McNees Litigation News
December 6, 2018
Publications
“Mandatory” Arbitration Clauses: Courts Take Uber’s Terms of Service for a Ride
By James J. Franklin and Casey Hunt*
People around the world create new profiles on websites and apps every day, but many of them do not know the terms and conditions of all their accounts. Many users simply go through the motions of creating accounts without knowing what they are agreeing to; they fail to read the fine print. This may pose a problem if, for example, users later want to bring legal claims against the company but find out that they consented to settle all claims through arbitration rather than in court. Uber is just one of several companies that uses a mandatory arbitration clause in its Terms of Service, perhaps unbeknownst to many of its users.
Arbitration is a process in which parties with a legal dispute use a neutral decision-maker to resolve the conflict, rather than filing a complaint in a court to have a judge or jury decide the issue. Some critics of enforcing arbitration clauses claim that mandatory arbitration takes away an individual’s right to trial by jury and often forces a party with less bargaining power to settle for a smaller award than they could otherwise receive. Proponents of arbitration cite the relatively short and inexpensive resolution to conflicts as compared with litigation in court and the opportunity to resolve conflicts in a way that benefits all parties involved.
Whatever your view of arbitration may be, arbitration clauses are increasingly common with online companies and apps. Consumers may accept these online terms by clicking a box indicating their agreement to abide by the terms of service. Another way users might agree to a business’s terms of service is by continuing to use the website after the business notifies the user that continuing to use the website constitutes agreement to its terms. This latter method, however, recently lead to specific legal challenges to Uber’s Terms of Service.
On June 25, 2018, in one of numerous challenges to Uber’s mandatory arbitration policy, the United States Court of Appeals for the First Circuit ruled that Uber could not enforce arbitration on a class of plaintiffs that alleged violations of a Massachusetts consumer protection law. In Cullinane v. Uber Technologies, Inc., the plaintiffs asserted that Uber charged “fictitious or inflated fees” for users travelling to and from Logan Airport in Boston and for users travelling in East Boston. After the plaintiffs filed their complaint, Uber sought to enforce its arbitration policy, arguing that when the plaintiffs created their Uber accounts, they agreed to be bound by all the Terms of Service. Uber contended that, under a federal statute called the Federal Arbitration Act, Uber and the users had a binding, irrevocable contract to arbitrate disputes even if the users did not read the Terms of Service.
The First Circuit disagreed. In its decision, the court described that in order to enforce the contract, Uber must show that it “reasonably communicated” its Terms of Service and that the users accepted the Terms. Uber did not use the usual method of making users check a box to notify them that they are bound by the Terms of Service. Consequently, to determine whether the users agreed to the Terms, the court looked at whether the hyperlink to the Terms of Service was sufficiently conspicuous to notify users of where to find the Terms. In this case, the button was not conspicuous enough because other words on the app screen had similar features to the link to the Terms of Service and were more attention-grabbing than the link to the Terms. The court further noted the link was not conspicuous because it was not written in blue like most hyperlinks.
Additionally, the First Circuit examined the language Uber employed to notify users that they could find the Terms of Service by following the link. This, too, was not conspicuous enough because the text notifying users where they could find the Terms of Service was even less conspicuous than the link itself, as it was written in small, dark gray, non-bolded font against a black background. Because of the lack of conspicuousness—even in the face of the Federal Arbitration Act’s “liberal policy favoring arbitration agreements”—the users were not bound by the arbitration clause.
State courts have heard claims regarding Uber’s arbitration enforcement as well. Three days after the First Circuit’s ruling, a New York state trial court found that Uber could not enforce its arbitration clause against a disabled rider. The plaintiff in Ramos v. Uber Technologies, Inc. brought claims against Uber for violations of several New York state laws and New York City codes. The plaintiff’s complaint alleged that Uber failed to provide accessible vehicles to disabled riders. Uber, again, sought to enforce its arbitration policy, asserting that the plaintiff was bound by Uber’s arbitration clause in the Terms of Service because the plaintiff agreed to the Terms when she created her account.
The trial court denied Uber’s motion, ruling that Uber did not demonstrate that the plaintiff “clearly, explicitly, and unequivocally agreed” to arbitrate her claims when she created her Uber account. The New York court focused on whether the process of creating an Uber account “compel[led] the registrant to see the subject terms and conditions” and found that the registration process was not compelling because Uber used ambiguous language to notify users that they would be bound by the Terms of Service and because the app contained no language indicating that the user could find the Terms by clicking the phrase “Terms & Conditions.” The New York court also found fault with Uber’s failure to require users to click a box indicating that they agree to the Terms. Even though “[a]rbitration is a favored method of dispute resolution in New York,” the court would not enforce Uber’s arbitration clause and directed Uber to file an answer to the plaintiff’s complaint.
These rulings come on the heels of Uber’s announcement in May that it will eliminate mandatory arbitration for sexual assault claims against the company. Lyft has a similar arbitration clause and has also announced it will eliminate mandatory arbitration for sexual assault claims. Courts have grappled with these types of arbitration clauses for years and have not come up with a clear ruling on whether a company may enforce its arbitration clause in different scenarios. For example, in 2016, the United States Court of Appeals for the Second Circuit applied California law and enforced Uber’s arbitration clause against a class of plaintiffs that accused Uber of price fixing.
The Cullinane and Ramos decisions affect more companies than Uber alone. Many other apps and websites use the same passive methods as Uber does to bind their users to the terms of service (i.e. not requiring users to agree to the terms by clicking a button, but rather, stating that by creating an account, users agree to the terms of service). These rulings could cause apps and websites to eliminate passive agreements to terms of service in favor of affirmative agreements by requiring users to check a box before creating an account. Some websites go one step further, forcing the user to scroll down to the bottom of the terms of service before allowing them to check the box indicating that they agree to the terms.
Online contracts are a part of everyday life, from ordering items on Amazon to using social media. Nevertheless, enforceability of arbitration clauses in online contracts is one area of the law that is still unclear – and these new federal and state rulings give yet two more approaches to deciding this issue. While the First Circuit and New York decisions are only binding within their jurisdictions, other courts may find these decisions persuasive when deciding similar challenges going forward. It is also possible that courts in other jurisdictions will conduct their own analyses. Therefore, one business’s arbitration clause could be enforceable in one jurisdiction, while the same clause or a similar clause could be found unenforceable in another jurisdiction. The discord across federal and state courts on Uber’s arbitration policy may even result in a journey to the U.S. Supreme Court. Until then, consumers and businesses alike should carefully examine their terms of service to avoid being taken on an unwanted ride.
James J. Franklin is a member in the Litigation, Personal Injury, and Transportation, Distribution & Logistics practice groups at McNees Wallace & Nurick LLC and regularly monitors developments in transportation law.
* Casey Hunt was a 2018 summer associate at McNees.
Marriott Announces Massive Data Breach
On November 30, Marriott announced that it experienced a massive data breach affecting 500 million customers over a four-year span. By the next business day after its announcement, Marriott faced at least a dozen putative class action lawsuits and at least two regulatory investigations.
How did this happen? In 2016, Marriott acquired rival hospitality giant Starwood Hotels. Despite conducting due diligence prior to the merger, no one detected the gaping hole in Starwood Hotels’ cybersecurity. As a result, hackers gained access to this database in 2014, before the merger, and continued to have access until Marriott discovered the breach in November of this year.
Marriott’s announcement has sparked outrage from consumers, shareholders, courts, and legislators alike, all of whom demand answers from Marriott. In the wake of more than a dozen lawsuits by customers and shareholders seeking hundreds of millions of dollars, as well as investigations by several states’ attorneys general and European regulators, Marriott has yet to comment on how the breach went undetected for so long. What is evident, however, is that Marriott did not do enough to protect its customers’ data.
Marriott is not alone. Many companies choose to overlook cybersecurity. Historically, this was not uncommon because the cost of a breach was often cheaper than the cost of instituting proper data security measures or diving deeper during due diligence. Watching the repercussions of Marriott’s breach unfold, it is clear that this is no longer the case. As Marriott begins living this business nightmare, there is a stronger push than ever toward stricter data protection regulations containing enforcement measures designed to make companies pay attention.
Fortunately for Marriott, it likely has the resources to survive the catastrophic financial and reputational harm of this data breach. However, many businesses could not survive a similar breach. With enforcement and scrutiny at an all-time high, the time for businesses to evaluate their data security practices is now.
The McNees Privacy & Data Security Group is equipped to help you evaluate your data security practices, comply with U.S. and international privacy laws, evaluate the data-security risk of acquisition targets, and respond appropriately when an incident occurs.
Sarah C. Dotzel practices in the Litigation and Privacy & Data Security Groups at McNees Wallace & Nurick LLC.
© 2018 McNees Wallace & Nurick LLC
McNees Litigation News is presented with the understanding that the publisher does not render specific legal, accounting or other professional service to the reader. Due to the rapidly changing nature of the law, information contained in this publication may become outdated. Anyone using this material must always research original sources of authority and update this information to ensure accuracy and applicability to specific legal matters. In no event will the authors, the reviewers or the publisher be liable for any damage, whether direct, indirect or consequential, claimed to result from the use of this material.