Many consumers have been leery of shopping online, and they may have had reason to worry.
For years, hundreds of retailers had been passing on customers' credit and debit card information to third-party marketers, which would charge those consumers for memberships, products and services they didn't want.
"It was happening a lot," said Pam Dixon, executive director of the California-based World Privacy Forum, a public interest research group.
But late last year, a federal law was passed to stop these egregious sales tactics. The Restore Online Shoppers' Confidence Act prevents online retailers from sharing customers' billing information with outsiders and requires Internet marketers to get consumers' consent before charging for goods and services.
The most amazing thing about the law is that it was needed in the first place. Many consumers assumed they had these legal protections already. But apparently, some online retailers needed to have Congress step in and tell them not to sell out their customers.
Mike Young, a Dallas lawyer representing businesses that operate online, says that only a tiny percentage of retailers were involved, but that the damage to shoppers' confidence has been widespread. Even when online consumers encounter an honest glitch these days, they automatically suspect fraud if the problem isn't quickly resolved, he says.
The new law is the result of a 2009 Senate investigation launched after thousands of consumers complained about being billed for services they didn't recall agreeing to buy. Often, they discovered something was amiss only when charges started appearing on their bank statements, according to a report released by the Senate Committee on Commerce, Science, and Transportation. According to the report, the marketing scheme worked like this:
Consumers would submit credit or debit card information to make a purchase on a retailer's website. Before they clicked to confirm the purchase, an ad from an outside marketer would pop up offering a free trial for magazines, a club membership or other services. Customers couldn't complete their purchase until they agreed to the free trial or clicked on a less-noticeable link to decline.
And if consumers accepted the free trial, they would have to cancel once it was over to avoid being charged. Many consumers didn't realize this, and so they were automatically billed by the marketer that got their billing information from the retailer, the report said.
The investigation focused on the sales tactics of three Connecticut companies -- Affinion, Vertrue and Webloyalty -- that pitched membership programs on more than 450 retailers' websites. For their part, retailers received payments or "bounties" for every consumer snagged.
Over 10 years, the three companies collected about $1.4 billion in revenue, with more than half of that paid to retailers, the report said.
Besides restricting retailers from sharing customers' information, the new law requires marketers to provide greater disclosure and to obtain billing information directly from the consumer. A marketer also can't automatically bill customers unless it gets their consent first and provides an easy way for them to stop recurring charges.
An Affinion representative wrote in an e-mail that the company adopted these changes more than a year ago. The other two companies didn't respond by deadline to a request for comment.
Some consumer advocates say the new law is a step in the right direction. But Dallas attorney Young warns that there are still some unscrupulous players on the Internet that will continue to try to take advantage of shoppers.
So if you're shopping online, be vigilant.
Young, for instance, advises linking a credit card with a PayPal account to make purchases online. That way, if there is a dispute, you will have PayPal and the credit card issuer on your side to help resolve it, he says.