News

NeimanMarcus.com's Fake Faux-Fur Fiasco Draws A Real 20-Year Consent Agreement

In what is probably a sign of the real-vs.-fake end times, Neiman Marcus agreed on Tuesday (March 19) to stop labeling real fur as "faux fur." According to a very real FTC complaint, between October 2009 and November 2012, the luxury chain's NeimanMarcus.com and BergdorfGoodman.com websites sold a Burberry jacket, a Stuart Weitzman shoe and an Alice + Olivia Kyah coat described on the sites as trimmed with faux fur, when actually the trimming was real fur.

Part of the reason Neiman Marcus got into trouble here is that it started selling the fake faux fur products less than six months after settling a previous FTC fake faux fur investigation. But the bigger problem may be the fact that physical stores have human beings who can catch some of these labeling problems before they become a federal case. Online stores don't.

Federal Appellate Panel Backs Walmart On Obscenity Case, But It Was One Malice Claim From Going In The Opposite Direction

A federal appellate panel on March 15 backed Walmart (NYSE:WMT), ruling that the chain had no need to train employees on when they should or shouldn't call police after seeing customer photographs. The test case involved a couple who had their children taken away for a month, until a judge saw the actual photographs and the results of an examination of the children and then ordered the children to be returned to their parents and no charges filed.

The decision from the U.S. Court of Appeals for the Ninth Circuit also flagged to retailers their Achilles heel in such cases, pointing out that the parents' case fell apart when they didn't allege that the store associates had not acted in good faith. In other words, had there been evidence that the associates acted maliciously, things might have gone very differently for Walmart. The parents certainly wouldn't have had difficulty establishing harm that resulted from the associate's actions.

Is Target Trying To Become Amazon For Cooks?

Target (NYSE:TGT) is quietly getting into the E-Commerce infrastructure business. The $68 billion chain announced last Thursday (March 14) that it is buying online cookery sites CHEFS Catalog and Cooking.com, both of which sell kitchenware and utensils. But Cooking.com also provides the backend for several high-profile celebrity cooking websites -- and Target apparently intends to keep its hands off that business as long as it keeps growing.

Keep in mind that it's barely a year and a half since Target could barely keep its own newly built E-Commerce site running, after a decade of having its E-Commerce operations run by Amazon (NASDAQ:AMZN). That's fresh in the minds of Target E-Commerce execs, so if there's any chain that can see an advantage to becoming a mini-Amazon for cooking websites, it's Target.

Subway Hit By Ultimate Cyberthief Inside Job: A Double-Insider

A federal indictment unsealed on Friday (March 15) involving a Subway cyberthief attack might be an example of the ultimate insider attack. The thefts were actually double-insider attacks, in that one of the accused was a former franchisee of Subway—an employee is the typical insider attack, but an owner also qualifies—and he then ran a POS company that sold systems to Subway franchisees. A vendor using a backdoor is the other common form of insider attack. Here, the government alleges, we have both.

The case against Shahin Abdollahi, a.k.a. Sean Holdt, is that he supposedly used the systems he sold to Subways around the country to fraudulently load value onto giftcards. The indictment then claims that Abdollahi either used the giftcards himself at Subways thousands of miles away or sold them as discounted cards on eBay (NASDAQ:EBAY) and Craigslist. For that added touch of chutzpah, the indictment alleges, Abdollahi and a co-conspirator "sometimes registered [the giftcards] online with Subway" and that was done "to keep track of the fraudulently loaded cards in case of loss or theft." After all that work, you certainly wouldn't want a card to be lost due to carelessness.

With POS Paper Supplies Vanishing, E-Receipts May No Longer Be Optional

Maybe digital receipts and coupons are something you need to start promoting—and fast. The second-largest supplier of POS receipt paper, Germany's Koehler, still plans to stop shipping paper to the U.S. in April, after a December ruling by the Commerce Department that will increase tariffs by more than 70 percent. That could translate into shortages and will almost certainly mean higher prices for thermal paper, which is used in most chains' POS printers.

U.S. and Chinese paper mills say they will eventually fill the shortfall from the U.S. exit of Koehler, which has been providing about 40 percent of POS paper. But in the meantime chain execs may be expecting IT to keep stores from running out of paper. Strange as it sounds, it is IT's problem—and the second-easiest option is digital receipts.

Want To Give Shoppers A Reason To Use Loyalty? How About Saving Their Lives?

Grocery—and other food selling—chains that are trying to encourage shoppers to use CRM? Nothing makes customers more loyal than saving their lives. (Yes, Bentonville, even more than saving them...

Court: Retailers Not Bound To Online Promises. Their Shoppers Are

A recent dismissal of a class-action lawsuit against the LinkedIn (NYSE:LNKD) social network raises the question of whether anyone is bound to keep the promises they make on their website at all. If taken at face value, pens Legal Columnist Mark Rasch, the court's dismissal means that companies are not bound to meet their own promised obligations but their customers are bound to comply with the Terms and Conditions of the website, whether they read them or not.

When LinkedIn premium customers Katie Szpyrka and Khalilah Wright learned that the website operator had been hacked, and that 6.5 million stolen LinkedIn passwords had been posted on the Internet (together with the user's e-mail address), they went to sue LinkedIn for failing to provide adequate security and appropriate encryption for these passwords. Because users frequently use the same passwords for multiple accounts, stealing their LinkedIn passwords and E-mail addresses might expose a host of other accounts to compromise.

Costco CFO on Item-Level RFID: "That Ain't Happening"

Item-Level RFID has its backers at Macy's (NASDAQ:M) and a lot of supporters at JCPenney (NYSE:JCP) (if the retailer only had the cash). But a warehouse chain such Costco (NASDAQ: COST)—with aisle inventory stacked dozens of feet in the air—should be a natural. Not so, Costco CFO Richard Galanti said Tuesday (March 12). In fact, not even close.

Asked about ways to cut labor costs, Galanti went out of his way to dismiss it, arguing that he's not buying item-level RFID's promises. "Everybody thought that RFID would free up the front end and reduce our biggest labor cost area. That ain't happening." (How can you not like a CFO who tells a recorded investor call "that ain't happening"?) Costco has always been the contrarian among the largest chains.

Chain Sues Visa For Breach Fines, May Actually Get Its Day In Court

Apparel chain Genesco (NYSE:GCO) has sued Visa (NYSE:V)—yes, Visa, not the acquiring banks—over the card brand's $13 million in fines due to a 2010 breach. The 2,440-store retailer, which operates the Journeys, Lids and Johnston & Murphy stores, makes the usual arguments: Visa's fines are illegal, Visa broke its own rules, Genesco didn't violate any PCI DSS requirements. (Well, except PCI's First Commandment: Thou shalt not get breached.)

What's interesting here is why Genesco thinks it will get to take Visa to court: A month before Visa notified the acquirers of the assessment, Genesco signed a separate agreement with one of the acquirers, Wells Fargo (NYSE:WFC), in which the bank actually signed over its right to sue Visa to Genesco.

Walmart, Safeway, Amazon Share Same Domain Strategy: Mine, Mine, Mine

Walmart (NYSE:WMT) and Safeway (NYSE:SWY) are each trying to privatize .grocery, so no competing chains can use it. Barring an unexpected change, one of the two will lock it down. Meanwhile, the spotlight has been on Amazon (NASDAQ:AMZN) for attempting to get exclusive use of .books. Other retail-friendly top-level domains (TLDs), including .toys, .kids, .tools, .shoes, .fashion and .food, are also in play.

That may not be as paranoid as it first looks. Amazon filed (and paid the $185,000 per TLD application fee) for 76 separate vanity TLDs—all of which it intends to restrict to Amazon and its subsidiaries. (Yes, we looked at all 76 applications.) Some of the most obvious TLDs retailers might conceivably be interested in—.shoes, .toys, .fashion, .jewelry and .tools—have no retailer applicants. They've all been applied for by companies that actually believe they can sell domain names ending with those TLDs. There's also .food, which is the focus of a three-way competition among two domain registrars and the Food Network, which wants to take it private. Amazon, Google and a Hong Kong foundation are each fighting for .kids. How likely is it that .book—owned by Amazon or anyone else—will have an impact? Barnes & Noble (NYSE:BKS) owns both book.com and books.com, which both redirect to the chain's own site. That doesn't seem to have given B&N much of a monopoly.

Privacy Sure Isn't What It Once Was

When it comes to softening up shoppers and making them more comfortable sharing personal information with retailers, nothing has done a better job than social media sites. Mobile devices, with their...

Dick's Sporting Goods Takes A Different View Of Online Stats

In a wonderful E-Commerce example of the time-honored "different strokes for different folks," executives at both Dick's Sporting Goods (NYSE:DKS) and Macy's (NYSE:M) saw the identical trend: Online, in-store and mobile sales are becoming hopelessly tangled. Macy's solution on February 26: Stop reporting online numbers. Dick's solution on Monday (March 11): Break those numbers out even more.

Here's how similarly both chains view the problem. On February 26, Macy's CFO Karen Hoguet said: "Candidly, it's getting so hard to know what's a store sale and what's a mobile sale and what's Internet. It's getting harder to figure out the lines between them." On March 11, Dick's CEO Edward Stack said: "We are making this reporting change because, as we build out our omni-channel platform, it is becoming apparent that the traditional sales channels are overlapping with the digital space and that providing comp sales on a combined basis will be more meaningful." But by "combined" Stack means that online numbers will be explicitly broken out. "We will continue to provide the size of the E-Commerce business as a percentage of total sales," he said. Stack gave the example that E-Commerce for this quarter was 8.6 percent of total sales, which placed online sales at about $155 million for the quarter.

Judge Rules That A Large Data Breach Is Not Proof Of Inadequate Security

A federal judge ruled on March 5 that LinkedIn (NYSE: LNKD) is not obligated to compensate a pair of its customers who had sued following a LinkedIn data breach last year. Of particular interest to retailers is the customers' argument that the social networking site had promised to protect customer data "with industry standard protocols and technology." They then argued that the breach itself somehow proved such security was not delivered. The judge didn't buy it.

No security system is perfect, so the existence of a break-in—on its own—doesn't prove that security procedures were not followed nor that they were not appropriate. The case—heard in U.S. District Court for the Northern District of California in San Jose—raised several other arguments for customer seeking compensation for the breach, and the court shot them all down. To start the proceedings, the customers had to make a case for how they lost money as a result of the breach, given that it appears none of their personal information was ever used by the thieves.

KFC Discovers That Mobile Isn't Nice. It's Essential

When global chicken fast-food chain KFC launched a major mobile test in the U.K. this month, it has had to learn to deal with realities that are very different than its more mobile-famous corporate brother, Pizza Hut. Although the two chains are both owned by Yum Brands (NYSE:YUM)—along with Taco Bell—the mobile similarities pretty much end there. Some 40 percent of the pizza online orders come from desktops and laptops, with the remainder from mobile.

At KFC, the mobile percentage is expected to be much higher. That's because people typically want pizza delivered to their home or office, whereas a bucket of wings is picked up—after having been ordered from someone driving or walking near the store. (KFC in the U.K. does not deliver.) Pizzas also take longer to cook—compared with preparing already-cooked chicken parts—making the "order and have it waiting for you" model ineffective for KFC. Instead, KFC UK will soon add a geolocation function (likely to be launched in May), so the app knows when the customer is truly right by the restaurant and can ask the customer if the order can be prepared.

Cracking The Code Of Amazon's Instant Pulldown Menu

Say what you will about Amazon (NASDAQ: AMZN), but it's an impressive operation when it comes to sweating the details. One such design innovation from Amazon—it's ultra-smooth, almost...

You Know What Your Shoppers Did Last Summer

If consumers make purchases both online and in brick-and-mortar store, you know a great deal. You have surveillance pictures of them in the store. You know what they purchased and what they looked at. You have browser information. If you subscribe to any of the dozens of data aggregation or marketing sites, you know whatever is shared. With "big data" you have aggregated this data, too. Now imagine if you had to tell each and every one of your customers exactly what you collected and what you did with that information. We mean everything.

That is already the law outside the United States and Canada, writes Legal Columnist Mark Rasch, and it may already be the law in those two holdout countries. It's a matter of interpretation.

Today's Mobile Uncharted Territory Lesson: What Happens When Your Processor Is Ordered To Not Take Payments?

Today's frightening question: What happens when your payment processor gets into a legal fight and suddenly can't process your transactions? This is likely to happen periodically with mobile...

CMU: Consumers Have Sharply <i>Reduced</i> Public Data Sharing

For years, conventional wisdom about privacy has been that shoppers—especially younger shoppers—have been consistently sharing more information online to the general public, a trend that would likely continue as privacy desensitization progressed. But a report released Tuesday (March 5) from Carnegie Mellon University found the opposite when it tracked 5,076 Facebook (NSADAQ:FB) users from 2005 through 2011, one of the most extensive studies of social media privacy yet.

"Over time, Facebook users in our dataset exhibited increasingly privacy-seeking behavior, progressively decreasing the amount of personal data shared publicly with unconnected profiles in the same network," the CMU report said. The implications for retailers are stark, suggesting that many of the privacy strategy underpinnings on both retail and e-tail may be flawed. The report also found that those same consumers started sharing more information during that period, but only with people they assumed to be in a private group. And that sharing was expanded "both in terms of scope and amount of personal data." For retailers trying to extrapolate insights from this report to apply to chain CRM and mobile programs, these two conclusions are frustrating.

On Telecommuting, Best Buy Looks To Yahoo For Leadership Vision. *Gulp*

Pity the poor telecommuter. Best Buy (NYSE:BBY) has followed the lead of one-time search engine leader Ya("Let's get a Ouija board and figure out this month's business plan")Hoo and sharply pulled back from its corporate telecommuting program. Best Buy killed a program called the Results Only Work Environment (ROWE), which allowed some 4,000 Best Buy HQ staff to work from home or the road.

The Yahoo (NASDAQ:YHOO) move to yank telecommuters back to HQ was based on new CEO—and current Walmart (NYSE:WMT) board member—Marissa Mayer's review of VPN records, presumably suggesting that a lot of workers weren't checking in very often. Hopefully, Mayer had a lot more evidence to go on, because workers might have been performing their jobs fully without having to check into the network routinely. But the problem with both the Yahoo and Best Buy changes is that, if we take the statements from both companies at face value, they are doing this to get better controls in place. If that's the case, then workers are being punished because of poor management procedures and, most likely, poor managers.

Can Google Get Chains To Solve The $10 Delivery Ceiling?

Google's same-day delivery service for retailers will reportedly have an Amazon (NASDAQ:AMZN) Prime-like twist: a fixed annual price. That could open up a wide range of options for chains, including retailers paying the yearly fee (expected to be between $65 and $70) for favored loyalty customers. That, in turn, might make the delivery service financially viable for Google (NASDAQ:GOOG) and retailers.

Google has been testing a same-day delivery service since last fall with several chains, limited to employees and a small number of other testers. The big problem is the one that all same-day efforts in the U.S. have faced: Even affluent customers won't pay more than $10 per delivery.