A proposed class action lawsuit claims J. Crew Group, LLC unlawfully requires customers to provide their contact information as a condition of checkout and then uses the data for marketing purposes.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
According to the 19-page lawsuit, J. Crew has mostly eliminated the use of paper receipts in its stores and has instructed cashiers to tell customers that the only way to receive a record of their credit card transaction is by handing over an email address or phone number.
Although J. Crew has been “very vocal” about its transition to electronic receipts as part of an environmental initiative, the retailer has in truth “feign[ed] a concern for the environment to invade its customers’ privacy,” the suit claims.
Per the filing, J. Crew’s purported need to email receipts is, in fact, a “pretext to inundate consumers’ inboxes with marketing materials” and sell their personal data to third parties.
As the case tells it, countless shoppers who have encountered J. Crew’s alleged “data harvesting policy” have needlessly disclosed their email addresses or phone numbers to the company at the expense of their privacy because they were led to believe the information was required to make a credit card purchase.
J. Crew uses customers’ info for marketing, lawsuit says
Once shoppers hand over their email addresses at checkout, J. Crew sends them “much more than just a receipt,” the suit contends.
"J. Crew sends consumers like [the plaintiffs] purely promotional emails on a nearly daily basis,” the complaint reads, relaying that one of the plaintiffs received 238 emails from the defendant in a six-month period.
According to the case, the retailer’s “inbox invasion” is exactly the type of “privacy intrusion” that state credit card privacy laws were enacted to prevent. The complaint explains that lawmakers in California, Massachusetts and Rhode Island were concerned that merchants such as J. Crew “routinely acquire unnecessary personal information for their own business purposes,” including for use in marketing efforts or to sell to third parties. Laws in those states prevent businesses from requesting personal information from credit card customers as a perceived condition to processing credit card transactions, the case relays.
Further, the lawsuit claims that J. Crew’s alleged use of shoppers’ data to send marketing materials also violates the California Consumer Privacy Act of 2018, which prohibits businesses from using consumers’ personal information for “additional purposes” without providing notice.
Like other shoppers, the plaintiffs in the case fell victim to the defendant’s “pretextual data collection” when they purchased goods at J. Crew locations in their respective home states of California, Massachusetts and Rhode Island, the filing says. The consumers claim they were misled to think their email addresses were required to complete the credit card transactions at checkout, and that as a result of providing the data to J. Crew, “their inboxes paid the price.”
Lawsuit alleges J. Crew’s data collection comes with other lurking privacy risks
Aside from the promotional emails J. Crew is purported to send with “alarming frequency,” the defendant’s collection of consumer data presents additional problems, the lawsuit argues.
Per the complaint, researchers found in a 2015 study that they were able to identify particular individuals from just three to four credit card transactions that were part of a similarly “de-identified” dataset.
“The study concluded that it was possible to determine the identity of an individual from so-called ‘anonymized’ credit card data 90% of the time through simple extrapolation,” the filing notes.
This is particularly concerning given that J. Crew has faced questions about its data security in recent years, the lawsuit states. In 2016, an anonymous whistleblower accused the company of selling customers’ email addresses to third parties, and in 2019, the retailer was hacked, resulting in the unauthorized disclosure of consumers’ private data, the suit says.
Despite these incidents, “J. Crew nevertheless continues to collect customers’ [personal identification information] under false pretenses,” the complaint charges.
Per the suit, shoppers in California, Massachusetts and Rhode Island who were subject to J. Crew’s alleged data collection practices are owed between $75 and $1,000 per violation under state laws.
The filing relays that more than a dozen other states have comparable consumer privacy protection statutes that prevent retailers from requiring personal information in order to make a credit card purchase.
Who does the lawsuit look to cover?
The case looks to represent anyone from whom J. Crew requested and recorded personal identification information as part of a credit card purchase transaction since August 10, 2022 in one of its brick-and-mortar stores in California—or since August 10, 2019 in a J. Crew location in Massachusetts or Rhode Island.
What if I don’t live in one of those states?
At this time, the lawsuit is only looking to cover purchases made in California, Massachusetts and Rhode Island stores. It’s possible, however, that additional lawsuits could be filed that seek to cover shoppers in other states. If you’re interested in taking legal action, you could always try reaching out to an attorney in your area to find out more about your options.
If you’ve been required to provide your email address or phone number to J. Crew in order to make a purchase, or simply want to stay in the loop on class action lawsuit and settlement news, sign up for ClassAction.org’s free weekly newsletter.