Maplebear (CART) Risk Analysis

Demand for our offerings is highly sensitive to a range of factors, including our strategies relating to the amount of potential earnings required to attract shoppers, incentives paid to shoppers, and the fees we charge retailers, customers, and brands. Many factors, including operating costs, legal and regulatory requirements, constraints or changes, supply chain issues, the price sensitivity of consumers in different income groups or other demographics, inflation, and our current and future competitors' pricing and marketing strategies, have in the past significantly affected and may in the future significantly affect our pricing strategies. Competition, regulation, or other factors may cause us to change the pricing or implementation of our delivery or service fees for customers, increase the incentives we pay to shoppers that utilize Instacart, adjust the fees we charge retailers or brands, or increase our marketing and other expenses to attract and increase the engagement of retailers, customers, brands, and shoppers in response to competitive, regulatory, and other external pressures. For example, certain of our competitors offer, or may in the future offer, lower-priced or a broader range of offerings, including subscription offerings for bundled services. We may need to spend significant amounts on marketing and both customer and shopper incentives to deploy innovative and novel pricing and incentive strategies to retain or attract new customers and shoppers. We have launched, and may in the future launch, new or updated pricing strategies and initiatives, such as subscription offerings like Instacart+, and customer or shopper loyalty programs, or modify existing pricing methodologies or pricing models and fulfillment options, due to a variety of reasons, including to address changes in the market for our offerings as competitors introduce new offerings and features or in response to actions taken by our retail partners, to regulatory or other legal challenges, or as we launch new strategic initiatives such as Instacart Health and Instacart Business, any of which may not ultimately be successful in attracting and engaging retailers, customers, brands, or shoppers or may negatively impact customer retention and engagement as well as our financial results. We also offer brands and retailers tools and products, including through our Eversight business, to enable them to optimize online pricing and promotions strategies. If these solutions fail to generate improved results for brands and retailer sales, brands and retailers may choose to not use such solutions. If these solutions negatively impact consumer price perception, our brand reputation and our ability to attract and retain customers could be harmed. The increasing complexity of our pricing models and related expansion of our business may also require us to update our internal systems for invoicing retailers or brands or incur costs to remediate errors or disputes in existing invoices. Further, consumers' price sensitivity may vary by geographic location, and as we expand, our pricing methodologies may not enable us to compete effectively in these locations. In particular, if we were to continue expanding internationally, we may be required to change our pricing strategies and to adjust to different cultural norms, including with respect to consumer pricing and gratuities. While we do and will attempt to set prices based on our prior operating experience and customer, retailer, brand, and shopper feedback and engagement levels, our assessments may not be accurate or there may be errors in the technology used in our pricing, and we could be underpricing or overpricing our services. In particular, we have limited experience pricing our offerings in volatile macroeconomic environments and at the current scale, scope, and complexity of our business. As a result, our historical data and operating experience may be insufficient to adequately inform our future pricing strategies for changing market environments. In addition, if the services on Instacart change, then we may need to revise our pricing methodologies. Changes to any components of our pricing model may, among other things, result in customer dissatisfaction, lead to a loss of customers on Instacart, and seriously harm our business.

Customers and shoppers rely on our support personnel and technologies to resolve issues and realize the full benefits that Instacart provides. High-quality support to both customers and shoppers is also important for the expansion of Instacart's use by our existing customers. The importance of our support function will increase as we expand our business and pursue new customers. We rely in part on support personnel and contractors in countries outside of the United States, and government actions in those countries such as curfews have in the past and could in the future slow down our systems and ability to timely respond to customer and shopper issues. We also rely in part on support technologies, including self-service and AIML solutions. Those technologies have in the past and may in the future fail to perform as expected resulting in customer and shopper dissatisfaction. If we do not help customers and shoppers quickly resolve issues and provide effective ongoing support, our ability to maintain and expand our revenue from existing and new customers could suffer, as well as our reputation with existing or potential customers.

Shoppers perform certain tasks for customers, including picking and delivering goods, on Instacart. We enter into agreements with shoppers for them to provide fulfillment and other services to customers through Instacart and our technology. Our agreements with shoppers generally remain in effect until terminated by the shopper or by us. Shoppers may generally terminate their agreements with us at any time by providing us written notice and such agreements do not provide for any exclusivity. If there are not enough shoppers on Instacart, customer orders may be late, may go unfulfilled, or may be incorrectly fulfilled, which would have a negative effect on those impacted customers and retailers and consequently on our business. If there are too many shoppers on Instacart, there may be an insufficient number of customers placing orders to keep shoppers occupied, engaged, and satisfied with their earnings potential on Instacart. If we are unable to attract shoppers on favorable terms or increase utilization of Instacart by existing shoppers, if we lose shoppers on Instacart, or if shoppers determine it is no longer economically worthwhile to provide services on Instacart due to factors that may be beyond our control, including the costs of gasoline, vehicles, or insurance, changes in consumer behaviors in grocery shopping, actual or perceived economic advantages of providing services with other companies that engage independent contractors, including our competitors, our growth objectives and our business and prospects could be seriously harmed. The number of shoppers on Instacart could decline or fluctuate as a result of a number of factors, including shoppers choosing not to provide their services through Instacart as a result of being dissatisfied with their earnings potential, our pay model or changes to our pay model, changes to the terms of our independent contractor agreement, shopper incentives, our retail partners, having a poor experience on Instacart, or deciding to pursue other work opportunities. For example, shoppers may prefer to provide services through other companies that engage independent contractors if these companies provide benefits such as insurance or portable benefit accounts, or if shoppers simply prefer other app-based work opportunities, such as passenger transportation or restaurant delivery, for non-economic reasons. Many shoppers provide services part-time and have other independent contracting work or employment. Factors outside of our control, including macroeconomic factors, and improvements in labor markets, may cause shoppers to cease providing services on Instacart and become employees elsewhere. Shopper dissatisfaction has in the past resulted in shopper protests, coordinated shopper work stoppages, shoppers choosing not to provide their services through Instacart, and negative press. Any protests, work stoppages or refusals to provide services may result in interruptions to our business or negative publicity and may otherwise harm our business and reputation. While we have implemented strategic initiatives and commitments to bolster our reputation with shoppers in the past, and intend to continue implementing such initiatives and commitments in the future, there can be no assurance that these will be effective to retain shoppers and maintain or improve our reputation with shoppers. From time to time, we have experienced, and expect to continue to experience, shopper shortages, often due to factors that are not within our control and which may be difficult to predict. Shoppers have significant flexibility regarding the in-store tasks they want to perform, including when, where, and how they wish to shop. Shoppers may also provide services on other app-based platforms. To the extent that we experience shopper shortages, we may need to provide or increase incentives to shoppers in order to attract them to Instacart, which would negatively impact our financial results. Our expectations and predictions for shopper needs and preferences may also be inaccurate or incomplete, including due to a lack of historical data for our current scale and scope of operations or due to consumer demand surges that can arise due to factors outside of our control, such as inclement weather. Under these circumstances, we may not be able to attract enough shoppers to fulfill orders in a timely manner even with shopper incentives. Consequently, if shopper shortages lead to the inability of customers to place orders through Instacart or to delayed or incorrect orders, we may lose customers to other online grocery platforms or to other modes of shopping, particularly customers in certain demographic groups who have historically been less prevalent users of Instacart and are more difficult to engage or retain, which would harm our growth, profitability, and results of operations. Finally, the loss of customer orders due to a lack of shoppers to fulfill them or due to incorrect order fulfillment may reduce the perceived value of our offerings to retailers, who may in turn leave Instacart. In addition, authorities have passed laws or adopted regulations, and may continue to do so in the future, requiring shoppers in the applicable jurisdiction to undergo a materially different type of qualification, training, licensure, screening, or background check process, which could be costly and time-consuming. These laws have also in the past imposed and may in the future impose requirements forcing us to fix minimum levels of compensation and provide certain benefits for shoppers, disclose additional details about orders, prices, and shopper earnings, and handle shopper account deactivation in a prescribed manner, which could force us to create new administrative processes and negatively affect our ability to attract and retain retailers, customers, or shoppers, as well as require us to share competitively sensitive information that may cause harm to our business. Court decisions interpreting or otherwise affecting such laws regarding shopper classification or shopper pay and benefits, or interpretations by agencies of the applicability of a retailer or brand collective bargaining agreement to certain tasks shoppers perform, may also negatively affect our ability to attract and retain retailers, customers, or shoppers. Even if some or all of such changes are ultimately not costly or time-consuming, they could reduce the number of shoppers in those markets or extend the time required to recruit new shoppers to Instacart, which could adversely impact our growth, business, and results of operations. Often, we are forced to balance tradeoffs between the satisfaction of various constituents on Instacart, as a change that one category views as positive may be viewed as negative to another category. For example, we take certain measures that are designed to protect against fraud, help increase safety, and prevent privacy and security breaches, such as imposing certain qualifications for shoppers and terminating access to Instacart for shoppers with reported incidents, that may be popular with consumers but may also damage our relationships with shoppers or discourage or diminish their use of Instacart. Certain measures we take to incentivize shoppers, such as smaller windows for reducing tips after an order is complete, may be popular with shoppers but may also be viewed negatively by consumers who wish to have more flexibility over tipping. Further, increased shopper flexibility in when, where, and how to shop may result in shopper shortages during periods of peak demand, which may cause frustration with retailers and customers. If we do not adequately balance the tradeoffs among the various constituents on Instacart and continuously assess such tradeoffs in the context of prevailing market and competitive factors, our business may be harmed.

Promoting awareness and driving adoption of our offerings is important to our ability to grow our business, and attracting and engaging new retailers, customers, brands, and shoppers can be costly. Our consumer marketing efforts currently include, without limitation, digital performance marketing that includes search, programmatic, and social; customer relationship management ("CRM") based marketing that includes push notifications, text messaging, email marketing, linear television, audio, and shopping ads; and co-marketing efforts with retailers, payment providers, brands, and other partners. To drive existing customer reengagement, we also utilize targeted promotions including time-limited free delivery offers and coupons. We also provide incentives to brands to advertise on our platform, increase their engagement, and promote the launch of new advertising solutions. For shoppers, we reach them primarily through digital performance marketing and through in-app prompts. Our marketing initiatives may become increasingly expensive, and we may fail to generate a meaningful return on these initiatives, if at all. For example, we have incurred increased expenditures on our marketing and consumer incentive initiatives to accelerate the growth of our business, which have and may continue to have an effect on revenue and may harm our profitability in the near term. We also have limited experience conducting broad brand marketing campaigns and other marketing initiatives given the current scale, scope, and complexity of our business. Even if we successfully increase revenue as a result of consumer marketing efforts, it may not offset the additional marketing expenses we incur. Our marketing campaigns may also be long-term endeavors, and we may not be able to accurately assess the success of these campaigns for several periods. If our marketing efforts to help grow our business are not effective or if we reduce our marketing expenditures, we expect that our business, financial condition, and results of operations would be adversely affected.

The growth of our business is dependent upon our ability to continue to grow our offerings by cost-effectively increasing our engagement with existing customers and acquiring new customers. If we fail to do so, the value of our offerings will be diminished, and we may have difficulty attracting and engaging retailers and brands. The number of customers and their level of engagement on Instacart may decline materially or fluctuate as a result of many factors, including, among other things: - dissatisfaction with the operation of, or pricing on, Instacart, including our customer support services, or the quality and performance of the offerings, services, and technology of our partners;- the actual or perceived quality of service provided by shoppers, such as picking the wrong item, making a poor substitution for out of stock items, failing to deliver items on a timely basis or at all, failing to complete requested tasks or otherwise follow customer instructions, or customers having negative experiences in their interactions with shoppers, particularly during demand surges;- macroeconomic uncertainty, inflation, elevated interest rates, supply chain challenges, cessation of government aid programs, and actual or perceived risk of economic recession;- cost of using Instacart, including customer fees, compared to in-store shopping or other alternatives;- the actual or perceived value or quality of our membership offering and membership benefits;- the actual or perceived value or quality of service, or the quality, pricing, and availability of products provided by retailers;- the breadth and variety of retailers that are available to customers on Instacart, including retailers with whom we have a limited or informal arrangement for availability on Instacart;- future public health outbreaks, or a future outbreak of disease or similar public health concern, as well as a return to pre-COVID shopping behavior;- negative publicity related to our brand, including as a result of safety incidents and other events;- actual or perceived public policy positions;- failure to maintain good relationships with shoppers resulting in fewer shoppers available for customers, particularly during peak demand; or - dissatisfaction with the user experience on our platform, new and current offerings, or changes we make to our offerings. Although we believe that many customers originate from word-of-mouth customer acquisition and other non-paid referrals, we expect to continue to expend resources for customer acquisition and engagement, including through offering discounts and running promotions, all of which could impact our overall profitability. We have experienced and may continue to experience decreases in new customer acquisition rates and customer cohort retention, particularly among our customer cohorts acquired during the COVID-19 pandemic and variant outbreaks, which have negatively impacted and may continue to negatively impact GTV and orders. These decreases are due to a variety of factors, including, to a large extent, the subsiding impact of the COVID-19 pandemic and variant outbreaks on demand for online grocery as well as macroeconomic uncertainty, actual or perceived risks of economic recession, cessation of government aid, and inflation. Other factors may include the increasing initial size of our customer cohorts as our business scales and the increasing demographic diversity of our customer base. As a result, we have increased and may continue to increase our customer acquisition spend, including incentives, paid marketing, and brand marketing campaigns to acquire new customers and increase the engagement of our existing customers, which may harm our margin and profitability and our efforts to drive efficiencies in our operating expenses. If we are not successful in, or reduce our marketing investments, we may not be able to retain our existing customers or convert first-time customers, including those using consumer incentives such as discount promotions, into customers who regularly use and engage with our offerings. We may also fail to achieve or maintain sufficient customer engagement with our platform due to inflationary or recessionary economic pressures that result in decreases in consumer discretionary income, including any reductions in government aid, as well as other shifts in consumer shopping behaviors. It is increasingly important to our business and our ability to grow for consumers to perceive long-term value from Instacart versus in-store shopping or less costly alternatives, particularly for lower income consumers. Further, we may not be able to accurately assess the effectiveness of our marketing campaigns and strategies in acquiring new customers or increasing existing customer engagement for several periods. The effectiveness of our marketing campaigns and strategies may also be obfuscated due to temporary or periodic external factors, such as future public health outbreaks, macroeconomic factors, and changes in the regulatory landscape. Failure to effectively design and conduct such campaigns and strategies may negatively impact our ability to acquire new customers and increase engagement with existing customers, which would harm our revenue growth and business. Consumers also have different grocery needs and preferences depending on demographics, and these priorities may shift as they age. We face heavy competition for consumers in certain demographics, including those in younger age groups who prioritize use cases, features, and fulfillment options that are different from customers in older age groups, such as convenience and specific product categories, as well as those in different income groups who may prioritize value over convenience or selection. If we do not successfully address the current and future needs of consumers in different demographics, primarily certain age and income groups, including through brand marketing campaigns and introduction and promotion of relevant use cases, features, fulfillment options, and other functionalities, we may be unable to attract new customers or increase engagement with existing customers. In addition, we may also experience increased customer churn, including to competitors, which would harm our business. Many customers initially access Instacart to take advantage of certain promotions, such as discounts and other reduced fees. We strive to demonstrate the value of our offerings to such customers, thereby encouraging them to access Instacart regularly or subscribe to Instacart+, through prompts, notifications, and reduced fees or time-limited trials of Instacart+ and other offerings. However, these customers or other customers we acquire inorganically may be lower intent users of Instacart with reduced engagement compared to customers that we acquire organically, may never convert to paying Instacart+ members, or may discontinue using Instacart after they take advantage of our promotions. Further, our initiatives to retain customers, such as encouraging them to subscribe to Instacart+ or providing additional use cases and fulfillment options, may result in negative impacts to other metrics. For example, an increase in Instacart+ orders, changes in product categories shopped, reduced spend on more premium or discretionary products, or a shift toward convenience or priority, may result in a decrease in average order value. Such shifts may also negatively impact certain retailers' and brands' actual or perceived benefit from engaging with Instacart. We may also fail to retain customers or experience reduced demand for our services due to negative impacts to our reputation and brand, including due to complaints and negative publicity about us, our offerings, or our competitors, even if factually incorrect or based on isolated incidents. For example, if we are unable to increase shopper availability during demand surges, including due to inclement weather or future public health outbreaks, customers may experience delays in receiving orders or incorrect order fulfillment, which may harm our brand and reputation. In addition, inventory shortages at our retail partners' stores, which are not within our control, may also negatively impact consumers' perception of our offerings. In particular, disruptions in the global supply chain, including those resulting from labor shortages or disputes, closures of manufacturing facilities, transportation restrictions and limitations, war and international conflicts, and increased demand for certain consumer products, have limited, and may continue to limit, the ability of our retail partners to obtain products, maintain stock of such products in a timely and cost-efficient manner, and otherwise respond to consumer demands. Although we do not carry product inventory, and as a result, we are not directly impacted by supply chain disruptions, product shortages have in the past resulted in, and may in the future result in, higher rates of out of stock items and delivery delays by shoppers, which have in the past resulted in, and may in the future result in, more customer cancellations and redeliveries and overall customer dissatisfaction. We regularly provide customers with appeasement credits and refunds as well as incentives for future orders, which measures are intended to counteract any reputational harm and maintain customer satisfaction but are accounted for as direct reductions to our transaction revenue. These negative impacts to our revenue have harmed, and may continue to harm, our margin and results of operations, and the related customer dissatisfaction negatively impacts customer retention and engagement as well as our ability to continue growing our orders, GTV, and Instacart+ adoption. These negative impacts particularly harm our ability to engage with and retain customers in demographic groups that are historically less prevalent on Instacart, such as lower income customers, who may attribute less value to Instacart compared to alternatives due to these negative impacts. Efforts to reduce the overall costs associated with these appeasement credits and refunds, including by reducing appeasement credits and refunds generally, may also create reputational harm and impact our ability to attract or retain customers. Failure to retain existing customers or acquire new customers may also harm our relationships and commercial arrangements with retailers and brands as well as our ability to attract new retailer and brand partners. Past and future increases in the fees that we charge our customers may also reduce overall engagement by our customers or negatively impact new customer acquisition. If we are not able to continue to expand our customer base or fail to retain or drive greater engagement of customers or increase demand for our full-price or paid services, such as Instacart+, while balancing the interests of other constituents on Instacart, our revenue may grow slower than expected or decline, and our margin may be negatively impacted.

In order to attract and expand our relationships with consumers, brands, and shoppers, we must attract new retailers and maintain our relationships with existing retailers. Consumers have strong preferences for their favorite retailers due to the trust these brands have created over generations, and our ability to increase consumer and brand adoption of Instacart depends on our ability to maintain our retail partners and maintain or increase their adoption of our offerings. Our ability to attract and retain retailers depends on our ability to generate revenue for them. Retailers will not continue to do business with us if they do not believe that partnering with Instacart will generate a competitive return relative to other alternatives, including from our competitors. Retailers have in the past chosen, and could continue to choose, to partner with other online grocery platforms (exclusively or otherwise) or develop or acquire their own online grocery platforms, in either case in a specific geographic market or overall. Retailers may also choose to develop, acquire, or partner with other companies (exclusively or otherwise) for access to products and offerings for specific use cases, fulfillment options, features, or technologies, such as brand advertising and retail media platforms, prepared meals, shopping cart or checkout technologies, and others. Our future growth depends in part on our ability to not only engage new retailers but also to retain and expand existing retailer engagement with Instacart. However, retailers may decrease their engagement with Instacart based on factors that may not be within our control or whose impacts are difficult to predict. In particular, macroeconomic effects such as supply shortages and inflation have resulted in fluctuations in consumer shopping behaviors and preferences. For example, decreases in consumer discretionary income due to inflationary or recessionary economic pressures, as well as the cessation of government aid available during the COVID-19 pandemic, have impacted and may continue to impact average order values, have resulted in and may continue to result in decreased customer retention and engagement, and have reduced and may continue to reduce demand for premium or discretionary grocery purchases, which in each case may provide for less favorable economics for certain of our retail partners, including if we decide to increase customer fees as a result. An increase in retailer operating costs, or other deterioration in the financial condition of retailers, whether due to macroeconomic conditions (such as inflation) or otherwise, could cause retailers to raise prices, renegotiate contract terms, or cease operations, which we expect may influence our retailer fee terms. Further, as we expand our own offerings, changes in the mix of customer engagement with our existing and new use cases, fulfillment options, features, and technologies, as well as any changes in online shopping behaviors, may also result in a decrease in engagement for certain retailers, due to less favorable economics or changes in retailers' strategic focus. We may not be able to accurately predict the extent of the impact of the factors above on our business and growth initiatives and resulting new trends in retailer strategies and preferences, including due to our limited experience in operating our business at its current scale, scope, and complexity and limited historical data regarding impacts of these factors, which may harm our revenue growth, margin, and results of operations. We enter into services agreements with our retail partners that provide for service fees in exchange for providing access to our technology solutions. We recognize revenue as a percentage of the total purchase value from the sale of goods, a per transaction fee, the difference in price between amounts charged to customers for goods and the actual settlement price to the retailer for the goods, a license fee for the use of our technology platform, or a combination thereof. Payment by retailers is generally due immediately to 45 days upon receipt of invoice. Retailers have in the past decided and may in the future decide to not renew their agreements while others have in the past modified and may in the future modify their agreement terms in a cost-prohibitive or strategically detrimental manner when their agreements are up for renewal due to factors such as macroeconomic uncertainty, the impact of future public health outbreaks, dissatisfaction with existing or proposed terms in their service agreements, changes in consumer shopping behavior and preferences on Instacart and among our use cases, fulfillment options, and competitive offerings. For example, we have modified, and may need to modify in the future, retailer fee arrangements to attract and retain retailers, modify payment processing arrangements, or make other changes that reduce our transaction revenue, in each case due to competition, retailer business downturns, and other factors. Some retailers have in the past shifted and may in the future shift away from exclusive arrangements with us for various reasons, including to partner with other or additional online grocery platforms, and additional retailers may decide to shift away from such arrangements in the future. Our inability to maintain our relationships with retailers on terms consistent with or better than those already in place and that are otherwise favorable to us could increase competitive pressure, impact grocery product and/or offering pricing, and otherwise adversely affect our business, financial condition, and results of operations. Retailer consolidation may also result in a decrease in or cessation of engagement with Instacart, or result in Instacart receiving less favorable contract terms with the consolidated entity. Retailers could also experience downturns or fail, including due to macroeconomic pressures, fail to adopt additional offerings or fulfillment methods or fail to launch or utilize our offerings in the manner and timing that we expect, or cease using Instacart altogether for many reasons. The grocery industry has traditionally been slow to adopt new technologies, fulfillment options, and online enablement in general, including due to lack of confidence in the online grocery industry, preference for in-store shopping due to resulting organic shopping behaviors, or general resistance to adopting Instacart, and is typically characterized by comparatively lower margin and high cash needs. As a result, we have at times experienced, and may continue to experience, slower adoption and implementation of our offerings by our retail partners as well as retailer turnover. If we lack a sufficient variety and supply of retailers, or lack access to the most popular retailers, such that Instacart becomes less appealing to consumers and brands, our business may be harmed. We currently generate significant GTV and revenue from a small number of retailers. Our top three retailers accounted for approximately 43% of our GTV for the years ended December 31, 2021, 2022, and 2023. While GTV and revenue from our largest retail partners may decrease as a percent of our total GTV and revenue over time as we generate more GTV and revenue from other retailers, we believe that GTV and revenue from our largest retailers will continue to account for a significant portion of our GTV and revenue for the foreseeable future. If any of these retailers were to suspend, limit, or cease their operations or otherwise terminate their relationships with us, the attractiveness of Instacart to consumers and brands could be materially and adversely affected.

As part of our normal business activities, we collect, use, store, share, transmit, and otherwise process sensitive, proprietary, and confidential information, including personal information of retailers, customers, brands, shoppers, employees, and others. These activities are regulated by a variety of federal, state, local, and foreign privacy, data security, and data protection laws, regulations, and industry standards, which have become increasingly stringent in recent years. In addition, existing laws and regulations are complex and constantly evolving, and new laws and regulations that apply to our business are being introduced at every level of government in the United States, as well as internationally which could further restrict certain uses of the personal information of retailers, customers, brands, shoppers, employees, and others. As we seek to expand our business, we are, and may increasingly become, subject to various laws, regulations, and standards, and may be subject to contractual obligations, industry standards, codes of conduct, and regulatory guidance relating to privacy, data security, and data protection in the jurisdictions in which we operate. Our efforts to comply with such obligations may not be successful. In the United States, there are numerous federal and state privacy and data security laws, rules, and regulations governing the collection, use, storage, sharing, transmission, and other processing of personal information, including federal and state privacy laws, data security laws, data breach notification laws, consumer protection laws, and other similar laws (e.g., wiretapping laws). For example, the FTC, and many state attorneys general are interpreting federal and state consumer protection laws to impose standards for the online collection, use, dissemination, and security of personal information. Such standards require us to publish statements that describe how we handle personal information, and the choices individuals may have about the way we handle their personal information. If such statements that we publish are considered deficient, lacking in transparency, deceptive, unfair, misrepresentative, untrue, or inaccurate, we may be subject to government claims of unfair or deceptive trade practices, which could lead to significant liabilities and consequences. Moreover, according to the FTC, violating consumers' privacy rights or failing to take appropriate steps to keep consumers' personal information secure may constitute unfair acts or practices in or affecting commerce in violation of Section 5(a) of the Federal Trade Commission Act. State consumer protection laws provide similar causes of action for unfair or deceptive practices. Furthermore, some states have passed specific laws mandating reasonable security measures for the handling of consumer personal information. Additionally, under various privacy laws and other obligations, we may be required to obtain certain consents to process personal data. Our inability or failure to do so could result in adverse consequences. Further, privacy advocates and industry groups have regularly proposed and sometimes approved, and may propose and approve in the future, self-regulatory standards with which we must legally comply or that contractually apply to us. In addition, many state legislatures have adopted legislation that regulates how businesses operate online, including measures relating to privacy, data security, and data breaches. For example, the CCPA gives California residents expanded rights related to their personal information, including the right to access and delete their personal information, and receive detailed information about how their personal information is used and shared. The CCPA also creates restrictions on "sales" of personal information and the use of personal information for cross-context behavioral advertising that allow California residents to opt-out of certain sharing of their personal information and may restrict the use of cookies and similar technologies for advertising purposes. Our marketing programs and our Instacart Ads offerings rely on these technologies and could be adversely affected by the CCPA's restrictions. The CCPA prohibits discrimination against individuals who exercise their privacy rights, provides for civil penalties for violations, and creates a private right of action for certain data breaches. Additionally, the California Privacy Rights Act ("CPRA"), expands the CCPA's requirements, including by adding a new right for individuals to correct their personal information and establishing a new regulatory agency to implement and enforce the law. The CPRA also restricts the use of certain categories of sensitive personal information that we handle; further restricts the use of cross-context behavioral advertising techniques on which our marketing programs and Instacart Ads offerings rely; establishes restrictions on the retention of personal information; and expands the types of data breaches subject to the private right of action. Certain states have also recently passed comprehensive privacy laws that took effect or will take effect in the near future. These new general privacy laws create restrictions on our business that are similar to the CPRA, including restrictions on "sales" of personal information and cross-context behavioral advertising. These privacy-related laws and regulations are evolving and subject to interpretation, and the resulting limitations on our advertising services has in the past adversely affected and may in the future adversely affect our marketing initiatives and Instacart Ads offerings. Similar laws are being considered in other states and at the federal level, reflecting a trend toward more stringent privacy legislation in the United States, and we expect additional investment in compliance to be required. The enactment of such laws could have potentially conflicting requirements that would make compliance challenging and expose us to additional liability. We are also subject to certain health information privacy and security laws. A number of state legislatures have adopted legislation that regulates how businesses may use consumers' health data. For example, the Washington My Health My Data Act creates restrictions on the use of consumer health data for purposes such as marketing and advertising. As a result, our marketing initiatives, Instacart Ads and Instacart Health offerings could be further limited and we have incurred and expect to continue incurring additional compliance expenses. We are also subject to additional health information privacy and security laws as a result of the limited amount of health information that we receive in connection with the prescription delivery services that we provide on behalf of pharmacy retailers. These laws and regulations include HIPAA, which establishes privacy, security, and breach notification standards for protected health information processed by health plans, healthcare clearinghouses, and certain healthcare providers, collectively referred to as covered entities, and the business associates with whom such covered entities contract for services, as well as their covered subcontractors. We are regulated as a "business associate" of certain covered entity pharmacy retailers and must comply with HIPAA as applicable to business associates. We maintain a HIPAA compliance program, but it is not always possible to identify and deter misuse by our employees and other third parties, and the precautions we take to detect and prevent noncompliance may not be effective in preventing all misuse, breaches, or violations. Violations of HIPAA may result in significant administrative, civil, and criminal penalties. State attorneys general also have the right to prosecute HIPAA violations committed against residents of their states. While HIPAA does not create a private right of action that would allow individuals to sue in civil court for a HIPAA violation, its standards have been used as the basis for the duty of care in state civil suits, such as those for negligence or recklessness in misusing personal information. Many states in which we operate and in which our customers reside also have laws that protect the privacy and security of health information, many of which differ from each other in significant ways and often are not preempted by HIPAA, thus complicating compliance efforts. Failure to comply with such state laws may also subject us to significant penalties. As we expand our Instacart Health offering, we anticipate that the risk associated with HIPAA compliance will increase and that we may be required to make significant investments in order to build compliant product offerings in the health space. Some U.S. states and the FTC have also adopted privacy laws or issued guidance limiting the collection and use of certain health information that may extend to our customers' interactions with certain over-the-counter health products. In addition, some laws may require us to notify governmental authorities and/or affected individuals of data breaches involving certain personal information or other unauthorized or inadvertent access to or disclosure of such information. We have had to in the past, and may in the future need to, notify governmental authorities and affected individuals with respect to such incidents. For example, laws in all 50 U.S. states may require businesses to provide notice to consumers if a data breach results in unauthorized access to their personal information. These laws are not consistent with each other, and compliance in the event of a widespread data breach may be difficult and costly. We also may be contractually required to notify consumers or other counterparties of a security incident, including a reasonably suspected or actual security incident or breach. Regardless of our contractual protections, any actual or perceived security incident or breach, or breach of our contractual obligations, could harm our reputation and brand, expose us to potential liability or require us to expend significant resources on data security and in responding to any such actual or perceived breach. Federal, state, and local privacy and consumer protection laws also govern specific technologies that we employ. For example, the Telephone Consumer Protection Act ("TCPA"), imposes significant restrictions on sending text messages or making telephone calls to mobile telephone numbers without the prior consent of the person being contacted. We also use identity verification technologies that may subject us to state and local biometric privacy laws. For example, the Illinois Biometric Information Privacy Act ("BIPA"), regulates the collection, use, safeguarding, and storage of biometric information. The TCPA and BIPA provide for substantial penalties and statutory damages and have generated significant class action activity. The cost of litigating and settling claims that we have violated the TCPA, BIPA, or similar laws could be significant. Foreign privacy laws are also undergoing a period of rapid change, have become more stringent in recent years, and may increase the costs and complexity of offering our offerings in new geographies. In Canada, where we operate, the Personal Information Protection and Electronic Documents Act ("PIPEDA"), and various provincial laws require that companies give detailed privacy notices to consumers, obtain consent to use personal information, with limited exceptions, allow individuals to access and correct their personal information, and report certain data breaches. In addition, Canada's Anti-Spam Legislation ("CASL"), prohibits email marketing without the recipient's consent, with limited exceptions. Failure to comply with PIPEDA, CASL, or provincial privacy or data protection laws could result in significant fines and penalties or possible damage awards. The Canadian province of Quebec also passed a comprehensive privacy law that grants individuals extensive rights with respect to their personal information, including the right to consent to certain marketing and advertising practices. In addition, certain of our subsidiaries have immaterial operations in China, Australia, and Mexico and are subject to, respectively, China's Personal Information Protection Law, Australia's Privacy Act 1988 and Spam Act 2003, and Mexico's Federal Law for the Protection of Personal Data Held by Private Parties. These laws impose a number of requirements on our processing of personal information and direct marketing activities that may increase our compliance costs and risk of facing regulatory enforcement action. Certain of our subsidiaries are subject to the United Kingdom General Data Protection Regulation ("UK GDPR") and to the European Union's General Data Protection Regulation ("GDPR"). Future expansion of our business, operations, or service offerings to the European Economic Area ("EEA"), will increase our exposure to data protection laws in the region, including the GDPR. The GDPR and UK GDPR impose strict requirements for processing personal data of individuals, give individuals extensive rights with respect to their personal data, and carry penalties for violations of up to the greater of EUR 20 million or 4% of total global annual turnover in the European Union, and up to the greater of GBP 17.5 million or 4% total global annual turnover in the United Kingdom. Companies that violate the GDPR or UK GDPR may also face prohibitions on data processing and other corrective action, as well as private litigation brought by classes of data subjects or consumer protection organizations authorized at law to represent their interests. Europe, the United Kingdom, and other jurisdictions have enacted laws requiring data to be localized or limiting the transfer of personal data to other countries. In particular, the EEA and the United Kingdom have significantly restricted the transfer of personal data to the United States and other countries whose privacy laws they believe are inadequate. Other jurisdictions may adopt similarly stringent interpretations of their data localization and cross-border data transfer laws. Although there are currently various mechanisms that may be used to transfer personal data from the EEA and United Kingdom to the United States in compliance with law, such as the EEA's and UK's standard contractual clauses, certain of these mechanisms are subject to legal challenges, and there is no assurance that we can satisfy or rely on these measures to lawfully transfer personal data to the United States. If there is no lawful manner for us to transfer personal data from the EEA, the United Kingdom, or other jurisdictions to the United States, or if the requirements for a legally-compliant transfer are too onerous, we could face significant adverse consequences, including the interruption or degradation of our operations, the need to relocate part of or all of our business or data processing activities to other jurisdictions at significant expense, increased exposure to regulatory actions, substantial fines and penalties, injunctions against our processing or transferring personal data necessary to operate our business, the inability to transfer data and work with partners, vendors and other third parties, and our ability to expand our business to the EEA, United Kingdom, or other countries with similar cross-border data transfer restrictions may be limited. Additionally, companies that transfer personal data out of the EEA and United Kingdom to other jurisdictions, particularly to the United States, are subject to increased scrutiny from regulators, individual litigants, and activist groups. Some European regulators have ordered certain companies to suspend or permanently cease certain transfers out of Europe for allegedly violating the GDPR's cross-border data transfer limitations. We also publish privacy policies and other statements regarding data privacy and security. If these policies or statements are found to be deficient, lacking in transparency, deceptive, unfair, or misrepresentative of our practices, we may be subject to investigation, enforcement actions by regulators, or other adverse consequences. Other data protection laws in the EEA and the United Kingdom, such as those implementing the ePrivacy Directive, restrict the use of cookies and similar technologies on which our website, mobile app, and Instacart Ads offerings rely, including to facilitate online behavioral advertising. Regulators are increasingly focused on compliance with requirements in the online behavioral advertising ecosystem, and current national laws implementing the ePrivacy Directive are likely to be replaced in the European Union by a regulation known as the ePrivacy Regulation, which will significantly increase fines for non-compliance to GDPR-level fines. Other countries outside of Europe increasingly emulate European data protection laws. As a result, operating our business or offering our services in Europe or other countries with similar data protection laws would subject us to substantial compliance costs and potential liability and may require changes to the ways we collect and use personal information. Governments and regulators in certain jurisdictions, including Europe, are increasingly seeking to regulate the use, transfer, and other processing of non-personal information (for example, under the European Union's Data Act), an area which has typically been the subject of very limited or no specific regulation. This means that, if and to the extent such regulations are relevant to our operations or those of our customers, certain of the risks and considerations outlined above may apply equally to our processing of both personal and non-personal data. In addition, major technology platforms on which we rely, privacy advocates, and industry groups have regularly proposed, and may propose in the future, platform requirements or self-regulatory standards by which we are legally or contractually bound. If we fail to comply with these contractual obligations or standards, we may lose access to technology platforms on which we rely and face substantial regulatory enforcement, liability, and fines. For example, Apple requires mobile applications using its operating system, iOS, to affirmatively (on an opt-in basis) obtain an end user's permission to "track them across apps or websites owned by other companies" or access their device's advertising identifier for advertising and advertising measurement purposes. Other technology platforms are considering similar restrictions. Such restrictions could limit the efficacy of our marketing activities and our Instacart Ads offerings. In addition to existing privacy-related laws, platform requirements, and binding self-regulatory standards, certain legislative proposals and draft regulations seek to further regulate targeted advertising activities, and regulators are increasingly scrutinizing the use of online tracking tools and compliance with requirements related to the online behavioral advertising ecosystem. As a result, we may be required to develop alternative solutions to support our marketing initiatives and/or change the way we deliver our Instacart Ads offerings. In addition, consumer resistance to the collection and sharing of the data used to deliver targeted advertising, increased visibility of consent or "do not track" mechanisms (such as browser signals from the Global Privacy Control) as a result of regulatory or legal developments, the adoption by consumers of browser settings or "ad-blocking" software, and the development and deployment of new technologies could materially impact our ability to collect and use data or reduce our ability to deliver relevant promotions or media, which could materially impair the results of our operations. Further, our business relies significantly on our ability to accept credit or debit card payments, including payments made using our co-branded credit card. Such payments are subject to the Payment Card Industry ("PCI"), Data Security Standard, which is a multifaceted security standard that is designed to protect credit card account data as mandated by payment card industry entities. We rely on vendors to handle PCI matters and to ensure PCI compliance. Despite our compliance efforts, we may become subject to claims that we have violated the PCI Data Security Standard, based on past, present, and future business practices. In addition, payment card networks may adopt changes to the PCI Data Security Standard, or change their interpretations of such rules in a way that we or our processors might find it difficult or even impossible to follow, or costly to implement. If we violate the PCI Data Security Standard or other applicable rules, we may incur fines or restrictions on our ability to accept payment cards or suffer reputational harm, all of which could have an adverse impact on our business. Despite our efforts, we may not be successful in achieving compliance with the rapidly evolving privacy, data security, and data protection requirements discussed above. Any actual or perceived non-compliance, by us or the third parties upon whom we rely, could result in litigation and proceedings against us by governmental entities, customers, or others, expenditure of time and resources to defend any claim or inquiry, fines and civil or criminal penalties, limited ability or inability to operate our business, offer services, or market our offerings in certain jurisdictions, negative publicity and harm to our brand and reputation, reduced overall demand for our offerings, or substantial changes to our business model or operations. Such occurrences could adversely affect our business, financial condition, and results of operations. Our insurance program for corporate risks, including general liability, workers' compensation, property, cyber liability, and director and officers' liability, may not cover all potential claims to which we are exposed and may not be adequate to indemnify us for the full extent of our potential liabilities.

Instacart and our offerings are subject to U.S. export controls, including the Export Administration Regulations, and we incorporate encryption technology into certain of our offerings. These encryption products and the underlying technology may be exported outside of the United States only with the required export authorizations, including by license, a license exception, or other appropriate government authorizations, including the filing of an encryption classification request or self-classification report. In addition, we have immaterial operations in China relating to the design, engineering, and supply of Caper Carts to certain of our retail partners' stores, whose operations are subject to import and export controls. Any adverse changes in trade relations with China, such as tariff increases and import and export licensing and control requirements, could interfere with the shipment of Caper Carts to our retail partners, which could have a negative impact on future development and adoption of Caper Carts and related prospects. Furthermore, our activities are subject to U.S. economic sanctions laws and regulations administered by the Office of Foreign Assets Control of the U.S. Treasury Department which generally prohibit any transactions or dealings, including the provision of products and services, involving embargoed jurisdictions or sanctioned parties. Obtaining the necessary export license or other authorization for a particular transaction may be time-consuming and may result in the delay or loss of sales opportunities. Violations of U.S. sanctions or export control regulations can result in significant fines or penalties and possible incarceration for responsible employees and managers.

We have in the past been, are currently, and may in the future become, involved in claims, lawsuits, arbitration proceedings, administrative actions, government investigations, and other legal and regulatory proceedings. We are subject to investigations and legal proceedings relating to various matters including whether we fulfilled our contractual obligations to or improperly withheld pay or tips from shoppers, whether we adequately protected the public's or shoppers' health and safety, whether we properly provide protected leave, whether we properly paid sales tax, whether we properly implemented our service fees, whether we improperly conduct background checks of shoppers, and whether we are responsible for injury resulting from alleged shopper actions or negligence. We are also subject to investigations and legal proceedings involving bodily injury and property damage, labor and employment, anti-discrimination claims, commercial and contract disputes, unfair competition, consumer protection regulations, including fees and pricing and related disclosures and automatic renewal laws, intellectual property, transactions involving our securities, privacy, data security, and data protection, environmental laws and regulations, health and safety, weights and measures, compliance with regulatory requirements, and other matters. For example, we are currently subject to a securities class action lawsuit in federal court alleging federal securities law violations in connection with our IPO. See the section titled "Legal Proceedings" for more information. The results of any such litigation, investigations, and legal proceedings are inherently unpredictable and expensive. The frequency of such claims could increase in proportion to the number of retailers, customers, brands, and shoppers that use Instacart. Any claims against us, whether meritorious or not, could be costly and harmful to our reputation, and could require significant amounts of management time and corporate resources. If any of these legal proceedings were to be determined adversely to us, or we enter into a settlement arrangement, which we have done in the past, we could be exposed to monetary damages or be forced to change the way in which we operate our business or remove valuable features or content from our platform, which could have an adverse effect on our business, financial condition, and results of operations. Moreover, we cannot be certain that our insurance coverage will be adequate for any claims or liabilities against us, that insurance will continue to be available to us on commercially reasonable terms or at all, or that any insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have an adverse effect on our reputation, brand, business, financial condition, and results of operations. We also face potential liability and expense for claims relating to the information that we publish on our mobile apps or website, including claims for trademark and copyright infringement, false advertising, consumer protection, defamation, libel, and negligence, among others. In addition, we regularly include arbitration provisions in our terms of service with customers and shoppers. These provisions are intended to streamline the litigation process for all parties involved, as arbitration can in some cases be faster and less costly than litigating disputes in state or federal court. However, arbitration may become more costly for us, or the volume of arbitrations may increase and become burdensome. Further, the use of arbitration provisions may subject us to certain risks to our reputation and brand, as these provisions have been the subject of increasing public scrutiny. To minimize these risks, we may voluntarily limit our use of arbitration provisions, or we may be required to do so, in any legal or regulatory proceeding, either of which could increase our litigation costs and exposure in respect of such proceedings. Further, with the potential for conflicting rules, new or upcoming rules or changes in the interpretation of such rules regarding the scope and enforceability of arbitration on a state-by-state basis, conflicting rules between state and federal law, some or all of our arbitration provisions could be subject to challenge or may need to be to exempt certain categories of protection. For example, some plaintiffs' attorneys have argued that certain shoppers are workers "in interstate commerce" and are thus exempt from the Federal Arbitration Act, and it remains possible that a court could find our agreements unenforceable against those shoppers. If our arbitration agreements were found to be unenforceable, in whole or in part, or specific claims were required to be exempted from arbitration, we could experience an increase in our litigation costs and the time involved in resolving such disputes, and we could face increased exposure to potentially costly lawsuits, each of which could adversely affect our business, financial condition, and results of operations.

We depend in part on mobile operating systems, such as Android and iOS, and their respective app marketplaces to make Instacart available to retailers, customers, brands, and shoppers. Any changes in such systems and app marketplaces that degrade the functionality of our apps or give preferential treatment to our competitors' apps could adversely affect Instacart's usage on mobile devices. If such mobile operating systems or app marketplaces limit or prohibit us from making our apps available to retailers, customers, brands, or shoppers, make changes that degrade the functionality of our apps, change the way we collect or use data, increase the cost of using our apps, impose terms of use unsatisfactory to us, alter how we collect fees, increase our compliance costs, impair or inhibit our ability to enter into partnerships or effectively market partnerships, or modify their search or ratings algorithms in ways that are detrimental to us, or if our competitors' placement in such mobile operating systems' app marketplace is more prominent than the placement of our apps, our growth could slow. Our apps have experienced fluctuations in placement in the past, and we anticipate similar fluctuations in the future. Additionally, we are subject to requirements imposed by app marketplaces such as those operated by Apple and Google, who may change their technical requirements or policies in a manner that adversely impacts the way in which we collect, use and share data from users. For example, Apple requires mobile applications using its iOS mobile operating system to obtain a user's permission to track them or access their device's advertising identifier for certain purposes. The long-term impact of these and any other changes remains uncertain. If we do not comply with applicable requirements imposed by app marketplaces, we could lose access to the app marketplaces and users, and our business would be harmed. Any of the foregoing risks could adversely affect our business, financial condition, and results of operations. As new mobile devices and mobile platforms are released, there is no guarantee that certain mobile devices will continue to support our apps or that we can effectively roll out updates to our app. Additionally, in order to deliver high-quality apps, we need to ensure that Instacart is designed to work effectively with a range of mobile technologies, systems, networks, and standards. If retailers, customers, brands, or shoppers that utilize Instacart encounter any difficulty accessing or using our apps on their mobile devices or if we are unable to adapt to changes in popular mobile operating systems, we expect that our growth and engagement would be adversely affected.

Our business depends on customers and shoppers accessing Instacart via a mobile device or, with respect to customers, a personal computer, and the internet. We may operate in jurisdictions that provide limited internet connectivity, particularly if we expand internationally. Internet access and access to a mobile device or personal computer are frequently provided by companies with significant market power that could take actions that degrade, disrupt, or increase the cost of consumers' ability to access Instacart. In addition, the internet infrastructure that we and users of our offerings rely on in any particular geographic area may be unable to support the demands placed upon it and could interfere with the speed, quality, and availability of Instacart. Any such failure in internet or mobile device or computer accessibility, even for a short period of time, could adversely affect our results of operations. Governmental agencies in any of the countries in which we or our customers are located could block access to or require a license for Instacart, our mobile apps, website, or the internet generally for a number of reasons, including security, confidentiality, or regulatory concerns. In addition, companies may adopt policies that prohibit their employees from using Instacart. If companies or governmental entities block, limit, or otherwise restrict customers or shoppers from accessing Instacart, our business could be negatively impacted, the number of customers and shoppers using Instacart could decline or grow more slowly, and our results of operations could be adversely affected.

Our offerings incorporate certain third-party software obtained pursuant to licenses or service agreements from other companies, including but not limited to, software and services related to our background checks, data visualization, mapping, and database tools. Such third parties may discontinue their products or services, cease to provide their products or service to us, go out of business, or otherwise cease to provide support for such products or services in the future. Although we believe that there are commercially reasonable alternatives to the third-party software or services we currently license or receive, this may not always be the case, or it may be difficult or costly to replace existing third-party software or find a replacement third-party service. Our use of additional or alternative third-party software or services would require us to engage with third parties, and we may not be able to enter into agreements with such third parties on advantageous terms. In addition, integration of the software used in our offerings with new third-party software may require significant work and substantial investment of our time and resources. To the extent that our offerings depend upon the successful operation of third-party software, any undetected errors or defects in, or disruptions to the functionality of, such third-party software could prevent the deployment or impair the functionality of our offerings, delay new offering introductions, result in a failure of our offerings, and injure our reputation, which in each case could harm our financial condition and results of operations.

The convenient payment mechanisms provided by Instacart are key factors contributing to the development of our business. We rely on third parties, including Fiserv, Klarna, Marqeta, PayPal, InComm, and Stripe, for elements of our payment processing infrastructure to accept payments from customers and remit payments to retailers and shoppers, including certain Instacart-branded programs. These third parties may refuse to renew our agreements with them on commercially reasonable terms or at all. If these companies become unwilling or unable to provide these services to us on acceptable terms or at all, our business may be disrupted. For certain payment methods, including credit and debit cards, Android Pay™, and Apple Pay, we generally pay interchange fees and other processing and gateway fees, and such fees result in significant costs. In addition, online payment providers are under continued pressure to pay increased fees to banks to process funds, and there is no assurance that such online payment providers will not pass any increased costs on to us. If these fees increase over time, our operating costs will increase, which could adversely affect our business, financial condition, and results of operations. In addition, system failures have at times prevented us from making payments to shoppers in accordance with our typical timelines and processes, which caused substantial shopper dissatisfaction and generated a significant number of shopper complaints. Future failures of the payment processing infrastructure underlying Instacart could cause shoppers to lose trust in our payment operations and could cause them to instead use our competitors' platforms. If the quality or convenience of our payment processing infrastructure declines as a result of these limitations or for any other reason, the attractiveness of our business to retailers, consumers, and shoppers could be adversely affected. If we are forced to migrate to other third-party payment service providers for any reason, the transition would require significant time and management resources, and may not be as effective, efficient, or well-received by retailers, consumers, or shoppers.