This post was prepared by Howard Hogan and Adam Chen of Gibson Dunn.
Comparison shopping is a time-tested strategy for smart shoppers during the holiday season. As previously discussed in this forum, the increase in usage of mobile devices for shopping has spawned the practice of “showrooming,” where consumers visit brick-and-mortar stores to scout or try on an apparel product and then compare prices and buy online.
One recent response to this trend is the use of in-store “beacons” as a way for brick-and-mortar stores to communicate directly with consumers while they are physically in stores, in order to entice customers to buy their products in-store. Beacons are devices that can communicate with smartphones via Bluetooth signals. They allow stores to know when customers are on location and communicate directly with them through their phones or other mobile devices. Beacons can be used to push ads or information about sales onto customers’ phones if they are in the store’s vicinity or allow users to look at customer reviews of items while they examine a product.
These beacons can be a powerful tool for stores to engage directly with shoppers and get them to consummate a sale as they are looking at a product in the store and in a buying frame of mind. But companies should be aware of potential legal concerns that can come up with the use of this new technology.
- Consumer Privacy Issues: Many beacon programs collect additional data about consumers through their mobile devices. The collection and use of this data will likely attract the scrutiny of the Federal Trade Commission and other federal and state regulatory agencies that have lead the way in evaluate companies’ use of customer data. For example, the FTC has set forth guidelines for business on the protection of consumer privacy and has championed “privacy by design” initiatives where companies promote consumer privacy throughout every stage of the development of their products and services. Data security, anonymization of data, reasonable collection limits, sound retention practices, and data accuracy are all substantive privacy protections that companies using or looking to use beacons could consider to minimize concerns. The FTC has also recommended that consumers be given a simple “Do Not Track” mechanism for apps on their mobile phones.
- False Advertising Laws: State and federal false advertising laws and regulations often require companies to make accurate disclosures to consumers about the content of any messages delivered to them through their mobile devices or the activities of their apps. Incorrect disclosures can lead to consumer false advertising and data privacy class action suits, as well as false advertising suits from competitors. The FTC has brought charges against companies for false advertising when privacy policies or other disclosures are inaccurate or misleading. Companies should carefully review their disclosures and make sure they are accurate and sufficiently robust to avoid these liabilities.
- Data as Intellectual Property: The data collected by beacons can be valuable, and companies may wish create safeguards to protect their data as intellectual property. Companies could maintain the data in a way that would classify it as a trade secret under relevant state laws or by protecting the arrangement and selection of the data collected under the Copyright Act.
- Cyber Threats: The loss of personally identifiable information (“PII”) can open retailers to massive litigation threats. For example, a prominent retailer is still dealing with the repercussions from hackers stealing payment information from its customers; it is facing lawsuits not only from its customers and shareholders, but also from credit- and debit-card issuers who believed it necessary to replace their customers’ cards and account numbers. In addition, the Federal Communications Commission recently levied a $10 million fine against two telecommunications companies that allegedly stored unencrypted PII data online with no safeguards. Apparel retailers are not immune from cyber threats: one fashion retailer was recently hacked, with attackers stealing customers’ names, account numbers, expiration dates and verification codes. The number of cyber attacks is increasing with no signs of slowing down, and companies must take their cybersecurity seriously.
Beacons can help brick-and-mortar stores by merging online access to information with the in-store experience. They are a powerful tool that can allow stores to decrease sales lost through showrooming and increase the rate at which consumers who walk into a store become actual customers. Beacons, however, also raise a number of legal issues that were not traditionally concerns for brick-and-mortar stores. Whether or not retailers will adopt beacons on a widespread basis remains to be seen, but companies who choose to invest in this technology should be aware of the legal and regulatory considerations.