Ad Law Insights - Legal and Regulatory Updates
Latest FTC and state attorneys general compliance, investigation and enforcement developments of concern to advertisers and marketers
On August 14, 2023, the Federal Trade Commission announced that it will require Experian Consumer Services, which offers consumers access to their Experian credit information, to pay $650,000 to settle charges it sent consumers unsolicited email without offering them a way to opt out of such messages, as required under the CAN-SPAM Act.
In a complaint filed by the Department of Justice on behalf of the FTC, the agency says that California-based Experian Consumer Services (ECS), also known as ConsumerInfo.com, Inc., spammed consumers with marketing offers after they signed up for an account with the company in order to manage their Experian credit report information.
In the emails, the FTC alleges that the company failed to provide clear and conspicuous notice of consumers’ ability to opt out of receiving additional marketing messages and a mechanism for doing so, in violation of the CAN-SPAM Act, according to the complaint.
“Signing up for a membership doesn’t mean you’re signing up for unwanted email, especially when all you’re trying to do is freeze your credit to protect your identity,” said FTC lawyer Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “You always have the right to unsubscribe from marketing messages, and the FTC takes enforcing that right seriously.”
Consumers who wish to freeze or take other steps to manage their Experian credit information online must create an account with ECS. The complaint charges that consumers who signed up for a free membership account with ECS were then sent emails promoting Experian’s products and services such as one touting Experian Boost,
FTC advertising compliance and defense attorney Richard B. Newman was recently quoted in an article for Cybersecurity Law Report titled “Xbox and Alexa COPPA Case Lessons: Avatars, Biometrics and Other New Expectations.”
The article discusses the FTC’s recent privacy enforcement run and how it reinforces regulators’ expanding expectations for companies using video and audio recordings, smart devices and AI. The article further discusses recent agency settlements with Microsoft, Amazon and educational technology provider Edmodo that drew $51 million in penalties, broke new ground on the Children’s Online Privacy Protection Act Rule enforcement and signaled new expectations for all companies’ privacy compliance.
In discussing how COPPA is a tool for financial penalties and how these cases highlight the value of COPPA enforcement to the FTC versus its Section 5 authority under the FTC Act, Mr. Newman noted that “[i]n Amazon, obviously, the $25‑million settlement amount leaps out” for Alexa’s improper retention of voice recordings in violation of COPPA.
Mr. Newman further shared that “not just the FTC, but state attorneys general are becoming increasingly interested in expanding regulation of the use and sharing of consumer data, including geolocation data.”
While the FTC contests the issue at the federal level, data brokers and those that interact with them should expect that the plaintiffs’ class action bar and state AGs may lodge claims under state “little FTC acts” that echo the FTC’s July 2022 statement about geolocation data or the biometric one,
Florida has become the latest state – approximately ten – to enact a comprehensive privacy law. On June 6, 2023, Governor DeSantis recently signed SB 262 which includes some new privacy provisions. Florida also recently passed a child privacy law that is notably similar to California’s Age Appropriation Act that becomes effective July 1, 2024.
The Florida Digital Bill of Rights Law
Covered entities (“controllers”) include those that earn $1 billion in global gross annual revenues and either (i) receive 50% of gross annual revenue from online ad sales; (ii) operate a consumer smart speaker and voice command service with an integrated virtual assistant through a cloud-connected service and hands-free verbal activation; or (iii) operate an app store or digital distribution platform that has at least 250,000 apps available for download.
Note, however, that non-covered entities that serve as data processors for covered entities may potentially be impacted. More specifically, such processors are required to support a covered entities’ compliance efforts and to maintain responsible contracts that include provisions governing data processing. In fact, the new law sets forth specific requirements that must be included in such data processing agreements.
Not unlike other states, the Florida Digital Bill of Rights Law has numerous exemptions and applies to consumer information. Exemptions include entities covered by HIPAA (and business associates), financial institutions and affiliates (subject to GLBA), non-profits, certain government entities, and higher education institutions. There are also specific data exemptions.
The United States District Court for the Middle District of Florida, Ocala Division, issued an order permanently banning the defendant from offering for sale or selling any protective goods or services, after granting the FTC’s motion for summary judgment.
The order also includes two monetary judgments against the individual, who has allegedly done business under different corporate names. The first judgment is for $989,483.69, to be returned to consumers allegedly harmed by his violations of the FTC Act and the Commission’s Mail Order Rule. The court also entered a second civil penalty judgment of $2,562.21 for his alleged violations of the FTC Act with regards to the COVID-19 Consumer Protection Act.
In a complaint filed in June 2021, the FTC alleged that he preyed upon consumers’ fear of COVID-19 by advertising the availability and quick delivery of PPE, including N95 facemasks, even though he had no basis to make those promises.
The complaint stated that he failed to deliver PPE on time (if at all), failed to notify consumers of delayed shipments, failed to offer the cancellations and refunds required by the Commission’s Mail Order Rule, and failed to honor refund requests.
When the individual eventually did deliver the products, he often sent supplies that were inferior in quality to what consumers ordered, according to the complaint. Based on this conduct, the complaint alleged that his deceptive and unfair conduct violated the Mail Order Rule, the FTC Act, and the FTC Act with regards to the COVID-19 Consumer Protection Act.
The Federal Trade Commission has finalized its order against a motocross and ATV parts maker, and its officer, for allegedly falsely claiming that the company’s products were manufactured in the U.S.
The FTC’s order, first announced in April, 2023 would stop both from making deceptive claims about products being “Made in USA” and require them to pay a monetary judgment.
The FTC’s order against both the parts maker and its officer includes a number of requirements about the claims the defendants make:
- Restriction on unqualified claims: The company will be prohibited from making unqualified U.S.-origin claims for any product, unless it can show that the product’s final assembly or processing—and all significant processing—takes place in the U.S., and that all or virtually all ingredients or components of the product are made and sourced in the U.S..
- Requirement for qualified claims: The company is required to include in any qualified Made in USA claims a clear and conspicuous disclosure about the extent to which the product contains foreign parts, ingredients or components, or processing.
- Requirement for assembly claims: The company must also ensure, when claiming a product is assembled in the U.S., that it is last substantially transformed in the U.S., its principal assembly takes place in the U.S., and U.S. assembly operations are substantial.
The order includes a monetary judgment of $872,577,
About This Blog and Hinch Newman’s Advertising + Marketing Practice
Hinch Newman LLP’s advertising and marketing practice includes successfully resolving some of the highest-profile Federal Trade Commission (FTC) and state attorneys general digital advertising and telemarketing investigations and enforcement actions. The firm possesses superior knowledge and deep legal experience in the areas of advertising, marketing, lead generation, promotions, e-commerce, privacy and intellectual property law. Through these advertising and marketing law updates, Hinch Newman provides commentary, news and analysis on issues and trends concerning developments of interest to digital marketers, including FTC and state attorneys general advertising compliance, civil investigative demands (CIDs), and administrative/judicial process. This blog is sponsored by Hinch Newman LLP.