Are mandatory arbitration provisions recognized in your state? If so, are there any limitations to its enforcement?

Under Louisiana Law, mandatory arbitration provisions are “valid, irrevocable, and enforceable, save upon such grounds as exist at law or in equity for the revocation of any contract.”[i] For example, arbitration provisions have been held unenforceable when included in an unenforceable contract of adhesion.[ii]

Outside of such situations in which the arbitration contract or the contract containing the arbitration provision are deemed unenforceable contracts, mandatory arbitration provisions will be upheld in Louisiana courts.

What is your state’s law, if any, regarding gift cards, subscription services and loyalty programs?

Louisiana law provides specific provisions for the issuance and administration of gift cards/certificates and subscription services.

Gift Certificates/Cards[iii]:

Gift certificates cannot have an expiration date less than five years from the date of issuance. The expiration date must appear in capital letters in at least ten-point font on the gift certificate.

Gift certificates cannot have a service fee except for a one-time handling fee, which cannot exceed $1.00 per gift certificate.

Gift certificates that do not have an expiration date are valid until redeemed or replaced.

These provisions do not apply to gift certificates that are distributed pursuant to a loyalty or promotional program that are not given in exchange for money or anything of value or to gift certificates that are sold below face value or donated to nonprofit and charitable organizations for fundraising purposes.

An issuer of a gift certificate may set its own terms so long as they are not in contravention of the statutory requirements.[iv]

Subscription Services[v]:

If a contract for the sale or lease of products or services will automatically renew unless canceled by the consumer, the automatic renewal clause must be disclosed clearly and conspicuously in the contract or contract offer.

If a contract for the sale or lease of products or services will automatically renew unless canceled by the consumer, the instructions on how to cancel the contract must be disclosed clearly and conspicuously in the initial contract, contract offer, or with delivery of the products or services.

If the failure to comply with the foregoing provisions is the result of an error, the consumer is entitled to a full refund or credit for all amounts billed to or paid by the consumer from the date of the renewal until the date of the termination of the contract, or the date of the subsequent notice of renewal, whichever occurs first.

These provisions will not apply to contracts entered prior to January 1, 2011; contracts that allow for cancellation by written notice within thirty days or within one month after the initial period has expired; or contracts issued by certain financial institutions and insurers.

Contracts that have automatically renewed in violation of the foregoing will revert to a thirty-day renewal contract in accordance with the same terms.

What is your state’s law, if any, regarding safeguarding consumer credit card or other private data (i.e., cyber security)?

Louisiana has instituted the Louisiana Cybersecurity Information Sharing Act and the Database Security Breach Notification Law in response to cyber security threats. The purpose of the Louisiana Cybersecurity Information Sharing Act is to provide a framework for permissive sharing of cybersecurity information under Louisiana law that is consistent with and does not conflict with the requirements of the federal Cybersecurity Information Sharing Act of 2015.

Any person that conducts business in the state or that owns or licenses computerized data that includes personal information, or any agency (hereinafter referred to as the “entity”) that owns or licenses computerized data that includes personal information, shall implement and maintain reasonable security procedures and practices appropriate to the nature of the information to protect the personal information from unauthorized access, destruction, use, modification, or disclosure.

Additionally, the entity shall take all reasonable steps to destroy or arrange for the destruction of the records within its custody or control containing personal information that is no longer to be retained by the person or business by shredding, erasing, or otherwise modifying the personal information in the records to make it unreasonable or undecipherable through any means.

If the entity learns of a breach of the security system containing such data, the entity shall notify any resident of the state whose personal information was, or is reasonably believed to have been, acquired by an unauthorized person. This notification requirement shall be made in the most expedient time possible and without unreasonable delay but no later than sixty days from the discovery of the breach, consistent with the legitimate needs of law enforcement or any measures necessary to determine the scope of the breach, prevent further disclosures, and restore the reasonable integrity of the data system. If the notification is delayed, the entity shall provide the attorney general the reasons for the delay in writing within the sixty-day notification period. Upon receipt of the written reasons, the attorney general shall allow a reasonable extension of time to provide the notification.

The entity can provide notification in one of the following ways: (1) written notification, (2) electronic notification if the notification is consistent with the provisions regarding electronic records and signatures pursuant to 15 U.S.C. 7001, (2) substitute notifications – if an agency or person demonstrates that the cost of providing notification would exceed one hundred thousand dollars, or that the affected class of persons to be notified exceeds one hundred thousand, or the agency or person does not have sufficient contact information – substitute notification can be accomplished through email notification, conspicuous posting of the notification on the Internet site of the agency or person, or major statewide media.

However, notification shall not be required if after a reasonable investigation, the person or business determines that there is no reasonable likelihood of harm to the residents of this state. If this occurs, the person or business shall retain a copy of the written determination and supporting documentation for five years from the date of discovery of the breach of the security system. If requested in writing, the person or business shall send a copy of the written determination and supporting documentation to the attorney general no later than thirty days from the date of receipt of the request.

Additionally, if a law enforcement agency determines that the notification required would impede a criminal investigation, such notification may be delayed until such law enforcement agency determines that the notification will no longer compromise such investigation.

What is your state’s law, if any, regarding the collection and handling of financial information?

Louisiana has enacted certain laws and regulations to protect and safeguard consumer’s financial information. A savings bank, a savings and loan association, a company issuing credit cards, or a business offering credit shall disclose financial records of its customers only pursuant to the guidelines imposed in La. R.S. § 6:333.

No bank or its affiliate shall disclose any financial records  to any person other than the customer to whom the financial records pertain, unless such financial records are disclosed: (1) in response to a disclosure demand, (2) pursuant to a written request or authorization for disclosure or waiver, or (3) as otherwise permitted or allowed under La. R.S. § 6:333.

Although La. R.S. § 6:333 does not expressly create a cause of action in favor of an individual whose records were wrongfully disclosed, it does create a duty of confidentiality on the part of financial institutions in favor of their customers and a breach of that duty creates harm that is actionable.

[i] La. R.S. § 9:4201.

[ii] See Sutton Steel & Supply, Inc. v. BellSouth Mobility, Inc., 2007-146 (La.App. 3 Cir. 12/12/07); 971 So. 2d 1257.

[iii] La. R.S. § 51:1423. “Gift certificates” are defined as:

[A] writing identified as a gift certificate or gift card purchased by a buyer for use by a person not redeemable in cash and usable in its fact amount in lieu of cash in exchange for goods or services supplied by the seller. A gift certificate or gift card shall include an electronic card with a banked dollar value, a merchandise credit, a certificate where the issuer has received payment for the full face value of the future purchase or delivery of goods or services and any other medium that evidences the giving of consideration in exchange for the right to redeem the certificate, electronic card or other medium for goods, food, services, credit or money of at least equal value.

[iv] See Moss v. Lowe’s Home Centers, Inc., 2016-630, 2016 WL 7234765 (La.App. 3 Cir. 12/14/16).

[v] La. R.S. § 9:2716.