Top 10 Litigation Risks and Trends for Retailers

by Perkins Coie

Perkins Coie

With the 2016 holiday shopping season in full swing, the risk of litigation heightens for retailers. We created our own version of a “holiday list” to identify the top-10 risk areas where retailers may be vulnerable to claims and lawsuits.

1. Strike Through Advertising/Pricing

We all love a bargain! Getting a cool, must-have gift previously priced at $99 for $49 is exciting. But was the product ever really offered at $99? Where? And for how long? A host of federal, state and local laws prohibit deceptive pricing, including 5(a) of the FTC Act, which prohibits “unfair or deceptive acts or practices affecting commerce,” FTC Guides Against Deceptive Pricing, 16 CFR §§ 233.1 – 233.5 and New York G.B.L. §§ 349 and 350. 

In 2016, failure to adhere to pricing rules landed online retailers, off-price department stores and luxury brand outlet stores in serious trouble with class action plaintiffs, and the suits have exacted hefty settlements, including from JC Penney ($50 million) and Justice ($50.8 million).

Do Now: Carefully review your company’s pricing procedures to ensure compliance with federal, state and local laws, train your staff and keep good records to help keep the class action lawyers—and the FTC—at bay.

2. Native Advertising

Native advertising, also known as “sponsored content,” is advertising designed to mimic a website/social media’s editorial look and feel. In December 2015, the FTC issued Native Advertising Guidelines, which provide a detailed list of do’s and don’ts to ensure that consumers are not misled into viewing ad content that is disguised as editorial or other non-advertising content. 

In its first enforcement action since issuing the guidelines, in March 2016, the FTC secured a 20-year consent decree from Lord & Taylor for allegedly crossing the line with its native advertising efforts to promote a new house-brand called Design Lab. In its complaint, the FTC claimed that Lord & Taylor paid Nylon Magazine to run what appeared to be an editorial praising a Design Lab dress, but failed to disclose that Lord & Taylor paid for the article and approved its content. In addition, the complaint also alleged that Lord & Taylor contracted with 50 fashion “influencers,” fashionistas with huge social media followings, to publish Instagram posts of themselves wearing a specific dress that Lord & Taylor gave to them for free. Lord & Taylor paid each influencer between $1,000 and $4,000 for the posts, required that they use the #DesignLab hashtag and @lordandtaylor Instagram user designation, and pre-approved the posts to be published over a specific weekend in March. Notably, the posts failed to disclose that they were part of an ad campaign, that the dress was comped and that the influencers had been paid. 

Similarly, the National Advertising Division (NAD) jumped into the native advertising fray this year when it slammed Joyus, Inc., an online shopping site, for not disclosing a commercial partnership with People magazine. The magazine’s editors selected hot, trendy clothing and accessories to feature in what appeared to be editorial links in its Style Watch/Stuff We Love section, but when consumers clicked on links to the items, and on links to a “watch” feature, they were transported to the Joyus website where the items were offered for sale. Although the NAD acknowledged that the Joyus site was clearly a commercial shopping site, it determined that the Stuff We Love link itself, as well as the links to the Joyus website, were impermissible “door openers” that did not disclose to consumers that they were commercial shopping sites.

Do Now: Make sure that you clearly and conspicuously label promotional content as advertising, and beware of door openers that fail to disclose that linked content is actually advertising.

3. Trademark Infringement/Enforcement

Protecting your company’s valuable trademarks through litigation just became a bit more cost effective. Under the Lanham Act, “[t]he court in exceptional cases may award reasonable attorney fees to the prevailing party.” 15 U.S.C. § 1117(a). The U.S. Court of Appeals for the Ninth Circuit recently joined the Third, Fourth, Fifth and Sixth Circuits in relaxing the standards that determine whether a case is “exceptional.” Under the old rule, a plaintiff had to prove, by clear and convincing evidence, that the infringement was “malicious, fraudulent, deliberate or willful.” See e.g. Gracie v. Gracie, 217 F.3d 1060, 1068 (9th Cir. 2000). But on October 24, 2016, the court ruled that an exceptional case “is simply one that stands out from others with respect to the substantive strength of a party’s litigating position (considering both the governing law and the facts of the case) or the unreasonable manner in which the case was litigated.” The court also changed the burden of proof from clear and convincing evidence to a preponderance of the evidence. See SunEarth, Inc. v. Sun Earth Solar Power Co., Ltd., No. 13-17622, slip op. (9th Cir. Oct. 24, 2016) applying to the Lanham Act the Supreme Court’s test for exceptional cases under the Patent Act in Octane Fitness LLC v. ICON Health & Fitness, Inc., 134 S. Ct. 1749, 1756 (2014).

Do Now: Protect your company’s trademark(s), taking extra care in the current environment of increased claims for attorneys’ fees awards in patent cases after Octane. We expect this trend to hold true for trademark cases as well.

4. Cyber-Ransom/Cyber-Insurance

We have seen an 800% increase in the number of cyber-ransom attacks against retailers this year, and we expect that number to jump this holiday season. In a cyber-ransom attack, hackers break into your company’s network, hijack critical data and threaten to destroy it if a hefty ransom is not paid within a short period of time. They could also shut down your website until the ransom is paid. One critical line of defense against these attacks—in addition to having a robust off-site data backup plan—is ensuring that you have a negotiated, tailored cyber-insurance policy in place. Insurance carriers may tell you that that their “off the shelf” policies are not negotiable, but the reality is that almost everything is negotiable. Accept nothing less than a broad, detailed cyber-insurance policy to help avoid litigation against your insurance carrier after a cyber-ransom attack—just the time when you need coverage the most.

Do Now: Have a plan. Ensure your data backup plan and cyber-insurance policy are in place.

5. New Jersey Truth in Consumer Contract, Warranty and Notice Act (TCCWNA), NJSA § 56:12-14

In 2016, we saw a tremendous spike in class action cases against retailers relating to the terms and conditions on their websites, even though the statute under which the suits are brought was enacted 35 years ago, long before the internet was commonplace.

TCCWNA prohibits sellers of products and services from including terms in any written consumer contract, warranty, notice or sign that (1) “violate [] any clearly established legal right of a consumer” under New Jersey or federal law or (2) state that certain provisions are unenforceable in some jurisdictions (e.g., “void where prohibited”) without specifying which provisions are unenforceable in New Jersey except in the context of a warranty. It provides for a $100 minimum “civil penalty” per violation, actual damages, or both at the election of the consumer, plus attorneys’ fees, costs and injunctive relief. Plaintiffs have sued over website terms and conditions, including savings clauses (terms may be void in certain jurisdictions); disclaimers of liability for the company’s own conduct, third-party conduct and specific types of damages (e.g. punitive); caps on damages; and arbitration clauses with a class action waiver.

The good news is that in the last few weeks, three district courts (two in New Jersey and one in California) have granted motions to dismiss these complaints, primarily on Article III standing grounds for failure to plead particularized injury-in-fact, citing Spokeo, Inc. v. Robins, 136 S.Ct. 1540 (2016). At least one of the rulings has been appealed. If more of these complaints are bounced at the early stages, we expect plaintiffs’ lawyers may well move to the next shiny new statute to exploit. 

Do Now: Review website terms and conditions.

6. “Made in the U.S.A.” Claims

There has also been an increase in class actions over “Made in the U.S.A.” claims, and judges are pushing back on settlements that don’t adequately address the harm done to consumers. For example, the litigants in Hoffman v. Dutch LLC had to appear before a judge in the U.S. District Court for the Southern District of California three times to pitch a proposed settlement, each time with an increased offering. The suit alleged that Dutch falsely advertised its Current/Elliott brand of jeans on its website as being made in the U.S., even though they used foreign zipper assemblies, buttons, fabric and thread.

Retailers must use the “Made in the U.S.A.” label with caution, and they must ensure compliance with both the FTC’s standards and, if they sell goods to California residents, with California’s standards. Of course, those standards are not the same. Per the FTC, any product that is advertised, promoted or labeled as “Made in the USA,” “Manufactured in USA,” “USA,” “Made in America” etc. without qualifiers must (1) be “all or virtually all” made, manufactured and sourced in the United States; (2) have a “reasonable basis” for the claim, based on “competent and reliable evidence” and (3) be finally assembled or processed in the United States.

In contrast, any merchandise sold into California pursuant to Cal. Bus. Prof. Code § 17533.7 must have at least 95% of the final wholesale value of the product made of U.S. articles, units or parts; or at least 90% of the final wholesale value made of U.S. articles, units or parts, if the company is unable to produce or obtain it within the U.S. for reasons other than cost.

Do Now: Ensure your “Made in the U.S.A.” claim is valid and in compliance. 

7. Human Trafficking/Slavery Disclosures

We have seen a spike in legislative and enforcement efforts specifically focused on ridding company supply chains of products tainted by coerced labor. The first two of the “big three” (namely, the U.K. Modern Slavery Act and the Federal Acquisition Regulations Anti-Trafficking Provisions), both issued last year, place affirmative obligations on most larger businesses to evaluate the risk associated with, and disclose steps taken to end, suspected human trafficking or coerced labor in their supply chains. Further, the enforcers have indicated their intent to continue to pursue companies who do not comply with the California Transparency in Supply Chains Act’s disclosure regimes.

The costs for noncompliance with these laws are great, ranging from brand-damaging consumer advocacy and nongovernmental organization (NGO) group pressures to costly class action lawsuits and criminal prosecution. By way of example, a number of class actions have been filed based on theories that companies’ mandatory disclosures concerning consumer goods, including shrimp, cocoa and cat food were incomplete or inaccurate. Moreover, advocacy groups, complaining about what they consider to be the poor level of compliance in the retail and wholesale food sectors, have waged campaigns to “out” businesses who have failed to comply with the California Act. The campaigns have generated significant negative-PR and potential loss of revenue from angry consumers.

Do Now: Check your supply chain for products tainted by forced or child labor.

8. Credit Card Truncation Laws

The Fair Credit Reporting Act (FCRA) and the Fair and Accurate Credit Transactions Act (FACTA) limit the number of credit card digits that retailers can print on receipts, and they allow for penalties of between $100 and $1,000 per violation, plus attorneys’ fees and costs. 

Many retailers have been hit with suits claiming that they have printed too many credit card digits on store receipts. However, last month, one retailer successfully had a suit tossed based on the U.S. Supreme Court’s Spokeo decision, which held that plaintiffs cannot rely on mere statutory violations to establish Article III standing, but rather, must show concrete injury. In Kamal v. J. Crew Group, Inc., the district judge ruled that since the plaintiff presented no evidence that a third party accessed, attempted to access or will access the plaintiff’s credit card information, the plaintiff had not alleged an actionable injury.

Do Now: Double check your receipts and make sure you’re truncating account information.

9. ADA Website Accessibility

While the Americans with Disabilities Act and caselaw have not conclusively settled the issue of whether a retailer's e-commerce site is definitively part of a physical "place of public accommodation" requiring ADA compliance, advocates have garnered the courts' and the DOJ's support to extend the ADA's reach to websites and mobile applications that offer and sell goods or services to the public. 

A significant number of our retail clients have received demand letters from various plaintiffs’ firms demanding compliance with Web Content Accessibility Guidelines 2.0 at Levels A and AA, a highly technical set of standards that ensure anyone using common assistive technology has access to the web content. This is also the standard the DOJ puts in its own settlement agreements.

Do Now: Be aware of this developing compliance issue.   

10. Toxic Chemical Compliance

Although California’s Prop 65 warning compliance remains a reliable source of litigation in California, it is not the only chemical compliance statute that can trip up retailers who also manufacture their own goods. A State of Washington statute—the Children’s Safe Product Act, (RCW Chapter 70.240)—requires that manufacturers of children’s (anyone 12 or younger) products (clothes, toys, car seats, grooming products—anything essentially that a child uses, wears or touches), must report to the State of Washington if their product contains “chemicals of high priority.” The state lists several dozen high-priority chemicals, which means that manufacturers of children’s products sold in Washington must test their products to understand whether they must report or not. Failure to report can result in civil penalties from the state, accompanied by a press release.

Do Now: Take chemical compliance seriously. It will differ from state to state, so double check your product(s) meet the standards.

We distilled this partial list of litigation risks and trends from our Retail Risk Assessment Checklist, which includes additional topics of interest. For a retail risk assessment or more information about retailers’ risks, please contact experienced counsel.  

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Perkins Coie | Attorney Advertising

Written by:

Perkins Coie

Perkins Coie on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.