Dear Harold and Nathan;
Thanks very much for very helpful comments. On this particular issue, I would like to assume (simply for the purposes of discussion) that there is no doubt that the user was careless with his access code, however carelessness is defined. Presumably the effect is something like this: he and the card-issuing bank had a contract under which the bank agreed to extend credit for uses of the card (for either cash withdrawals or purchases), and he agreed to pay the subsequent bill. The terms of the contract included that the bank would "cover" any fraud (ie reverse any fraudulent transactions on the card and not him liable for them) so long as he was careful with the access code. He was not careful; as a result the bank may now require him to pay the account. He would then like to be able to sue the fraudster for his loss.
Nathan, I was interested in what you said about the card-holder being able to be subrogated to the bank and sue the thief in an action for fraud (ie the tort of deceit?) I see a couple of problems there. One is mine- that I don't understand the doctrine of subrogation and wonder whether there are cases that support this. The second is this: standing in the bank's shoes, arguably there has been no loss! That is, from the bank's point of view, it is still entitled to sue the card holder for payment of the bills, and hence it has lost nothing (even though it was the one which relied on a false representation of the identity of the fraudster,) The bank was deceived but has suffered no loss; the customer has suffered a loss but was not deceived.
Regards
Neil
Neil Foster
Associate Professor,
Newcastle Law School;
University of Newcastle
Callaghan NSW 2308
AUSTRALIA
MC177, McMullin Bldg
ph 02 4921 7430
fax 02 4921 6931
http://www.newcastle.edu.au/staff/profile/neil.foster.html
http://works.bepress.com/neil_foster/
http://simeonnetwork.org/testimonies/119/Neil_Foster
>>> Harold Luntz <haroldjen@netspace.net.au> 02/07/13 6:54 PM >>>
In Australia the liability as between the card issuer and the holder
would be governed by cl 5 "Liability for Unauthorised Transactions" of
the Electronic Funds Transfer Code, a voluntary code which is
incorporated into the contract by all major banks. The Code is due to be
replaced next month by the ePayments Code, but so far it seems that only
Paypal of the major institutions has subscribed to it. Clause 11 of the
new Code is in similar terms to the EFT code, but adds provisions
relating to cards which may be "touched" against readers and there is no
PIN or signature used. The codes may be found at
http://www.asic.gov.au/asic/asic.nsf/byheadline/EFT-code-amendments?openDocument
by following links. Relevant to Nathan's point is the following
provision in cl 5.5 of the EFT code:
> In determining whether an account institution has proved on the
> balance of probability that a user has contributed to losses under
> paragraph 5.5(a), all reasonable evidence must be considered,
> including all reasonable explanations for the transaction occurring.
>
> The fact that the account has been accessed with the correct access
> method, while significant, will not of itself constitute proof on the
> balance of probability that the user has contributed to losses through
> the user's fraud or through the user contravening the requirements in
> sub-clause 5.6.
>
> In determining whether a user has unreasonably delayed notification
> under paragraph 5.5(b), the effect on the user of any charges imposed
> by the account institution relating to the notification or the
> replacement of the access method must be taken into account.
>
I hope that helps the discussion.
Harold.
*Harold Luntz*
Professor Emeritus
Law School
The University of Melbourne
On 7/02/2013 12:53 PM, Nathan TAMBLYN (Faculty of Law) wrote:
> The problem becomes more acute when it is not the physical credit card
> itself which is stolen, but merely its details.
> These cases are often described as 'identity theft', which I think is
> a sneaky way of banks transferring the problem onto the credit card
> holder. But the problem should not be the credit card holder's. What
> happens thereafter is fraud: the thief uses the card pretending to be
> the authorized holder when he is not. That fraud is perpetrated on (i)
> the credit card company, and (ii) the shop (say) which takes the card
> in exchange for goods. The credit card holder is entitled to say to
> the credit card company, because it is true, you have deducted from my
> account something which I did not authorize, nor given me anything in
> exchange, so I will not pay that bill.
> What about the allegation that the PIN was not secure?
> First, how can the credit card company prove that? Just because the
> card was used, I do not think it follows that the PIN was not secure.
> Very sophisticated technology exists to obtain PIN numbers. My credit
> card was skimmed once and used successfully, and my PIN is written
> down nowhere, and known only to me. (Fortunately the bank blocked the
> transaction.)
> Second, any allegation of tortious negligence on the part of the
> credit card holder is irrelevant; when A perpetrates a fraud on B, any
> negligence by C is irrelevant to that claim.
> Third, perhaps the proper analogy is with someone who writes a blank
> cheque then used by a rogue to draw down more money than the writer
> anticipated. That, I think, is a breach of contract by the cheque
> writer to the bank. So perhaps an insecure PIN is a breach of contract
> to the credit card company which, if they can prove it, would allow
> them to authorize the deduction.
> Finally, how can the credit card holder recover from the thief? The
> thief stole from the credit card company. The credit card holder has
> to indemnify the company through its breach of contract. The credit
> card holder gets subrogated to the position of the credit card company
> and can sue the thief in fraud.
> Nathan
> *Nathan Tamblyn*
> //
> /MA (Oxford) LLM PhD (Cambridge) Barrister/
> /Assistant Professor, Director of the LLM in Common Law/
> /Faculty of Law, Chinese University of Hong Kong/
> www.law.cuhk.edu.hk <
http://www.law.cuhk.edu.hk/>
>
>
> ------------------------------------------------------------------------
> *From:* Neil Foster [mailto:Neil.Foster@newcastle.edu.au]
> *Sent:* Thu 07/02/2013 09:07
> *To:* obligations@uwo.ca
> *Subject:* ODG: Conversion of credit card?
>
> Dear Colleagues;
> Occasionally one finds that everyday transactions are unusually
> difficult to analyse in tort categories- or perhaps it is a defect in
> the law. The question that came up today is, what tort remedy is
> available to Y against X where X steals Y's credit card and then
> appropriates a large sum of money (say $5000)? I think I can see a way
> of arguing that there could be an action in conversion against the
> wrongdoer (or trespass to goods) based on the touching or taking
> control of the card, and then one could argue that the stolen money
> was damages that flowed from that initial wrong. (Let us assume for
> the moment that the bank concerned will not provide a refund because,
> for example, the PIN was not properly secured.) But this seems very
> artificial. Perhaps one could also say that if banknotes were taken
> from an ATM, then there is a conversion because the notes at the point
> of emerging were to be deemed to be the property of the account
> holder? (But even that seems a bit odd.)
> One would like to say there is conversion of the value stolen, on
> analogy with the rule allowing conversion actions in relation to
> cheques, but are there any cases that say so? The difference from a
> cheque, of course, is apparent- there is no "face value"- although one
> could in theory perhaps regard the card as "worth" the maximum credit
> limit. Still, this would be odd where less than the maximum had
> actually been spent. Or were the minority in /OBG v Allen/ correct to
> say that conversion should apply to intangible property these days
> since many people would not physically touch cash in most transactions?
> If conversion is not applicable, it seems to me surprisingly tricky to
> identify another appropriate tort action (though perhaps I am missing
> something obvious.)
> Regards
> Neil
>
> Neil Foster
> Associate Professor in Law,
> Newcastle Law School;
> Faculty of Business & Law
> University of Newcastle
> Callaghan NSW 2308
> AUSTRALIA
> Room MC177,
> McMullin Building
> ph 02 4921 7430
> fax 02 4921 6931
>
>
http://www.newcastle.edu.au/staff/profile/neil.foster.html
>
>
http://works.bepress.com/neil_foster/
>
>
http://simeonnetwork.org/testimonies/119/Neil_Foster
>
>
>
>
>
>
>