Application programming interfaces, or “APIs,” have become a critical part of ecommerce, and retailers are increasingly finding new and creative ways to use APIs to enhance their offerings and their business.  For example, Kroger deploys an API with information about its groceries, locations, coupons, and loyalty programs.  BestBuy similarly offers APIs to third parties, including one for recommended purchases.  LensCrafters, Williams-Sonoma, and other retailers have further deployed APIs to expand consumer access to their information.  Still, many other retailers are connecting to PayPal and other fintech companies to provide multiple secure checkout options.

This post is the first in a two-part series concerning emerging uses and considerations involving APIs.

The provision of public APIs has exploded in recent years amid ecommerce. More than 60 percent of eBay listings are added via API.  At least 50 percent of Salesforce transactions are via APIs.  Ecommerce service companies Shopify

Many retailers permit their employees to use personal mobile devices, such as smartphones and tablets, to access company-specific information, such as email, under a Bring Your Own Device (“BYOD”) policy. BYOD policies can be popular for employees that want to use hand-picked devices and for retailers that want to avoid the cost of providing, and maintaining, company-owned devices. Nonetheless, the use of company data on non-company devices implicates both security and privacy considerations.

A reported 40 percent of companies offer BYOD to all employees, according to a survey by Crowd Research Partners.  Security concerns, data leakage, and malware were all listed as top concerns of retailers in allowing BYOD.

Consider the following when deciding upon a BYOD policy:

Is the scope of your control over employees’ mobile devices consistent with your company’s interest?  Retailers should consider why they have an interest in knowing about their employees’ mobile devices; that

Email is an important marketing tool for retailers, who should be aware of federal and state laws regulating its commercial use. Since its enactment in 2003, the Controlling the Assault of Non-Solicited Pornography and Marketing (“CAN-SPAM”) Act has attempted to curb the number of unwanted emails and impose some rules on a largely unregulated frontier. When followed, CAN-SPAM Act’s restrictions give email recipients some control over their inboxes and also maintain fairness in how emails present themselves. Failure to follow the CAN-SPAM Act can lead to penalties of up to

New legislation passed by Congress attempts to curb aggressive tactics against the authors of negative online reviews. The legislation bans the practice of contractually prohibiting consumers from posting negative reviews on websites. President Barack Obama has indicated that he will sign the legislation.

The Consumer Review Fairness Act of 2016 (the “Act”) voids, from inception, clauses in form contracts that:

Such chilling gag clauses had been wielded by various businesses against customers who had written or encouraged negative reviews of those businesses’ products and services through online forums such as Yelp.

The Act further restricts any claim to ownership of the underlying intellectual property in such reviews except to the extent that a limited license is provided to display the content. Accordingly,