Date: Jan 16, 2003
Various suits against Toys R Us and Coremetrics were filed in 2001 in California and New Jersey stemming from activities the two companies conducted at the Toys R Us website. Toys R Us previously settled a privacy enforcement action brought by New Jersey state authorities last year. Both settlements reflect the importance of assuring that posted privacy policies carefully and accurately describe a web site's privacy and security practices.
The class action suits alleged violations of common law privacy and various federal and state laws, including the Electronic Communications Privacy Act, the Computer Fraud and Abuse Act, and California and New Jersey consumer protection laws. (Toys R Us earlier settled an enforcement action by the New Jersey Department of Consumer Affairs, paying $50,000 as part of the settlement.) The cases were consolidated in the U.S. District Court for the Northern District of California.1 A settlement agreement has been filed with the court, and a settlement conference is scheduled for February 21. The settlement agreement requires Toys R Us to pay $900,000 and Coremetrics $400,000 to settle the case. The agreement also includes specific obligations on both parties with respect to privacy notices and practices.
The key allegations in the Consolidated Amended Complaint in the Toys R Us Privacy Litigation are that:
As noted above, the Consolidated Complaint charges violations of the Federal Trade Commission's (FTC) Fair Information Practice Principles, the Electronic Communications Privacy Act ("Interception of Electronic Communications")2, the Computer Fraud and Abuse Act3, the California Invasion of Privacy Act4, as well as California and New Jersey consumer protection and fraud statutes.5 It also included an unjust enrichment count, alleging that the defendants misappropriated the economic value of the class members, who have a right to sell personal information to third parties.6
1 In re Toys R Us, Inc., Privacy Litigation. MDL No. M-00-1381-MMC (N.D. CA. 2001)
2 18 U.S.C. §2510 et seq.
3 18 U.S.C. §1030.
4 Cal. Penal Code § 630 et seq.
5 See Cal. Bus. & Prof. Code §17200 et seq.; N.J. Stat. §56:8-1 et seq.
6 The Consolidated Amended Complaint notes that "several Internet marketing and market research companies have paid Internet users a fee to allow them to track their Internet movements or surfing habits, thus paying for the right to gather information on a person's online habits." Id. At paragraph 58.
For more information, please contact Sheila Millar at (202)434-4143 or by e-mail at email@example.com