TCCWNA. The very acronym evokes head scratches and sighs of angst and frustration among many lawyers in the retail industry. You have probably heard about it. You may have even been warned about it. And you may currently be trying to figure out how best to minimize your risk and exposure this very moment. But what is it and why has virtually every retailer been hit with a TCCWNA class action demand letter or lawsuit in the past few months? And why are most retailers scrambling to update the terms and conditions of their websites?
The TCCWNA
As reported on the Hunton Retail Law Resource blog, the New Jersey Truth-in-Consumer Contract Warranty and Notice Act (“TCCWNA”) was passed in 1981 to protect consumers from allegedly deceptive practices in consumer contracts, warranties, notices and signs. In an often-quoted passage, the New Jersey legislature explained its rationale for the TCCWNA as follows:
Far too many consumer contracts, warranties, notices and signs contain provisions which clearly violate the rights of consumers. Even though these provisions are legally invalid or unenforceable, their very inclusion in a contract, warranty, notice or sign deceives a consumer into thinking that they are enforceable and for this reason the consumer often fails to enforce his rights.
To that end, Section 15 generally prohibits retailers from offering or displaying any provision that violates a clearly established right to any actual or prospective consumer in a consumer contract, warranty, notice or sign. Section 16 generally prohibits retailers from including language stating that any such provision is or may be void, unenforceable or inapplicable in “some jurisdictions” without specifically stating whether it is in New Jersey or not.
For nearly thirty years, TCCWNA was used sparingly by plaintiffs, who often brought TCCWNA claims only as a tack-on to claims brought under New Jersey’s notorious Consumer Fraud Act (“CFA”). But, in the past five or six years, things have changed. Indeed, as the following graphic by the New Jersey Civil Justice Institute (“NJCJI”) illustrates, the frequency of TCCWNA cases spiked sharply in 2009 and has been on the rise ever since:
While many attorneys have spent a great deal of time trying to figure out why TCCWNA cases have increased exponentially in recent years, the primary causes appear to be the following:
- a series of judicial decisions that have led the plaintiffs’ bar to believe that TCCWNA claims are now even more plaintiff-friendly and more susceptible to class certification than CFA claims;
- the TCCWNA’s potential applicability to “prospective” customers, not just actual customers, thereby potentially expanding the pool of interested plaintiffs and the scope of potential liability to customers who did not make a purchase and with no discernible injury; and
- the availability of statutory damages of $100 per customer as well as attorney’s fees and costs under the TCCWNA, which could expose companies to enormous liability.
The original wave of TCCWNA cases focused on the terms and conditions in a variety of alleged consumer contracts, warranties, notices and signs, including restaurant menus, advertising materials, gift cards and all manner of contracts and written materials.
In the past six months, however, the NJCJI has noted that an “unprecedented” number of TCCWNA cases have targeted the terms and conditions of retailers’ websites, largely because the plaintiffs’ bar now views this type of class action as “a quick ticket to jackpot justice.” As a result, a wide variety of terms and conditions commonly found on many retailers’ websites, including exculpatory, indemnification, choice of law, severability, savings, privacy and limitation of liability provisions, have been coming under increasing scrutiny. Indeed, most of the major retailers – at least two dozen -- have already been targeted with such lawsuits, and many more have received pre-lawsuit demand letters. Since most retail websites use the same or similar language in their website terms and conditions, there is an almost endless pool of potential targets for enterprising plaintiffs’ attorneys. In other words, if you are a retailer who has so far avoided being targeted with a TCCWNA demand letter or lawsuit, it may just be a matter of time.
For retailers grappling with such TCCWNA issues, there is currently a considerable amount of uncertainty. The courts have not yet had the opportunity to provide clear guidance, making it difficult to assess the potential viability of plaintiffs’ claims, and the potential liability is significant. As a result, retailers have reacted in different ways to the recent wave of TCCWNA demand letters and class action lawsuits targeting their websites. Some have settled out early on an individual basis. Others have moved to compel arbitration or to strike class allegations, and others have filed motions to dismiss that have raised a variety of arguments, including the applicability of the U.S. Supreme Court’s recent Spokeo decision and arguments that the TCCWNA does not apply to commercial websites by its terms or to the provisions contained therein for a variety of reasons.
We expect that some initial clarity will be forthcoming in the next six months as the initial wave of motions to dismiss in the commercial website cases are ruled upon. But, ultimately, this will likely be an issue that will need to be resolved by appellate courts down the road. In the interim, plaintiffs’ attorneys will continue to file more “copycat” TCCWNA class action lawsuits in the belief that the best way to achieve jackpot justice is to collect as many lottery tickets as possible.
In the meantime, what is a retailer to do to minimize its risk and exposure?
What Should I Do?
- Compliance Review – Every retailer should undertake a thorough review of its website terms and conditions, as well as any other terms contained in written materials displayed to consumers as soon as possible. From a cost-benefit perspective, the effort and cost associated with ensuring that your website and other written materials comply with TCCWNA is relatively minimal compared to the potential cost associated with facing a TCCWNA class action lawsuit where every customer could potentially be entitled to $100 in statutory damages. For example, a simple review and slight modification of website terms and conditions, if necessary, may allow retailers to avoid becoming the next target and save them from a lot of headaches down the road.
- Support Lobbying Efforts – A lobbying effort has also recently been launched to help address the recent TCCWNA abuses. The Retail Industry Leaders Association and the NJCJI has led efforts to highlight these abuses and to help support efforts to lobby the New Jersey legislature to address the underlying issues.
- Take TCCWNA Demand Letters and Class Action Lawsuits Seriously – Some retailers may not initially take TCCWNA demand letters and class action lawsuits as seriously as they should, but the stakes are significant if a company is determined to be in violation. A few seemingly innocuous words or provisions on a commercial website, for example, could potentially translate into hundreds of millions of dollars in liability. Accordingly, retailers should treat a TCCWNA demand letter or class action lawsuit as seriously as any other major class action lawsuit presenting novel, complex issues with potentially significant liability, including hiring experienced, competent counsel and exploring insurance coverage issues early on.
Search
Recent Posts
Categories
- Behavioral Advertising
- Centre for Information Policy Leadership
- Children’s Privacy
- Cyber Insurance
- Cybersecurity
- Enforcement
- European Union
- Events
- FCRA
- Financial Privacy
- General
- Health Privacy
- Identity Theft
- Information Security
- International
- Marketing
- Multimedia Resources
- Online Privacy
- Security Breach
- U.S. Federal Law
- U.S. State Law
- Workplace Privacy
Tags
- Aaron Simpson
- Accountability
- Adequacy
- Advertisement
- Advertising
- American Privacy Rights Act
- Anna Pateraki
- Anonymization
- Anti-terrorism
- APEC
- Apple Inc.
- Argentina
- Arkansas
- Article 29 Working Party
- Artificial Intelligence
- Australia
- Austria
- Automated Decisionmaking
- Baltimore
- Bankruptcy
- Belgium
- Biden Administration
- Big Data
- Binding Corporate Rules
- Biometric Data
- Blockchain
- Bojana Bellamy
- Brazil
- Brexit
- British Columbia
- Brittany Bacon
- Brussels
- Business Associate Agreement
- BYOD
- California
- CAN-SPAM
- Canada
- Cayman Islands
- CCPA
- CCTV
- Chile
- China
- Chinese Taipei
- Christopher Graham
- CIPA
- Class Action
- Clinical Trial
- Cloud
- Cloud Computing
- CNIL
- Colombia
- Colorado
- Committee on Foreign Investment in the United States
- Commodity Futures Trading Commission
- Compliance
- Computer Fraud and Abuse Act
- Congress
- Connecticut
- Consent
- Consent Order
- Consumer Protection
- Cookies
- COPPA
- Coronavirus/COVID-19
- Council of Europe
- Council of the European Union
- Court of Justice of the European Union
- CPPA
- CPRA
- Credit Monitoring
- Credit Report
- Criminal Law
- Critical Infrastructure
- Croatia
- Cross-Border Data Flow
- Cyber Attack
- Cybersecurity
- Cybersecurity and Infrastructure Security Agency
- Data Brokers
- Data Controller
- Data Localization
- Data Privacy Framework
- Data Processor
- Data Protection Act
- Data Protection Authority
- Data Protection Impact Assessment
- Data Transfer
- David Dumont
- David Vladeck
- Delaware
- Denmark
- Department of Commerce
- Department of Health and Human Services
- Department of Homeland Security
- Department of Justice
- Department of the Treasury
- District of Columbia
- Do Not Call
- Do Not Track
- Dobbs
- Dodd-Frank Act
- DPIA
- E-Privacy
- E-Privacy Directive
- Ecuador
- Ed Tech
- Edith Ramirez
- Electronic Communications Privacy Act
- Electronic Privacy Information Center
- Elizabeth Denham
- Employee Monitoring
- Encryption
- ENISA
- EU Data Protection Directive
- EU Member States
- European Commission
- European Data Protection Board
- European Data Protection Supervisor
- European Parliament
- Facial Recognition Technology
- FACTA
- Fair Credit Reporting Act
- Fair Information Practice Principles
- Federal Aviation Administration
- Federal Bureau of Investigation
- Federal Communications Commission
- Federal Data Protection Act
- Federal Trade Commission
- FERC
- FinTech
- Florida
- Food and Drug Administration
- Foreign Intelligence Surveillance Act
- France
- Franchise
- Fred Cate
- Freedom of Information Act
- Freedom of Speech
- Fundamental Rights
- GDPR
- Geofencing
- Geolocation
- Georgia
- Germany
- Global Privacy Assembly
- Global Privacy Enforcement Network
- Gramm Leach Bliley Act
- Hacker
- Hawaii
- Health Data
- Health Information
- HIPAA
- HIPPA
- HITECH Act
- Hong Kong
- House of Representatives
- Hungary
- Illinois
- India
- Indiana
- Indonesia
- Information Commissioners Office
- Information Sharing
- Insurance Provider
- Internal Revenue Service
- International Association of Privacy Professionals
- International Commissioners Office
- Internet
- Internet of Things
- IP Address
- Ireland
- Israel
- Italy
- Jacob Kohnstamm
- Japan
- Jason Beach
- Jay Rockefeller
- Jenna Rode
- Jennifer Stoddart
- Jersey
- Jessica Rich
- John Delionado
- John Edwards
- Kentucky
- Korea
- Latin America
- Laura Leonard
- Law Enforcement
- Lawrence Strickling
- Legislation
- Liability
- Lisa Sotto
- Litigation
- Location-Based Services
- London
- Madrid Resolution
- Maine
- Malaysia
- Markus Heyder
- Maryland
- Massachusetts
- Meta
- Mexico
- Microsoft
- Minnesota
- Mobile App
- Mobile Device
- Montana
- Morocco
- MySpace
- Natascha Gerlach
- National Institute of Standards and Technology
- National Labor Relations Board
- National Science and Technology Council
- National Security
- National Security Agency
- National Telecommunications and Information Administration
- Nebraska
- NEDPA
- Netherlands
- Nevada
- New Hampshire
- New Jersey
- New Mexico
- New York
- New Zealand
- Nigeria
- Ninth Circuit
- North Carolina
- Norway
- Obama Administration
- OECD
- Office for Civil Rights
- Office of Foreign Assets Control
- Ohio
- Oklahoma
- Opt-In Consent
- Oregon
- Outsourcing
- Pakistan
- Parental Consent
- Payment Card
- PCI DSS
- Penalty
- Pennsylvania
- Personal Data
- Personal Health Information
- Personal Information
- Personally Identifiable Information
- Peru
- Philippines
- Phyllis Marcus
- Poland
- PRISM
- Privacy By Design
- Privacy Policy
- Privacy Rights
- Privacy Rule
- Privacy Shield
- Protected Health Information
- Ransomware
- Record Retention
- Red Flags Rule
- Regulation
- Rhode Island
- Richard Thomas
- Right to Be Forgotten
- Right to Privacy
- Risk-Based Approach
- Rosemary Jay
- Russia
- Safe Harbor
- Sanctions
- Schrems
- Scott H. Kimpel
- Scott Kimpel
- Securities and Exchange Commission
- Security Rule
- Senate
- Serbia
- Service Provider
- Singapore
- Smart Grid
- Smart Metering
- Social Media
- Social Security Number
- South Africa
- South Carolina
- South Dakota
- South Korea
- Spain
- Spyware
- Standard Contractual Clauses
- State Attorneys General
- Steven Haas
- Stick With Security Series
- Stored Communications Act
- Student Data
- Supreme Court
- Surveillance
- Sweden
- Switzerland
- Taiwan
- Targeted Advertising
- Telecommunications
- Telemarketing
- Telephone Consumer Protection Act
- Tennessee
- Terry McAuliffe
- Texas
- Text Message
- Thailand
- Transparency
- Transportation Security Administration
- Trump Administration
- United Arab Emirates
- United Kingdom
- United States
- Unmanned Aircraft Systems
- Uruguay
- Utah
- Vermont
- Video Privacy Protection Act
- Video Surveillance
- Virginia
- Viviane Reding
- Washington
- Whistleblowing
- Wireless Network
- Wiretap
- ZIP Code