Build.com Dismantles Payment Card Wiretapping Class Claims

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Daniel R. Stoller

Build.com Inc. beat federal wiretap claims by a potential class alleging the company intercepted and disclosed sensitive consumer and payment card data without consent.

The Chico, Calif-based online home improvement store was a party to the communication of the online payment card information, therefore it can’t be in violation of the Wiretap Act, Judge Audrey G. Fleissig of the U.S. District Court for the Eastern District of Missouri ruled Nov. 13 ( Jurgens v. Build.com.,Inc. , 2017 BL 406171, E.D. Mo., No. 4:17-cv-00783, 11/13/17 ). Further, since the consumer and payment card data at issue were stored on the plaintiff’s computer, they “were not communications at all” under the law, Fleissig wrote.

The decision demonstrates the difficulty consumers face in pursuing such claims against online retailers.

Plaintiff Rhonda Jurgens brought claims under the federal Wiretap Act and state tort law seeking injunctive relief, statutory damages, punitive damages, and attorneys’ fees.

Jurgens, who sought to represent a class of similarly aggrieved parties, alleged that Build.com intentionally used computer commands, such as JavaScript, to intercept payment card data before an online order was completed. She also alleged that the JavaScript allowed third-party advertisers to intercept the payment card data and other information. The commands were “prone to privacy and security breaches” and violate payment card industry standards, Jurgens alleged.

Wiretap Act

The Wiretap Act, 18 U.S.C. § 2511, allows individual consumers to sue anyone who “intentionally intercepts, endeavors to intercept, or procures any other person to intercept or endeavor to intercept, any wire, oral, or other electronic communication,” within two years of the alleged violation. The law has an exception for parties to a communication.

Build.com was a party to the transmission of the online payment form and therefore didn’t flout federal wiretap laws, Fleissig ruled. Also, the payment card form data never left the plaintiff’s computer and thus there were no “electronic communications transmitted by a system that affects interstate commerce, as required” under the law, according to the complaint.

Even if the plaintiff had adequately plead Wiretap Act allegations, the claims were time-barred under the statute. Aggrieved parties must file suit within two years after they “had a reasonable opportunity to discover the violation,” the court ruled. The alleged violation must also be the interception of communications and not the injury caused by such interception, the court said.

The plaintiff could have reasonably discovered the alleged violation when the payment page was first accessed on March 29, 2014, thus the claims didn’t meet the two-year statute of limitations, the court said. Plaintiffs can’t rely on a “lack of technical expertise” to avoid time-barred complaints, the court said.

KamberLaw LLC, and Steelman, Gaunt & Horsefield represented Jurgens. Armstrong Teasdale LLP represented Build.com.

Representatives for the Build.com didn’t immediately respond to Bloomberg Law’s email requests for comment.

To contact the reporter on this story: Daniel R. Stoller in Washington at dstoller@bna.com

To contact the editor responsible for this story: Donald Aplin at daplin@bna.com

For More Information

Full text of the opinion is available at http://src.bna.com/uc3.

Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Bloomberg Law: Privacy & Data Security