Hospitality & Retail -

Arkansas

Are mandatory arbitration provisions recognized in your state? If so, are there any limitations to its enforcement?

Yes, Arkansas recognizes mandatory arbitration provisions. As a matter of public policy, Arkansas strongly favors arbitration as a less expensive and more expeditious alternative to litigation and a useful mechanism for relieving congested court dockets.

In 2011, the General Assembly adopted the Revised Uniform Arbitration Act. [i]  The Code states that “an agreement contained in a record to submit to arbitration any existing or subsequent controversy arising between the parties to the agreement is valid, enforceable, and irrevocable except upon a ground that exists at law or in equity for the revocation of a contract.”[ii]  A party may move to compel arbitration if there is a valid agreement and the other party refuses.[iii]

In considering a motion to compel arbitration, the Court determines: (1) Is there a valid arbitration agreement? and (2) Does the dispute fall within the scope of that agreement?

Under Arkansas Law, the essential elements of a contract are (a) competent parties, (b) subject matter, (c) legal consideration, (d) mutual agreement, and (e) mutual obligations.  Arbitration agreements may be invalidated by contract defenses, such as fraud, duress, unconscionability, lack of competency, etc.

What is your state’s law, if any, regarding gift cards, subscription services and loyalty programs?

The Arkansas Fair Gift Card Act governs gift card practices and provides consumer protection.[iv]  The Arkansas Fair Gift Card Act applies to gift cards, gift certificates, and prepaid cards.

Under the Act:

  • A gift card or gift certificate cannot expire for at least two years from the date the card was purchased or from the last date any additional money was loaded onto the card. If the expiration dates listed on the card is earlier than these dates, the money can be transferred to a replacement card at no cost.
  • The expiration date must be clearly disclosed on the card.
  • Inactivity and/or reactivation fees can be charged upon the expiration of the two-year time period.
  • Fees must be clearly disclosed on the card or its packaging.

What is your state’s law, if any, regarding safeguarding consumer credit card or other private data (i.e., cyber security)?

The Arkansas Personal Information Protection Act (“PIPA”) requires organizations that collect personal information  to use reasonable security safeguards to protect such information from unauthorized access, destruction, use, modification, or disclosure.[i] PIPA requires that in the event such information is compromised, the organization must notify the affected individuals in the most expedient time and manner possible and without unreasonable delay.[ii] If the breach of PI affects more than 1,000 people, the organization must also disclose the breach to the state attorney general.[iii]

The term “Personal Information” includes an individual’s first name, or first initial and his or her last name, in combination with any one or more of the following data elements when either the name or the data is not encrypted or redacted:[iv]

  • Social Security number;
  • Driver’s license number or Arkansas identification card number;
  • Account number, credit card number or debit card number in combination with any required security code, access code, or password that would permit access to an individual’s financial account;
  • Medical information, including any individually identifiable information, in electronic or physical form, regarding the individual’s medical history or medical treatment or diagnosis by a healthcare professional; or
  • Biometric data, such as an individual’s voiceprint, handprint, fingerprint, DNA, retinal/iris scan, hand geometry, faceprint, or any other unique biological characteristic, if the characteristic is used by the owner or licensee to uniquely authenticate the individual’s identity when the individual accesses a system or an account.

What is your state’s law, if any, regarding the collection and handling of financial information?

In addition to the above, PIPA requires businesses to take all reasonable steps to destroy or arrange for the destruction of a customer’s records within its custody or control containing personal information that is no longer to be retained by the person or business by shredding, erasing, or otherwise modifying the personal information in those records to make it unreadable or undecipherable through any means.[v]

[i] See, Ark. Code Ann. § 4-110-104

[ii] Ark. Code. Ann § 4-110-105

[iii] Id.

[iv] Ark. Code. Ann § 4-110-103

[v] Ark. Code. Ann § 4-110-104

[i] See, Ark. Code Ann. 16-108-201, et seq

[ii] See, Ark. Code Ann. 16-108-206

[iii] See, Ark. Code Ann. § 16-108-207

[iv] See, Ark. Code Ann. § 4-88-701, et seq