Internet Rewards Program Class Action Survives Initial Motion to Dismiss — In re Easysaver Rewards

[Post by Venkat]

In re: Easysaver Rewards Litigation (S.D. Cal.) (Aug. 13, 2010)

Plaintiffs brought a class action lawsuit against Provide-Commerce (which operated The lawsuit alleged that effecting transactions on the Proflowers website resulted in plaintiffs being unwittingly enrolled in a rewards program and being charged credit card fees. The court denied the motion to dismiss brought by defendants.

Background: Provide operated At the time of completion of transactions on ProFlowers, consumers were offered a chance to enroll in a “rewards program” which was operated for Provide by Encore Marketing. Plaintiffs alleged that they were “unwittingly” enrolled in the program:

Plaintiffs allege that Provide leads customers to believe they will receive a complimentary $15.00 gift code to use on their next flower order as a thank you gift. After Plaintiffs completed the purchase of flowers on Provide’s website by providing their personal and payment information, ‘a window popped up that thanked Plaintiffs and Class Members for their order and offered a gift code for $15.00 off their next purchase at ProFlowers. The window also contained a link for Plaintiffs and Class Members to click on to claim the gift code.’ Plaintiffs contend the pop-up window is part of an intentionally misleading and deceptive scheme, jointly orchestrated by Provide and EMI.

The named plaintiffs all testified to slightly different experiences. Some closed the pop-up window and did not provide any personal information, others responded to the pop-up by clicking on “I accept” and entering their personal information. Ultimately, plaintiffs were unable to have the charges relating to the EasySaver program reversed, and brought a variety of claims against both Provide and Encore.


Breach of Contract Claims:

Provide first argued that the privacy policy is not “an actionable contract” but was instead a “general statement . . . of policy.” The court doesn’t treat this as a colorable argument, citing to the alleged user experience and plaintiffs’ reliance on the privacy policy and terms of use, which popped up every step of the way. (But see In re JetBlue, discussed in Professor Goldman’s post here: “When Does a Privacy Policy Breach Support a Breach of Contract Claim? In re JetBlue.”)

Provide also argued that the applicable privacy policy allowed it to transfer information to third parties, but the court holds that there is a disputed factual issue as to whether Provide agreed to only transfer the information with consumers’ “informed consent or authorization,” and would not share the information “beyond that which was necessary to complete the flower order.”

Finally, Provide argued that the “EasySaver Rewards Policy” was not supported by an exchange of consideration, since it only came up after the flower transaction was complete. The court rejects this argument as well, finding that the rewards program was “part and parcel of the underlying flower purchase.”

Provide also tried to disclaim liability for Encore’s actions by arguing that it was not responsible for anything Encore did. The court cites to language in the description of the rewards program that indicates the program was jointly operated (the program was described as “our” program and Encore was described as Provide’s “partner”).

A separate sub-class of plaintiffs brought contract claims against Encore. These plaintiffs argued that they did not “knowingly” consent to the rewards program, and even if they did, Encore breached the terms of the program by not providing the stated benefits. Encore argued that these plaintiffs could not have it both ways – either they enrolled in the program (in which case plaintiffs accepted the terms were clearly stated) or they didn’t. The court finds that plaintiffs could plead in the alternative that they did not enter into an agreement, and even if they did, Encore breached the terms of the agreement.

Fraud Claims: Provide raised a variety of arguments against plaintiffs’ fraud claims (failure to plead fraud with particularity, failure to allege causation). The court rejects these arguments, holding that whether plaintiffs read the privacy policy or had adequate notice is not something that was amenable to resolution at the motion to dismiss stage.

Conversion: Plaintiffs argued that defendants converted plaintiffs’ “private payment information.” With respect to plaintiffs’ conversation claim, the court notes the historical trend away from limiting conversation claims to tangible property (citing to Kremen v. Cohen, among other cases). The court analogizes conversion of plaintiff’s “Private Payment Information” to conversion of bank account information, and finds that plaintiffs adequately state a claim based on conversion of private payment information.

EFTA: The Electronic Funds Transfer Act prohibits, among other things, unauthorized billing. Provide argued that it was Encore and not Provide who engaged in the unauthorized billing. The court agrees and grants Provide’s motion to dismiss as to the EFTA claim, finding that there is no liability under the statute for aiding and abetting an EFTA violation. With respect to Encore, the court denies the motion to dismiss. Among other things, the court rejects Encore’s argument that the plaintiffs agreed to the membership charges by “entering [their] email address[es] and zip code[s] and clicking the green acceptance button.”


Defendants will have another opportunity to show that plaintiffs’ claims are without merit, but I think the court’s resolution at the pleading stage is interesting. A more robust disclaimer and a non-leaky acknowledgment would have no doubt been useful here. (See professor Goldman’s post on Scherillo v. Dun and Bradstreet for some good pointers.)

The case also illustrates the importance of the transaction flow and process (the user experience). Often lawyers provide advice, but implementation is left to the business or marketing folks. This case illustrates that in addition to the language of the terms, courts will look to the transaction process to poke holes in the contract formation argument.

Data breach claims alleging a breach of the applicable privacy policy have met with little success. (See, e.g., Ruiz v. Gap, discussed in this post: “9th Circuit Affirms Rejection of Data Breach Claims Against Gap.”) Where there is out of pocket loss that is a result of a violation of the privacy policy, plaintiffs have a much easier time bringing claims for violation of the privacy policy. In this case, defendants didn’t even raise the argument that plaintiffs had not suffered out of pocket loss or lacked standing – it was a nonstarter.

It was also interesting that defendants tried to rely (and have judicial notice taken of) the online terms, but the court refused to do so, in light of the changing content of the webpages. When defendants pushed this argument, the court predictably trotted out the “[i]nformation from the internet does not necessarily bear an indicia of reliability” argument.

Related:Cuomo says 6 settle on hidden online shopping fees.”