Cari Fais
Director
Read Bio

Home
Division Units
- Alternative Dispute Resolution Unit
  Resolves disputes without having to go through the traditional court system
  Bureau of Securities
  New Jersey’s Securities Regulatory and Enforcement Agency
  Charities Registration & Investigation Section
  Administers and enforces the provisions of the Charitable Registration & Investigation Act
  Consumer Outreach
  Responsible for education and promoting awareness of scams targeting New Jersey residents.
  Criminal History Review Unit
  Coordinates state and federal criminal history record background checks of individuals applying for licensure or certification
  Drug Affordability Unit
  Implements prescription drug price transparency under P.L. 2023, c. 106
  
  High School Consumer Bowl
  Educational competition for high school students across New Jersey
  Legalized Games of Chance Control Commission
  Oversees the operation of games conducted pursuant to the Bingo and Raffles Licensing Laws
  Lemon Law Unit
  The Lemon Law Unit assists consumers who are experiencing defects in their new car, used car or motorized wheelchair or scooter
  New Jersey Drug Control Unit
  Assists in the enforcement of provisions of the New Jersey Controlled Dangerous Substances Act and the New Jersey Prescription Blanks Program
  New Jersey's Health Care Profile
  Information about the State's medical doctors, podiatrists and optometrists
  Office of Consumer Protection
  Primary investigative section for consumer complaints. The main responsibility of the OCP is to enforce the Consumer Fraud Act and its regulations
  Office of Weights and Measures
  Responsible for ensuring that all commercial weighing and measuring devices accurately measure the commodities sold to consumers
  Regulated Businesses Section
  Businesses We Regulate
  
  Division Initiatives
  
  Angelie's Law
  
  Anti-Fraud Toolkit
  
  Cyber Safe NJ
  
  Fighting Fraud
  
  Prescribing for Pain
  
  NJ Prescription Monitoring Program
  
  Project Medicine Drop
  
  Safe Care Cam Program
Boards & Committees
- Accountancy
  Acupuncture
  Alcohol and Drug Counselor
  Applied Behavior Analyst Examiner
  Architect
  Athletic Training
  Audiology and Speech-Language Pathology
  Cemetery
  Chiropractic Examiner
  Cosmetology and Hairstyling
  Court Reporting
  Creative Arts and Activities Therapy
  Dentistry
  Dietetics and Nutrition
  Electrical Contractor
  Electrologist
  Elevator/Escalator/Moving Walkway
  Fire Alarm, Burglar Alarm and Locksmith
  Genetic Counselor
  Hearing Aid Dispenser
  Hearth Specialist
  Home Inspection
  Homemaker-Home Health Aide
  HVAC and Refrigeration
  Interior Designer
  Joint Architects and Engineer
  Landscape Architect
  Marriage and Family Therapy
  Massage and Bodywork
  Medical Examiners
  Midwifery
  Mortuary
  Nursing
  Occupational Therapy
  Ophthalmic Dispenser/Technician
  Optometrist
  Orthotics and Prosthetics
  Perfusionist
  Pharmacy
  Physical Therapy
  Physician Assistant
  Plumber
  Polysomnography
  Pool and Spa
  Professional Counselor
  Professional Engineer/Land Surveyor
  Professional Planner
  Psychoanalyst
  Psychologists
  Real Estate Appraiser
  Respiratory Care
  Social Work
  Veterinary
  
  Board Related Information
  
  Laws & Regulations
  
  Adoptions & Rule Proposals
  
  Licensing Services & Renewals
  
  Healthcare Reporting Requirements
  
  New Jersey Drug Control Unit
  
  New Jersey Health Care Profile
  
  New Jersey Prescription Blanks
  
  Prescription Drug Price Registry
  
  Know Your Abortion Rights English | Spanish
NJPMP
News
- Consumer Briefs
  The New Jersey Division of Consumer Affairs protects the public from fraud, deceit and misrepresentation in the sale of goods and services. The Division developed Consumer Briefs to educate consumers about emerging frauds and topics that affect their daily lives
  
  Press Releases
  Read the latest news and information regarding the Division
  
  Publications
  The Division's library of consumer education materials, including newsletters and brochures
Contact
- Email
  
  General AskConsumerAffairs@dca.njoag.gov
  
  Initial Applications InitialApplications@dca.njoag.gov
  
  Renewal Applications RenewalApplications@dca.njoag.gov
  
  Press Office (For Reporters Only) DCAPress@dca.njoag.gov
  
  Call
  
  Consumer Service Center Hotline (973) 504-6200
  
  Toll free (NJ only) (800) 242-5846
  
  Visit
  
  124 Halsey Street
  Newark, New Jersey 07102
  Directions

Alert
On January 16, 2024, Governor Phil Murphy signed the New Jersey Data Privacy Law, P.L. 2023, c. 266. The law went into effect on January 15, 2025. Please click on this Frequently Asked Questions link to learn more about the new law and your rights under it.

Alert
On January 8, 2024, Governor Murphy signed into law P.L. 2023, c. 237, which, among other things: amended the Contractors’ Business Registration Act (“CBRA,” formerly the “Contractors’ Registration Act”), N.J.S.A. 56:8-136 et seq., and created the “Home Improvement and Home Elevation Contractor Licensing Act,” N.J.S.A. 45:5AAA-1 et seq. For more information on the registration requirements for contractors and businesses under these laws, click here.

Alert
On July 10, 2024, Governor Murphy signed into law the Real Estate Consumer Protection Enhancement Act, P.L. 2024, c.32, which, among other things, requires sellers of residential property located in New Jersey to use the "Seller's Property Condition Disclosure Statement" ("Disclosure Statement," questions 1 through 108).

Additionally, on July 3, 2023, Governor Murphy signed into law P.L. 2023, c.93, which, among other things, requires sellers of all real property located in New Jersey to make certain additional disclosures concerning flood risks on the "Disclosure Statement." On July 15, 2024, the Division published a "Flood Risk Addendum" to the Disclosure Statement (questions 109 through 117), which includes the additional disclosures concerning flood risks.

As a result of these two laws, effective August 1, 2024:

Sellers of residential property must complete the Disclosure Statement (questions 1 through 108). A copy of the Disclosure Statement is available here; and
All sellers of real property, both residential and non-residential, must complete the Flood Risk Addendum to the Disclosure Statement (questions 109 through 117). A copy of the Flood Risk Addendum is available here.

The Division has created an instruction sheet with additional information regarding the use of these forms. The forms linked above supersede any forms previously posted by the Division, including, but not limited to, the "Amended Disclosure Statement" posted on December 21, 2023.

Press Release

For Immediate Release: October 9, 2024 Office of the Attorney General Matthew J. Platkin, Attorney General Division of Consumer Affairs Cari Fais, Acting Director Division of Law Michael T.G. Long, Director	For Further Information Contact: Allison Inserro, OAGPress@njoag.gov
Attorney General Platkin, Multistate Coalition Announce $52 Million Settlement for Marriott, Starwood Data Breaches Marriott Agrees to Strengthen Policies, New Jersey to Receive $1.3 Million View Complaint View Consent Order TRENTON – Attorney General Matthew J. Platkin and the Division of Consumer Affairs today announced that a coalition of 50 Attorneys General reached a $52 million settlement with Marriott International, Inc. to resolve investigations concerning two information security failures, including one widespread data breach. New Jersey will receive just over $1.3 million from the settlement. At the same time, the Federal Trade Commission, which has been coordinating closely with the states throughout this investigation, has reached a parallel settlement with Marriott. “This settlement is another example of how New Jersey and other states are working together to hold corporations accountable for their failures to safeguard customer data,” said Attorney General Platkin. “Together, we are requiring companies to treat consumer data as carefully as they do their other assets.” “Consumers have the right to know that corporations take data privacy seriously and will protect their private information,” said Cari Fais, Acting Director of the Division of Consumer Affairs. “We are pleased that, as a result of this settlement, Marriott will improve their processes going forward.” The States allege that Marriott violated data breach laws and consumer protection laws—including the New Jersey Consumer Fraud Act—by misrepresenting the ways in which it protected consumers’ personal information and failed to use adequate cybersecurity safeguards to protect that information. The first breach began in 2014, when an unauthorized third-party installed malware and gained access to the guest reservation database of Starwood Hotels and Resorts Worldwide. In 2016, Marriott purchased Starwood and took control of its computer network. Unbeknownst to Marriott, between 2014 and 2018, the intruders went undetected in the Starwood network and continued to perform reconnaissance activities and gain access to highly privileged Starwood administrative and user credentials. The impacted records included contact information, gender, dates of birth, legacy Starwood Preferred Guest information, reservation information, and hotel stay preferences, as well as a limited number of unencrypted passport numbers and unexpired payment card information. After becoming aware of the breach in September 2018, Marriott disclosed the 2014 data breach on November 30, 2018. A forensic examination of Starwood’s systems revealed several failures. These failures included inadequate firewall controls, unencrypted payment card information stored outside of the secure cardholder data environment, lack of multifactor authentication, and inadequate monitoring and logging practices. About 131.5 million Americans were impacted by the data breach, including more than 4.3 million New Jerseyans. In a second incident, intruders were allegedly able to compromise the credentials of employees at a Marriott-franchised property to gain access to Marriott’s own network for a period of several months. These attackers began accessing and exporting consumers’ personal information without detection from September 2018 to December 2018. The breach resumed in January 2020 and continued until it was discovered the next month. Over the course of the two time periods, the intruders gained access to over 5.2 million guest records, including 1.8 million records related to U.S. consumers. The records contained significant amounts of personal information. Marriott announced the discovery of this second incident in March 2020. The consent judgment and complaint were filed in the Superior Court, Chancery Division in Mercer County. In addition to the financial penalties, the settlement includes significant steps Marriott must take to prevent a future breach. Marriott agreed to various measures aimed at strengthening its cybersecurity practices going forward, including but not limited to: Employing a Chief Information Security Officer and creating a committee on its Board of Directors to provide oversight on the company’s information security program; Implementing specific security requirements with respect to consumer data, including component hardening, conducting an asset inventory, encryption, segmentation to limit an intruder’s ability to move across a system, patch management to ensure that critical security patches are applied in a timely manner, intrusion detection, user access controls, and logging and monitoring to keep track of movement of files and users within the network; Reporting security breaches involving personal information of Marriott customers; Providing a method for consumers to request that their data be deleted from Marriott; Providing a way for consumers to request a review of their loyalty rewards information to check for unauthorized account activity; Training employees on protecting consumers’ personal information in company databases; Conducting mandatory risk assessments before, during, and after new acquisitions; Implementing an integration plan for information security assets acquired by the company that ensures the assets comply with Marriott’s information security program; Creating mandatory data retention policies; Increasing oversight of vendors and franchisees; and Engaging an independent third party every two years to assess Marriott’s information security practices as well as its compliance with this settlement. In addition to New Jersey, other jurisdictions joining the settlement are Alabama, Alaska, Arizona, Arkansas, Colorado, Connecticut, Delaware, Florida, Georgia, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, Wyoming and the District of Columbia. New Jersey was represented by Deputy Attorney General Mandy K. Wang under the supervision of Section Chief Kashif T. Chand and Assistant Section Chief Thomas Huynh of the Data Privacy & Cybersecurity Section, within the Affirmative Civil Enforcement Practice Group of the Division of Law. The investigation into this matter was conducted by Investigator Aziza Salikhova of the Office of Consumer Protection, within the Division of Consumer Affairs. To learn more about cyber safety in New Jersey, visit the Cyber Safe NJ website of the Division of Consumer Affairs. ###

Last Modified: 11/1/2024 10:30 AM

RSS

Sign up for New Jersey Division of Consumer Affairs RSS feeds to get the latest information. You can select any category that you are interested in, and any time the website is updated you will receive a notification.

More information about RSS feeds.

Division Initiatives

Board Related Information

Email

Call

Visit

Press Release

Division

Department

State

Legal

RSS