Rechtsanwalt & Fachanwalt für gewerblichen Rechtsschutz
T (+49) 040 / 7344 086-0
The rights of a seller at Amazon are not as fully developed as they could be. This led to an injunction against Amazon. The LG Leipzig, the regional court of Leipzig, has issued an injunction in favor of an Amazon merchant in a decision on 28th of September in 2020 (Az. 07 O 2172/20).
This court decision shows that Amazon is obliged to protect its merchant. In the event of an unauthorized third party access to a merchant account, in the instant case by a hacker, Amazon has to take actions and measures to prevent such unauthorized usages and attacks. Sellers from all over the world who are registered in the tax office in Germany should keep the principles of German laws in mind. Thus, the decision is also relevant for market entrants from China or European countries.
In the case that was discussed by the regional court, hackers bypassed the 2-factor authentication of Amazon and got access to an Amazon merchant’s account. They then changed the access data to the account. Subsequently, numerous products of various types were offered for sale on the merchant’s account. These products weren’t products that the merchant affected normally sells.
The retailer could not intervene because the hackers had changed the access data. He had to watch how the hackers compromised his account.
The affected retailer tried to contact Amazon. It was difficult to contact Amazon, as Amazon did not provide an own emergency hotline for retailers for such incidents. The Amazon emergency hotline was only for the customers. In the end, the support that the retailer received from the Seller-Support was not helpful in this specific case. Despite the request from the retailer, Amazon did not block the account of the merchant immediately. The fraudulent activities on the account continued. The email inbox of the retailer filled up with the customer inquiries. In desperate need of any help, the merchant even filled a criminal complaint.
Only days later Amazon finally took actions against the hackers and initiated the blocking of the merchant’s account. However, later Amazon requested the retailer to deliver the allegedly open orders to the customers. Amazon demanded this although Amazon had knowledge of the incidents. The retailer was still unable to access his account, as the hackers changed the 2-factor authentication.
Soon after, the merchant received a message that his account would be reactivated based on the submission of certain documents. Though, the merchant did not take any actions regarding the activation of his account.
After the reactivation, once again hundreds of products were offered for sale. Immediately the merchant contacted Amazon again, to take actions against the fraudulent activities. First, he didn’t receive any response from Amazon. Only days later Amazon blocked the account again.
The merchant received a message from the Amazon system, saying that the bank details of the account had been changed. After that the retailer took legal advice. The out-of-court request from the lawyers towards Amazon to prevent other people from accessing the account of the merchant remained unsuccessful. Therefore, an application was made for the issuance of an interim injunction against Amazon. The legal basis of the application was an unlawful interference with the established and practiced business. The established and practiced business is an absolute right developed by case law. The violation of this right can trigger claims for damages and injunctive relief. The regional court issued the injunction in accordance with the application by resolution on September 28th in 2020 because of the lack of appropriate and necessary measures from Amazon.
Due to a hacked seller account data protection is also violated. When third parties get unlawful access to an Amazon merchant account, they also gain insight into the personal data of the customers, which is a violation to the data protection. In case of unauthorized access, the affected merchant and Amazon must immediately report the violation to the supervisory authority. This report must take place within 72 hours.
Violation of the reporting obligation may be subject to fines. Those fines can amount up to 10 million euros or up to 2 % of a company’s total annual turnover received in the previous fiscal year.
Amazon has been known to block merchant accounts too fast. The more surprising it was that Amazon did not take immediate measures against the hacked account.
The decision of the court shows that Amazon must take actions and measures to protect its merchants. Especially when Amazon gets notified of unauthorized access and the sellers aren’t able to get access to their account anymore, Amazon has to provide help. However, a temporary blocking of the affected account is insufficient to adequately protect the sellers account.
This decision is not the first one that obliges Amazon to provide more protection for their sellers. Amazon has to establish quicker solutions for the merchants that are victims of fraudulent activities. With better solutions the damage for merchants could be minimized. If any market entrant from China of another country faces similar problems, these problems can be adressed.
Our lawyers at SBS LEGAL have years of experience with seller account cases. We have a vast knowledge of the current competition law and can provide you with comprehensive and professional advice. We support you in all matters of competition law and represent your interests in and out of court.
Are you a market entrant from China or another country who has recently made an application to the tax office for a tax ID and are you facing legal issues? If you want legal advice from the experienced team of specialist attorneys and experts of SBS LEGAL, you are welcome to contact us.