On May 30, 2024, the European Court of Justice (“CJEU”) ruled that any button a consumer uses to order a service online must clearly indicate that the consumer commits to pay the price for the relevant service by affirmatively clicking on it. (Conny Case C-400/22) At issue was whether this requirement applies in cases where the consumer’s obligation to pay the trader is subject to the trader meeting a specific condition specified in the contract. The CJEU confirmed that the rule applies in such cases.

The Conny case involved a tenant (i.e., consumer) who entered into an online contract with a debt collection agency (i.e., trader), pursuant to which the agency could enforce on the tenant’s behalf certain rights the tenant had against a landlord under German law. Specifically, the tenant would pay the agency its fee only if the agency successfully enforced the tenant’s rights or transmitted a letter of formal notice to the landlord. This was made clear in the contract that the tenant signed with the agency.

When agreeing to the services online, the tenant ticked a box to accept the online contract and was asked to click on a button to place the order for the service. The button did not expressly say that the tenant was committing to pay a fee to the agency by clicking on it.

The EU Consumer Rights Directive requires that a button or similar measure that invites a consumer to place an order expressly mention the consumer’s obligation to pay the price for the relevant service or product and, if not, the consumer is not bound by the contract, i.e.,:

“The trader shall ensure that the consumer, when placing his order, explicitly acknowledges that the order implies an obligation to pay. If placing an order entails activating a button or a similar function, the button or similar function shall be labeled in an easily legible manner only with the words ‘order with obligation to pay’ or a corresponding unambiguous formulation indicating that placing the order entails an obligation to pay the trader. If the trader has not complied with this subparagraph, the consumer shall not be bound by the contract or order.” (Article 8(2))

The landlord was not happy that the agency was representing the tenant. The landlord argued before a German court that the contract between the tenant and the agency was invalid under EU consumer law because the agency did not comply with the above EU consumer law as transposed into German law, and therefore could not represent the tenant. The German court then requested the CJEU to consider whether the above requirement applied in this case, where the tenant’s obligation to pay was contingent on the agency successfully enforcing the tenant’s rights or sending a letter of formal notice to the landlord.

The CJEU confirmed that the above-mentioned EU rule also applies in this case. The CJEU also ruled that the consequence of this is not that the contract is invalid, as the landlord had claimed, but that the contract does not bind the tenant. However, upon receiving additional information about his or her obligation to pay, the tenant can later decide whether they wish to make the contract binding.

*             *             *             *

Covington’s Data Privacy and Cybersecurity Practice regularly advises on European consumer law and litigation at the European Court of Justice. If you have any questions about the implications of these rulings for your business, please let us know.

(This post was written with the assistance of Alberto Vogel).

Photo of Dan Cooper Dan Cooper

Daniel Cooper is co-chair of Covington’s Data Privacy and Cyber Security Practice, and advises clients on information technology regulatory and policy issues, particularly data protection, consumer protection, AI, and data security matters. He has over 20 years of experience in the field, representing…

Daniel Cooper is co-chair of Covington’s Data Privacy and Cyber Security Practice, and advises clients on information technology regulatory and policy issues, particularly data protection, consumer protection, AI, and data security matters. He has over 20 years of experience in the field, representing clients in regulatory proceedings before privacy authorities in Europe and counseling them on their global compliance and government affairs strategies. Dan regularly lectures on the topic, and was instrumental in drafting the privacy standards applied in professional sport.

According to Chambers UK, his “level of expertise is second to none, but it’s also equally paired with a keen understanding of our business and direction.” It was noted that “he is very good at calibrating and helping to gauge risk.”

Dan is qualified to practice law in the United States, the United Kingdom, Ireland and Belgium. He has also been appointed to the advisory and expert boards of privacy NGOs and agencies, such as Privacy International and the European security agency, ENISA.

Photo of Anna Oberschelp de Meneses Anna Oberschelp de Meneses

Anna Sophia Oberschelp de Meneses is an associate in the Data Privacy and Cybersecurity Practice Group.  Anna is a qualified Portuguese lawyer, but is both a native Portuguese and German speaker.  Anna advises companies on European data protection law and helps clients coordinate…

Anna Sophia Oberschelp de Meneses is an associate in the Data Privacy and Cybersecurity Practice Group.  Anna is a qualified Portuguese lawyer, but is both a native Portuguese and German speaker.  Anna advises companies on European data protection law and helps clients coordinate international data protection law projects.  She has obtained a certificate for “corporate data protection officer” by the German Association for Data Protection and Data Security (“Gesellschaft für Datenschutz und Datensicherheit e.V.”). She is also Certified Information Privacy Professional Europe (CIPPE/EU) by the International Association of Privacy Professionals (IAPP).  Anna also advises companies in the field of EU consumer law and has been closely tracking the developments in this area.  Her extensive language skills allow her to monitor developments and help clients tackle EU Data Privacy, Cybersecurity and Consumer Law issues in various EU and ROW jurisdictions.