service, online application, or mobile application” that collects personally identifiable information through the internet about users residing in Delaware.

Conclusion

This new Delaware law, together with the recent “discovery” by plaintiff’s class action laws of New Jersey’s Consumer Protection laws, should provide even more reasons for creating online “Terms” and a “Privacy Policy” tailored to your entity’s operations or, if you have such online policies, conducting an audit of such legal terms to maximize the likelihood that they comply with the numerous state and federal laws, regulations and cases governing the legality of such polices.

At Dickie McCamey, we have experience crafting “Terms of Use” and “Privacy Policies” that can lessen your risks of non-compliance. The cost of creating such policies, or reviewing and “auditing” your current policies, is a small price to pay to avoid the potential class action exposure, regulatory and other legal liability that can ensue from flawed or non-existent policies.

Posted in: Consumer Protection Law