In This Issue
FCC Issues New Regs on Robocalls
In an attempt to harmonize the requirements of the Federal Communications Commission with those of the Federal Trade Commission, the FCC recently issued a report and order addressing prerecorded telephone messages made by automated dialers, most commonly referred to as “robocalls.”
Under the new rules, telemarketers must obtain prior, written, express consent before placing a robocall to a consumer. Electronic means of consent – such as through a Web site form, text message, telephone keypress, or voice recording – are permitted provided that the mechanism complies with applicable state and federal law regarding electronic signatures. However, and most importantly, the FCC eliminated the exemption for an “established business relationship,” which permitted companies to place robocalls to consumers with whom they had previously done business.
Each robocall must also include an automated, interactive opt-out mechanism enabling consumers to immediately choose not to receive future calls, the FCC said. If a consumer selects the opt-out, his or her phone number must be added to the company’s do-not-call list and the call must be immediately disconnected.
Finally, the FCC established a new requirement limiting the number of abandoned or “dead air” calls telemarketers are allowed to make during the course of a calling campaign. Previously, no more than three percent of all calls answered by a consumer over a 30-day period were allowed to be abandoned calls. The FCC tightened this constraint by measuring the three percent cap over the entire time frame of a campaign, not in 30-day intervals.
The report and order do not affect informational robocalls, such as automated calls about airline flights, school notifications, or bank accounts, prerecorded messages by or on behalf of tax-exempt nonprofit organizations, or calls for political purposes.
In a statement, FCC Chairman Julius Genachowski said that the regulations are “minimally burdensome to businesses, including small businesses. Because our rules largely mirror those the FTC applies to telemarketers in its jurisdiction, we have consistent rules applying to all telemarketers, and we avoid confusion for those telemarketers subject to both the [FCC’s] and the FTC’s rules.”
There are some differences between the agencies’ rules, however. While the FTC’s restrictions on robocalls apply just to prerecorded telemarketing calls, the FCC rules apply to prerecorded calls as well as autodialed telemarketing calls. And because the FCC has broader jurisdiction over telemarketing than the FTC, entities will be covered by the rules that were not covered by the FTC’s regs, such as banks and federal credit unions.
Why it matters: For the most part, the changes will have minimal impact on most marketers as the FCC’s new rules simply bring the agency’s regulations in line with the FTC’s existing regulations. Other than the expanded coverage for a few types of entities – such as banks – the only notable change is the possibility of a private right of action. Under the FTC’s Telemarketing Sales Rule, only the agency can enforce the regulations. But because the Telephone Consumer Protection Act is enforced by the FCC and permits consumer actions, marketers should be aware that suits may be possible under the new rules.
back to top
Lack of Magnetic Attraction Leads to False Ad Suit
A lack of magnetic attraction has led a California consumer to file suit against Dial Corp. over claims for the company’s “Magnetic Attraction Enhancing Body Wash” for men.
The back label of the product reads: “1. Squeeze Magnetic body wash onto a washcloth, sponge, poof, hands – whatever. 2. Lather up. 3. Rinse off. 4. Stand back and watch the magic happen.” When no magic happened, Frank Ortega filed a putative nationwide class action based on violations of California’s consumer protection laws.
“On defendants’ promotional web site about the products, defendants state: ‘We’re not saying that our new pheromone-enhanced body wash will cause you to be attacked by hordes of sex-crazed females, but if that is your endgame, you should consider it a piece of the equation not to be ignored,’ ” according to the complaint, which calls the claim bogus.
Other claims such as “You don’t need the help, but it doesn’t hurt to increase your odds” and “Pheromone-Infused, Attraction Enhancing Body Wash” are also false, the plaintiff contends.
Although Dial Corp. claims that the pheromone androstadienone is in the product, the suit argues that the pheromone is a normally occurring part of human body sweat.
Using an animated singing molecule, Dial’s Web site represents that “after a woman senses a man’s pheromones with her vomeronasal organ, she responds by releasing catecholamine, which triggers dopamine release, making her more sexually receptive to men,” the complaint states. But these representations are false and misleading because human beings do not possess a functioning vomeronasal organ, the plaintiff contends.
Further, the few studies about androstadienone that found an effect on female attraction were small and poorly designed, leaving Dial without adequate support for its claims, the suit says.
The plaintiff seeks corrective advertising, costs, and damages.
To read the complaint in Ortega v. The Dial Corp., click here.
Why it matters: Dial Corp. has not yet responded to the allegations in the suit, but the company is no stranger to false advertising litigation. Last year, it faced class action suits over claims made for its Dial Complete product, where plaintiffs alleged that even the name of the product was false and misleading. Despite touting that its antibacterial hand wash had the ability to “kill 99.9 percent of germs,” complaints filed in Florida, New York, and Ohio claimed that the company lacks support for these claims.
back to top
SEC Cautions Advisers About Risks of Social Media
In a recent risk alert, the Securities and Exchange Commission informed investment advisers about the importance of establishing social media guidelines and enforcing their compliance.
The SEC used a recent enforcement action as an example, where an investment adviser was charged with offering fictitious securities via social media sites such as LinkedIn. In that action, an Illinois-based adviser made false representations about his assets, failed to meet recordkeeping requirements, and did not implement compliance policies and procedures, the SEC alleged, all the while offering more than $500 billion in fictitious securities using social media.
“Fraudsters are quick to adapt to new technologies to exploit them for unlawful purposes,” Robert B. Kaplan, co-chief of the SEC enforcement division’s Asset Management Unit, said in a statement announcing the charges. “Social media is no exception, and today’s enforcement action reflects our determination to pursue fraudulent activity on new and evolving platforms.”
The same day, the agency released its risk report, which informs the financial services industry that “firms using social media should adopt, and periodically review the effectiveness of, policies and procedures regarding social media in the face of rapidly changing technology.”
Firms should consider factors like content standards and guidelines for usage, such as providing an exclusive list of approved social media networking sites for advisers’ use or delineating specific functionalities on a site that should not be used.
Monitoring and the frequency of monitoring should also be considered by firms, including the possibility of preapproving content, the agency suggested. The training of advisers on social media policies may be a good option for firms, in which employees will receive certification of such training.
For firms that allow third parties to post content on their social media sites, policies and procedures should be considered to avoid violation of federal securities laws. For example, if a client is invited to “like” the biography of an adviser on Facebook, that choice could be deemed a testimonial as an explicit or implicit statement of the client’s experience with the adviser – something that is prohibited.
The risk alert also notes that recordkeeping obligations for advisers are applicable to all forms of media, including Internet communications. Therefore, social media communications should be retained in a manner that is easily accessible for a period of not less than five years, in accordance with federal securities laws.
To read the SEC’s risk alert, click here.
Why it matters: While the risk alert is specific to investment advisers, its advice is universal for any company using social media platforms. It also serves as a reminder that regulatory agencies are monitoring – and taking action against – those companies that fail to comply with relevant laws as applied in the online world.
back to top
Google’s Privacy Changes Result in FTC Suit
When Google announced changes to its privacy policy set to take effect today, it triggered a controversy that has yet to abate.
The battle has now moved to the courtroom along with a new target: the FTC. The Electronic Privacy Information Center (EPIC) filed suit against the agency, seeking a judicial order to have it enforce the terms of a recent consent order with Google.
Last year, Google settled charges with the FTC that it used deceptive tactics and violated its own privacy policy when it launched Buzz, its social networking feature. As a result, the agency required the company to implement a comprehensive privacy program and to obtain consent from users prior to sharing their information with third parties.
But Google’s January 2012 announcement that it now plans to combine user information across all of its products – such as Android, Gmail, and YouTube – violates the terms of the consent order, EPIC argues.
The group filed suit against the FTC, seeking a temporary restraining order and preliminary injunction requiring the agency to enforce the consent order against Google. The proposed changes are a “clear violation” of the company’s prior commitments to the FTC, and the agency’s failure to take action has placed “the privacy interests of literally hundreds of millions of Internet users at grave risk,” EPIC contends.
Specifically, EPIC alleges that Google has violated the consent order by misrepresenting the extent to which it maintains and protects the privacy and confidentiality of users’ personal information and by failing to obtain affirmative consent from users prior to sharing their information with third parties.
According to EPIC, when the company notified users about the pending changes, for example, it emphasized only the increased functionality for users and failed to disclose that the consolidation of user data is intended to benefit advertisers by improved targeting of users. Further, the consolidation of user data is a change from stated sharing practices in effect at the time Google collected information such as a user’s search history, which violates the terms of the consent order.
In a court filing opposing EPIC’s motion, the FTC called the suit “completely baseless,” arguing that enforcement decisions are not subject to review.
Emphasizing the agency’s enforcement actions in the areas of consumer privacy, the FTC said that to deploy “its resources effectively requires thoughtful and deliberate action on the part of the Commission and its staff, in order to carefully ascertain whether a violation has occurred, to consider the full range of remedies that would be available if a violation is found, and to set priorities among the myriad threats to privacy that consumers face. Granting the preliminary injunctive relief that EPIC has requested – forcing the Commission to bring a particular enforcement action within an arbitrary time limit – would be wholly inimical to the ‘public interest in the effective enforcement’ of the laws that Congress has passed to protect the public and entrusted the FTC to enforce.”
To read EPIC’s complaint against the FTC, click here.
To read EPIC’s motion for a temporary restraining order, click here.
To read the FTC’s motion to dismiss the complaint, click here.
Why it matters: Despite the FTC’s vigorous defense in the EPIC suit, Google’s privacy-related woes are not going away anytime soon. The company has already faced a legislative hearing, which was followed up by a letter from Reps. Mary Bono Mack (R-Calif.) and G.K. Butterfield (D-N.C.), seeking more answers about the proposed changes. And European Union authorities are conducting their own investigations, with France’s data protection agency formally requesting that the company postpone the changes. A spokesman for Google told Bloomberg that the company does not plan to delay the changes.
back to top
FTC Takes on Makers of Kids’ Mobile Apps
The FTC released a self-described “warning call to industry” report, cautioning app developers, in-app advertisers, and app stores that they need to do more to provide parents with easily accessible, basic information about the mobile apps used by their children.
The staff report, “Mobile Apps for Kids: Current Privacy Disclosures Are Disappointing,” found that “neither the app stores nor the app developers provide the information parents need to determine what data is being collected from their children, how it is being shared, or who will have access to it.”
The agency surveyed 200 children’s mobile apps each from the Apple App Store and the Android Market, evaluating the types of apps offered to children, the disclosures provided, and the interactive features of the apps, as well as the ratings and parental controls.
The report bemoaned the lack of information available to parents and called on the industry to provide greater transparency about data practices.
“In most instances, staff was unable to determine from the information on the app store page or the developer’s landing page whether an app collected any data, let alone the type of data collected, the purpose for such collection, and who . . . obtained access to such data,” according to the report.
Of the 400 total apps examined by the FTC, just 2 contained a link to a developer’s landing page that disclosed information about data collection and sharing.
To help guide the industry, the report made multiple recommendations:
- Stores, developers, and third parties that participate in the “kids app ecosystem” should play an active role in providing information to parents. “Parents need easy access to basic information so they can make informed decisions about the apps they allow their children to use.”
- Information about data practices should be provided by app developers in simple and short disclosures or by the use of icons. Parents should be able to determine what information the app collects and how the information will be used; whether the app connects with social media and if it contains advertisements. If third parties also collect data from the app, their privacy practices should be disclosed as well.
- As “gatekeepers of the app marketplace,” app stores should take responsibility to ensure that parents have basic information. Similar to the data provided for the category and cost of the app, stores should create a format for developers to provide information about data collection and sharing practices.
The FTC cautioned that future enforcement actions are possible as the agency plans to conduct another review of mobile apps over the next six months, looking for possible violations of the Children’s Online Privacy Protection Act.
To read the FTC’s report, click here.
Why it matters: In a statement about the report, FTC Chairman Jon Leibowitz said that protecting children’s privacy is “one of [the agency’s] highest priorities.” Given the currently pending updates to COPPA as well as recent enforcement actions relating to children’s privacy – including a settlement with a social networking site calling itself “Facebook for kids” and last year’s settlement with the maker of a children’s mobile app that illegally collected children’s information – advertisers and marketers should ensure that they are in compliance with COPPA or they could face an enforcement action.
back to top