Online retailers often learn information about a consumer that may be used by them to help identify other products, services, or companies that may be of interest to the consumer. For example, if a person purchases an airplane ticket to Washington DC, the person may want information about hotels, popular restaurants, or amenities at the airport.
Although online retailers often strive to provide recommendations quickly, and to make a consumer’s transition to a third party retailer seamless, the Restore Online Shoppers’ Confidence Act (“ROSCA”) generally prohibits one online merchant from transferring payment information (e.g., a credit card number) to a second online merchant. ROSCA also prohibits the second online merchant from charging a consumer’s payment card or financial account, unless the second online merchant has clearly and conspicuously disclosed to the consumer all material terms of the transaction and received the consumer’s express consent to the charge. The following provides a snapshot of information concerning ROSCA.
Amount spent per year by consumers online.1
Number of Federal Trade Commission enforcement actions initiated under ROSCA.2
Percentage of ROSCA cases that have been filed by the FTC in federal district court, as opposed to an administrative adjudication.3
Questions to consider when evaluating the data privacy issues involved in passing information between online retailers:
Is the third party offering a continuity program or membership? If so are the terms of the program clearly and conspicuously disclosed?
1. U.S. Census Bureau News, Quarterly retail E-Commerce Sales http://www2.census.gov/retail/releases/historical/ecomm/15q4.pdf. .
2. Enforcement actions reviewed as of January 2017.