Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events

Filter

Subscribe to our InfoBytes Blog weekly newsletter for news affecting the financial services industry.

  • FTC Releases Updates to COPPA Compliance Plan

    Agency Rule-Making & Guidance

    On June 21, the FTC released updated guidance designed to assist businesses when complying with the Children’s Online Privacy Protection Rule (COPPA), which regulates what websites and online services are required to do to ensure the protection of children’s privacy and safety online. Specifically, the updates address the following issues: (i) the method by which companies monitor the collection of personal data as technology evolves in order to stay compliant; (ii) they ways COPPA impacts the “Internet of Things” as new “connected devices” continue to expand beyond websites and mobile apps; and (iii) new methods such as “ knowledge-based authentication questions and using facial recognition to get a match with a verified photo ID” to obtain parental consent. Additionally, the FTC revised its Six-Step Compliance Plan for Your Business to help companies determine whether they are covered by COPPA and how to comply with the rule.

    Agency Rule-Making & Guidance FTC Privacy Cyber Risk & Data Security Compliance Internet of Things

    Share page with AddThis
  • FTC Announces Settlement with Operators of Tech Support Scam

    Privacy, Cyber Risk & Data Security

    On June 7, the FTC announced two settlements in a pending action brought against defendants who allegedly used pop-up internet ads to deceive consumers into believing their computers were infected and then sold unnecessary technical support services to fix the issues. Under the terms of the settlements (available here and here), the defendants (i) will relinquish assets combined at nearly $6 million to provide restitution to victims, and (ii) are banned from marketing, promoting, or misrepresenting technical support products or services in the future. The settlement is part of the FTC’s ongoing efforts to pursue tech support scams through its Operation Tech Trap initiative. (See previous InfoBytes coverage here.)

    Privacy/Cyber Risk & Data Security FTC Enforcement Settlement Securities Litigation

    Share page with AddThis
  • FTC to Host Third PrivacyCon Event, Issues Call for Presentations

    Privacy, Cyber Risk & Data Security

    On June 8, the FTC announced it will hold its third PrivacyCon, which will “expand collaboration among leading privacy and security researchers, academics, industry representatives, consumer advocates, and the government” to explore “the privacy and security implications of emerging technologies, such as the Internet of Things, artificial intelligence and virtual reality.” Specific topics will cover ways to quantify the harm when companies fail to secure consumer information, and how to “balance the costs and benefits of privacy-protective technologies and practices.” Additionally, the FTC issued a call for presentations to receive research and input on a several areas such as (i) the “nature and evolution of privacy and security risks”; (ii) “quantifying costs and benefits of privacy from a consumer perspective” and business perspective; and (iii) “incentives, market failures, and interventions.” Presentation submissions must be made by November 17, 2017. The event will take place on February 28, 2018 in Washington, DC.

    Privacy/Cyber Risk & Data Security FTC Fintech

    Share page with AddThis
  • FTC Obtains Multiple Judgments Against California and Florida-Based Robocall Operations

    Consumer Finance

    The FTC recently entered judgments against robocalling operations based in California and Florida who engaged in activities that violated, among other things, the Telemarketing Sales Rule (TSR) and the Telemarketing Consumer Fraud and Abuse Prevention Act.

    California Default Judgments. On June 2, the FTC announced a California federal district court judge approved default judgments against an individual and each of the nine corporations for which he was an “actual or de facto owner, officer or manager” (Defendants). According to the FTC’s complaint, over a period spanning approximately seven years, the Defendants allegedly initiated—or helped to initiate—“billions” of illegal robocalls without receiving written permission from consumers. Many of the calls made were to numbers on the Do Not Call (DNC) Registry to “induce the purchase of goods or services” such as auto warranties, home security systems, or search engine optimization services. Violations of the TSR cited include knowingly assisting and facilitating telemarketers engaged in abusive practices. According to the terms of the default judgments, the individual has been assessed a $2.7 million penalty, and the Defendants are permanently banned from all telemarketing activities.

    Florida Consent Order. On June 5, the FTC and the Florida Attorney General entered eight stipulated orders against Orlando-based individuals and companies—18 Defendants in total—who violated the TSR, Telemarketing and Consumer Fraud and Abuse Prevention Act, and Florida’s Telemarketing and Consumer Fraud and Abuse Act for, among others things, using robocalls to sell credit card interest rate reduction programs, in addition to calling numbers on the DNC Registry. According to the joint complaint, the Defendants allegedly engaged in the following violations: (i) offered debt relief programs but failed to provide promised services; (ii) misrepresented their affiliations with consumers’ banks or credit card companies; (iii) unfairly authorized charges without obtaining consent; (iv) received fees prior to providing debt relief services; (v) failed to transmit telemarketer information; (vi) used prerecorded messages to “induce the purchase of goods or services”; and (vii) failed to make oral disclosures. The stipulated orders settle charges against all Defendants and require that they stop the “allegedly illegal conduct.” Some of the Defendants have also been issued financial penalties. Furthermore, the FTC entered a $4.8 million judgment against 12 Defendants identified as the primarily parties for the scam. This amount represents the full amount of consumer harm caused. All stipulated orders can be accessed through the FTC press release.

    Consumer Finance FTC Privacy/Cyber Risk & Data Security State AG UDAAP Enforcement Telemarketing Sales Rule Fraud

    Share page with AddThis
  • Do Not Call Violations Net $280 Million Fine for FTC, States

    Courts

    On June 5, the U.S. District Court for the Central District of Illinois ruled in favor of the Federal Trade Commission (FTC) and the states of California, Illinois, North Carolina, and Ohio resolving Do Not Call litigation against Dish Network (Dish). The court found Dish liable for making millions of calls resulting in violations of the Telemarketing Sales Rule (TSR) and the Telephone Consumer Protection Act, among other things. The $280 million in civil penalties, with a record $168 million going to the FTC, is the largest civil penalty ever awarded for violation of the FTC Act.

    Additionally, the court issued a permanent injunction order against Dish. Among the requirements in the order, Dish will show within 90 days of the order effective date that they are “fully complying with the safe harbor provisions” and “have made no prerecorded telemarketing calls at any time during the five (5) years immediately preceding the effective date”. Dish must also hire an expert to ensure compliance with the injunction and telemarketing laws, provide semi-annual compliance materials, and ensure their compliance with the TSR.

    Courts FTC Mortgages UDAAP DOJ Telemarketing Sales Rule Litigation

    Share page with AddThis
  • FTC Submits Annual Report on 2016 Enforcement Actions to CFPB

    Consumer Finance

    On June 1, the FTC announced that it submitted its 2016 Annual Financial Acts Enforcement Report to the CFPB. The report—requested by the Bureau for its use in preparing its 2016 Annual Report to Congress—covers the FTC’s enforcement activities related to compliance with Regulation Z (Truth in Lending Act or TILA), Regulation M (Consumer Leasing Act), and Regulation E (Electronic Funds Transfer Act or EFTA), as well as its initiatives to engage in research and consumer education.

    According to the report, the FTC’s enforcement actions in 2016 concerning TILA involved automobile purchasing and financing, payday loans, and financing of consumer electronics. Regarding mortgage-related credit activity, the report highlights continued litigation in two cases involving mortgage assistance relief services involving “forensic audit scams.” Furthermore, the FTC continued its consumer and business education efforts on issues related to consumer credit transactions in the following areas: military lending, auto sales and financing, payday lending, marketplace lending, and consumer disclosures and testing.

    Regarding the Consumer Leasing Act, the report noted the FTC had issued a final administrative consent order for deceptive advertising practices and failure to disclose key lease offer terms. The FTC also filed two federal court actions against automobile dealers. The FTC also engaged in research and policy development and educational activities in this area.

    Concerning the EFTA, the FTC reported six new or ongoing cases, including four cases alleging violations in the context of “negative option” plans, in which a consumer agrees to “receive various goods or services from a company for a trial period at no charge or at a reduced price” but later incurs unauthorized recurring charges after the end of the trial period, in violation of the EFTA. The remaining two cases involved payday lending and consumer electronics financing. The FTC also engaged in rulemaking, research, policy development, and educational activities involving the EFTA.

    Consumer Finance CFPB FTC Enforcement Litigation Marketplace Lending TILA Consumer Leasing Act EFTA Mortgages

    Share page with AddThis
  • Florida Judge Issues Temporary Injunction to Halt Debt Relief Operation

    Consumer Finance

    On May 25, at the request of the FTC and the State of Florida, a Southern District of Florida court issued a preliminary injunction order temporarily halting a debt relief operation that bilked millions of dollars from financially strapped consumers. According to the complaint filed by the FTC and the State of Florida, the Defendants—who operated the debt relief operation—allegedly violated the FTC Act, the FTC’s Telemarketing Sales Rule (TSR), and the Florida Deceptive and Unfair Trade Practices Act by claiming they would enroll consumers in loan forgiveness or payment reduction programs to pay, settle, or obtain dismissals of their debts and improve their credit. (See FTC v. Marcus, No. 0:17-cv-60907-CMA (S.D. Fla. May 8, 2017).) Consumers were often promised attractive interest rates and significantly lower monthly payments. However, consumers, after paying hundreds or thousands of dollars a month for promised debt-consolidation services, discovered their debts were unpaid, their accounts had defaulted, and their credit scores damaged. Several were sued by their creditors, and some were forced into bankruptcy. The FTC and the State of Florida further allege that the Defendants “falsely claimed non-profit status to appear more credible and legitimate.” The complaint further alleges that Defendants called consumers already enrolled with debt-relief providers to inform them that they were taking over the servicing of those accounts and would provide the same or similar debt relief services. Contrary to the Defendants’ promises, consumers ended up in worse financial positions.

    In its preliminary injunction order, the court determined that there was good cause to believe that “immediate and irreparable harm” would result unless an injunction was issued. The order prohibits the defendants, in connection with the advertising, marketing, promotion or sale of any good or service, including any debt-relief product or service or credit product or service, from making misrepresentations about debt-relief programs or services and violating any provision of the TSR. The court also ordered a freeze of the Defendants’ assets, imposed financial reporting requirements, and appointed a temporary receiver. In a press release issued by the FTC, the Agency claims it seeks to “permanently stop the alleged illegal practices and obtain refunds for affected consumers.”

    Consumer Finance Debt Relief Enforcement FTC

    Share page with AddThis
  • Acting FTC Chairman Ohlhausen Welcomes New FCC Approach to Internet Openness

    Privacy, Cyber Risk & Data Security

    On May 18, Acting FTC Chairman Maureen Ohlhausen issued a statement on the FCC’s publication of a Notice of Proposed Rulemaking (NPRM) to “reinstate a light-touch regulatory approach protecting Internet openness.” The Notice proposes the following actions: (i) returning to the framework under Title I of the Communications Act instead of following Title II regulatory guidance; (ii) classifying mobile broadband Internet access service as “private mobile service”; and (iii) eliminating Title II’s “vague and expansive” Internet conduct standard, thus eliminating regulatory uncertainty. “I welcome the adoption of this NPRM as further progress toward restoring the FTC’s ability to protect broadband subscribers from unfair and deceptive practices, including violations of their privacy. Those consumer protections were an unfortunate casualty of the FCC’s 2015 decision to subject broadband to utility-style regulation. This new proceeding offers an opportunity to undo that decision and thereby return broadband consumers to the expert protection of the FTC,” stated Chairman Ohlhausen.

    Privacy/Cyber Risk & Data Security FTC FCC

    Share page with AddThis
  • Ninth Circuit Grants Petition to Hear FTC v. AT&T Appeal En Banc

    Courts

    On May 9, the Court of Appeals for the Ninth Circuit granted a petition for rehearing en banc filed by the FTC in a case involving whether the Commission may regulate an internet service provider’s slowing down of data after a customer has used a specified amount of data under an “unlimited” plan.

    The FTC’s 2014 complaint alleged that AT&T’s practice of “data throttling,” and its subsequent failure to adequately inform its customers of this practice, violated Section 45(a) of the FTC Act. A federal district court dismissed the complaint, rejecting AT&T’s argument that it was exempt from FTC Section 45(a) enforcement because it is a common carrier. Section 45(a) allows the Commission to “prevent persons, partnerships or corporations, except . . . common carriers . . . from using . . . unfair or deceptive acts or practices” (emphasis added). The court held, however, that the common carrier exception applies only when the entity has the status of a common carrier and is engaging in common carrier activity. The district court order also held that “[w]hen this suit was filed, AT&T’s mobile data service was not regulated as common carrier activity by the [FCC],” and that “[o]nce the Reclassification Order of the [FCC] (which now treats mobile data [service] as common carrier activity) goes into effect, that will not deprive the FTC of any jurisdiction over past alleged misconduct as asserted in this pending action.”

    In 2016, a three-judge Ninth Circuit panel reversed, holding that AT&T is exempt from Section 45(a) as a common carrier. See Fed. Trade Comm'n  v. AT&T Mobility LLC, 835 F.3d 993 (9th Cir. 2016). The en banc court’s order vacates that ruling pending review by the full Ninth Circuit. Per the Ninth Circuit’s May 10 order, en banc oral argument will occur the week of September 18, 2017. The exact date and time will be announced in a separate order. Notably, given the recent uncertainty over which regulatory agency will oversee common carriers—the FTC or the FCC—the timing of this ruling is important.

    Courts FTC Appellate

    Share page with AddThis
  • FTC, Federal, State, and International Partners Announce Crackdown on Tech Support Scams

    Privacy, Cyber Risk & Data Security

    On May 12, the FTC, along with federal, state and international law enforcement partners, announced new enforcement actions in its “Operation Tech Trap” program. The program is designed to crack down on tech support scams that, among other things, deceive consumers into believing their computers are infected with viruses and malware and then charge them for unnecessary repairs. According to FTC, its Operation Tech Trap partners have brought 29 law enforcement actions against deceptive tech support operations in the last year. Among the four new complaints announced on May 12, the FTC has already been granted temporary restraining orders in three of the cases to stop the tech support companies’ deceptive practices, freeze their assets, and appoint a temporary receiver to take control of them.

    The FTC also announced a settlement in a pending action brought by the FTC and the Attorneys General of Connecticut and Pennsylvania against two defendants who allegedly participated in deceptive acts and practices in connection with the advertising, marketing, and sale of computer security or technical support products and services. Under the terms of the settlement, the defendants are subject to a money judgment in excess of $27 million. The stipulated final order has been entered by the U.S. District Court for the Eastern District of Pennsylvania. In addition to the FTC and state cases, DOJ brought federal criminal charges against seven individuals, two of whom have entered guilty pleas, for their participation in an international “Tech Support Scam.” Moreover, with respect to its international efforts, Operation Tech Trap is working with authorities in India to crack down on tech support scammers, and have also instituted consumer and business education outreach initiatives with Australia and Canada.

    Privacy/Cyber Risk & Data Security FTC Enforcement State AG DOJ

    Share page with AddThis

Pages