Ifrah Law Partner Michelle Cohen: Don’t Consider Yourself Immune to Data Breaches

BY: Michelle Cohen

Michelle Cohen recently joined Ifrah Law as a partner. Here is an edited transcript of a recent interview with Ms. Cohen.

Question: What are some of your legal experiences and strengths that you’d like to highlight?

Answer: I have many years of experience representing clients engaged in various industry sectors before state attorney generals, the FTC and the FCC, particularly in investigations and enforcement matters. I have a deep knowledge of marketing law and have counseled and defended clients in dozens of matters involving the Telephone Consumer Protection Act, the federal Can Spam Act, and state and federal telemarketing laws and regulations. I also sat for and passed the Certified Information Privacy Professional examination administered by the International Association of Privacy Professionals. This demonstrates my broad capabilities in the field of privacy law.

Some recent matters of note include managing a data loss incident for a client that entailed notifications to several state attorney generals’ offices, assisting the client with remediation and public relations management, and reviewing existing data retention policies, as well as a follow-up investigation at the state level. The client was able to move forward without any enforcement activity.

On the Telephone Consumer Protection Act side, I have supervised teams of attorneys in defending class and individual actions and resolved FCC enforcement matters (including without any penalties).

My training as both a litigator and a regulatory/corporate advisor allows me to offer a wide range of services to clients. I take great pride in knowing that my regulatory advice to clients in how to craft their business practices and establish meaningful policies has resulted in these clients avoiding enforcement actions and litigation.

Question: There has been a lot of publicity these days about data breaches that have caused serious harm to a number of retailers, credit card companies, banks, and others. Do you think there has been a real uptick in the number of such breaches, and if so, why has it occurred?

Answer: I think the increased publicity stems more from the growing awareness on the part of companies and the press that there are various types of data breaches and data losses that are covered by federal and state laws and that need to be reported and remediated. Some years back, if a laptop containing sensitive information was stolen from an employee’s car, the company might disable the account and report the theft, but the event did not necessarily trigger potentially thousands of notices to those affected, state attorney generals and consumer protection offices, publicity (via news reports and blogs that cover daily breaches) and possible lawsuits and enforcement activity. Today, that one event can result in all of those actions occurring.

Question: What is your advice to companies that may someday face a data breach?

Answer: A couple of months ago, I wrote an article regarding data breaches. The central point was that no organization should consider itself immune. Rather, a data breach (in the form of a bad actor) or a data loss (for instance, by negligent but unintentional employee action) WILL occur, no matter how many precautions a company takes. The key is to have policies in place regarding data security, to train employees in an effort to prevent negligent actions, and to be prepared for actions that will need to be taken when an event occurs. Organizations should have a team in place (human resources, legal, public relations, etc.) for dealing with these types of problems. Data loss events require swift, but considered action. In particular, some of the state breach laws have deadlines, and companies have found themselves under investigation (or involved in litigation) when their responses to a breach have been too slow or failed to meet the requirements of the law. These legal ramifications, combined with the negative publicity that WILL follow, can often be much worse than the actual data loss event.

Question: Are some companies failing to put the best safety provisions in place?

Answer: Most large companies have incorporated data safety policies; however, many medium size and smaller businesses have not done so. In addition, I think that many companies, both large and small, do not realize the scope and applicability of many of the laws. For example, consider a large company based in Texas, with most of its employees in that state. Its managers may not realize that if the company has three employees in Massachusetts, they are covered by Massachusetts’ data protection law. This statute has very specific requirements, including a requirement for a Massachusetts-specific information security plan. Let’s say the Texas company has a data loss and has to notify the Massachusetts employees and the Massachusetts Attorney General’s office along with all of its other employees. The company may get a follow-up inquiry from the Massachusetts AG asking for a copy of that company’s Massachusetts-compliant written information security policy. If the company does not have one, because it never realized it fell within that state’s law, it may find itself in some hot water there.

Accordingly, all organizations need to be proactive in their data security planning and must provide continuing updates to their policies, training, and understanding of what federal, state, and international laws may apply to their operations.

Ifrah Law is a leading white-collar criminal defense firm that focuses on data privacy.

CFPB’s First Case: Consent Order Against Capital One for Deceptive Marketing

BY: Michelle Cohen

The barely year-old Consumer Financial Protection Bureau came out of the gate this week with its first enforcement action. Capital One has the dubious honor of being CFPB’s premier target under the bureau’s authority to take action against entities that it believes engage in unfair, deceptive, or abusive practices in the offering of consumer financial products and services. Congress created the CFPB as part of the Dodd-Frank Wall Street Reform and Consumer Protection Act. That law broadly empowers the CFPB to supervise and enforce the nation’s consumer financial laws.

The CFPB claimed that Capital One’s telemarketing vendors used certain deceptive marketing practices to pressure or mislead consumers into paying for “add-on” products such as payment protection and credit monitoring. The practices of particular concern to the CFPB included:

• Misleading consumers about the benefits of the products – for instance that the product would improve credit scores when that was inaccurate
• Deceiving consumers about the nature of the products – CFPB claims some consumers were told the products could be cancelled, while canceling was difficult to accomplish
• Taking orders from ineligible consumers and then denying claims later based upon eligibility
• Leading consumers to believe the products were free when they were not
• Enrolling consumers without the consumer’s express consent

Capital One agreed to a consent order, in which the bank neither admits nor denies the allegations. The consent order provides for refunds to two million consumers of at least $140 million and a $25 million penalty. The consent decree also places additional restrictions and oversight on Capital One, including a requirement that it stop the marketing of these products until it has presented an acceptable compliance plan to ensure these acts do not recur. Capital One must also submit to an independent audit to determine if it has met the conditions of the consent decree, and it must ensure the refunds are automatic so that consumers do not have to take any action to obtain their refunds.

In addition to the consent order and the associated press release, the CFPB also issued a compliance bulletin stressing that institutions will be held liable for actions by third-party vendors operating on their behalf. The agency stressed certain proactive actions that companies should take to ensure that marketing materials and customer service interactions do not violate the law. Among these practices are the review of scripts, ads, radio and TV commercials to make sure they reflect the actual terms of the products and are not deceptive or misleading. The CFPB also cautioned that employee incentive and compensation programs tied to add-on products should require that employees adhere to guidelines and not create incentives for employees to provide inaccurate information.

Those familiar with FTC enforcement will note many similarities, as the CFPB has stated it will follow FTC precedent on “unfair” and “deceptive” practices. The CFPB has also made clear that service providers and others who “knowingly or recklessly provide substantial assistance to a covered person or service provider” may face the CFPB’s wrath.

While this is the first CFPB action, others are sure to follow as the CFPB is engaged in ongoing examinations and has issued subpoenas. The CFPB is also working closely with state attorneys general and the FTC, sharing information on potential violations and coordinating enforcement actions. We expect to see several additional CFPB actions as the new agency flexes its enforcement muscles, particularly in the mortgage, credit card, educational and “pay day” loan arenas.

Ifrah Law is a leading white-collar criminal defense firm that focuses on financial services.

In Time for Bikini Season, Kardashians Face Lawsuit Over Endorsement of Diet Aids

BY: Nicole Kardell

Kim Kardashian, the reality star, is accustomed to the public eye, but now she faces a lawsuit that may not bring her good publicity at all. Along with her sisters Khloe and Kourtney, Kim has been named as a defendant earlier this year in a class action over QuickTrim, a dietary supplement that they have been promoting.

The complaint, filed in the U.S. District Court for the Southern District of New York, accuses the Kardashians (along with QuickTrim’s manufacturer, Windmill Health Products; the retailer GNC; and others in the sales and marketing chain) of false and deceptive marketing of the diet aid. The plaintiffs, hailing from several states, brought claims under their respective states’ consumer protection laws alleging false and deceptive advertising, as well as other claims under federal and state common law. The corporate defendants are represented by John Robert Vales of Riker Danzig Scherer Hyland Perretti of Morristown, N.J.

The basis for the suit appears to be the Food and Drug Administration’s findings on the use of caffeine in dietary supplements. According to the lawsuit, the FDA has determined that caffeine is not a safe or effective treatment for weight control. Since QuickTrim’s main ingredient, according to the plaintiffs’ complaint, is caffeine, QuickTrim is not a safe or effective treatment — and thus, QuickTrim consumers were sold an unsafe, ineffective treatment.

Where Kim & Ko fit in is that they are the product’s face, with their images plastered across QuickTrim’s labeling, packaging, and advertising. They have also actively promoted the QuickTrim product line on their Twitter and Facebook accounts and personal web pages. Their promotional activities include Twitter feeds like: “Hi dolls, have you seen the QuickTrim buy one get one free sale at GNC? Just in time for bikini season!” Or: “Aw thanks doll! I try 2 work out every morning in my Shapeups and I use QuickTrim. It’s important to stay in shape.” Plaintiffs allege that they were deceived into buying QuickTrim products – products that are “worthless” and of “no value” – by the sisters’ promotional activities.

The plaintiffs’ complaint is already in its third iteration. The latest version, filed July 2, 2012, is a clear response to the Kardashians’ Motion to Dismiss filed in June. The Kardashians moved to dismiss an earlier version of the plaintiffs’ complaint, arguing that there are no reported cases supporting a private right of action for spokesperson liability. They further argued that the Kardashians were not alleged to be sellers or merchants of QuickTrim, which is required to successfully assert breach of warranty and contract claims. Finally, they argued the plaintiffs’ state law claims of deceptive advertising failed because there are no allegations or proof (1) that the Kardashians were not bona fide users of QuickTrim products at the time they made public statements, (2) that the public statements did not reflect the Kardashians’ honest opinions, findings, beliefs or experiences, and (3) that the Kardashians knew, based upon their personal experiences, that the advertising claims of the manufacturer, which the sisters repeated, were false.

The July 2 amended complaint attempts to overcome these deficiencies by peppering the filing with allegations (1) that “[t]he Kardashian sisters deal in goods of this kind – weight loss and fitness products – and hold themselves out as having knowledge or skill peculiar to the weight loss field” and (2) that “the Kardashian sisters are not bona fide users of QuickTrim, and their public statements endorsing the products do not reflect their honest opinions, findings, beliefs and experiences.”

It will be interesting to see what the court does with the case and whether it will allow it to survive another likely round of dismissal requests. It is clear from the Federal Trade Commission’s 2009 revised guidelines on celebrity endorsements that a celebrity product sponsor may get into hot water for repeating unsubstantiated health claims about a product. But a possible enforcement action by the FTC does not translate into a private right of action for consumers. Celebrity endorsers should have some degree of immunity from these types of suits. Otherwise, they risk being beleaguered by consumer publicity-seekers. The more appropriate course of sanction for disgruntled consumers is the filing of an FTC complaint, which the FTC can review and determine whether there is a basis for action.

Ifrah Law is a leading white-collar criminal defense firm that focuses on e-commerce, and internet advertising.

High Court Tosses Out Indecency Cases, Finds FCC Didn’t Give Proper Notice to Broadcasters

BY: Michelle Cohen

On June 21, 2012, in FCC v. Fox Television Stations Inc., the U.S. Supreme Court struck down the Federal Communications Commission’s effort to apply its indecency standard to brief broadcasts of nudity and “fleeting expletives.” But the Court relied not on the First Amendment’s free-speech guarantees but rather on the Fifth Amendment’s due process clause.

The Court held that Fox and ABC were not given fair advance notice that their broadcasts, which occurred prior to the announcement of the new indecency policy, were covered. This retroactive application violated their due process rights.

Broadcasters were hoping for a much broader First Amendment ruling that would have permanently hamstrung efforts by the agency to police indecency on the air. Instead, although a $1.4 million fine against ABC and its affiliates and a declaration by the FCC that Fox could be fined as well were both overturned, the agency remains free to create new indecency policies and case law under 18 USC 1464, which bans the broadcast of any” obscene, indecent, or profane language.”

In ABC’s case, the transgression was showing a seven-second shot of an actress’s buttocks and the side of her breast on NYPD Blue in 2003, and in Fox’s case, it was some isolated indecent words uttered by Cher and Nicole Richie on awards shows.

Prior FCC policy stressed the difference between isolated indecent material (which was not punished) and repeated broadcasts (which resulted in enforcement action). The Court held that Fox and ABC did not have sufficient notice that these brief moments, which occurred before the new policy went into effect, could be targeted.

The U.S. government tried to argue that a 1960 statement by the FCC gave ABC notice that broadcasting a nude body part could be contrary to the prohibition on indecency. The Supreme Court said “no dice,” as FCC had in other, later decisions declined to find brief moments of nudity actionable. If the FCC is going to fine ABC and its affiliates $1.24 million, it had better provide clear, fair notice of its indecency policies.

Since the case doesn’t affect the enforceability of the FCC’s current standard, as applied to current (rather than past) broadcasts, however, broadcasters still live in fear of the possibility of big fines levied against them for a couple of obscenities or a few seconds of nudity.

We agree with longtime public interest advocate Andrew Schwartzman, who said of this ruling, “The decision quite correctly faults the FCC for its failure to give effective guidance to broadcasters. It is, however, unfortunate that the justices ducked the core 1st Amendment issues. The resulting uncertainty will continue to chill artistic expression.”

The courts can certainly review challenges to the FCC’s indecency standards, and related issues will continue to come before the courts, including the issue of whether the current indecency standard violates the First Amendment rights of broadcasters and whether any changes the FCC may make will survive First Amendment scrutiny.

Meanwhile, with this case resolved, the FCC can finally move forward with a backlog of indecency complaints pending before it. FCC Commissioner Robert M. McDowell said in response to the Supreme Court ruling that there are now nearly 1.5 million such complaints, involving 9,700 television broadcasts, and that “as a matter of good governance, it is now time for the FCC to get back to work so that we can process the backlog of pending indecency complaints.”

Domain Names Go Creative: Will We Soon See Dot-Poker?

BY: Griffin Finan

Domain names on the Internet are about to get much more varied and creative. Soon websites will not just end in the few familiar suffixes like “com” or “edu,” but could end in things like “.movie” or ”.lawyer” or “.lol.”

On Wednesday, the Internet Corporation for Assigned Names and Numbers (ICANN), the organization tasked with regulating Internet domain names, released a list detailing who has applied for new suffixes, also known as top-level domains (TLD). This is the third major expansion ICANN has allowed of domain name suffixes, in addition to a few others that have been allowed on an ad hoc basis. The new system will streamline the application process and allow for up to 1,000 new domain suffixes a year.

The application process allowed companies to apply for their own brand name to use as their domain suffix name. For instance, Apple applied for the “.apple” suffix. Amazon applies for 76 names including “.amazon” and “.zappos.” Google applied for over 100 suffixes, including “.google” and “.youtube,” as well as “.lol,” and “.book.”

An interesting development related to the world of online gaming is that four groups applied for domain names that would end in “.poker.” The companies that applied for the “.poker” suffix are U.S.-based Binky Mill, LLC and Dot Poker, LLC as well as European-based dot Poker Limited and Afilias Domains No. 5. Limited.

Now that the initial list of applicants for TLD’s has been released, the public will have 60 days to comment. This time period will allow for companies and organizations to see whether others’ applications conflict with their interests or their intellectual property. After conflicts are resolved, there will be an appeals process. The new addresses likely will not launch until next year.

It remains to be seen whether these new domain extensions will become popular. Some companies may be able to capitalize on the marketing opportunities presented by the new TLD’s and other generic TLD’s that could become much more common. In any event, domain names are surely going to be more creative starting very soon.

FTC Takes New Look at Alcohol Industries, Focusing on Digital Media

BY: Griffin Finan

The media world has changed radically since the last time that the Federal Trade Commission took a look at the marketing efforts of the nation’s major alcoholic beverage producers. So the FTC is taking a fresh look, emphasizing the recent explosive growth of social media in its continuing effort to determine whether the industry is self-regulating its marketing efforts as well as it should.

The FTC is requiring fourteen major producers, including Anheuser-Busch, Diageo and Bacardi, to release information about their Internet and digital marketing presence. The FTC will then use the data collected in the study to make recommendations about how the industry should regulate itself.

The commission’s last marketing study was completed in 2008 and was based on data from 2005. In 2005, Twitter did not exist yet, YouTube had just been launched, and Facebook was a year old. In that study, of the companies surveyed, only 1.9 percent of their $3.3 billion in marketing expenditures were spent on digital media.

This study marks the first time that the FTC is asking alcohol producers to provide detailed information on their Internet and social media practices, data collection and tracking practices of visitors. The 14 major alcoholic producers must produce responses to the FTC by June 11, 2012.

The FTC is limited in what it can do with the data collected, but the goal is a report that would help determine future advertising rules for websites and social media. The FTC generally lets the industry set its own advertising guidelines, and the three main alcoholic beverage industry trade associations have compliance systems in place to ensure that advertising targeted at underage audiences is minimized. Two of the three trade associations have implemented new guidelines to address marketing on social media sites.

This is an ambitious action by the FTC that could lead to increased government involvement in Internet activities. Industry self-regulation has been effective thus far and can continue to be effective. It remains to be seen what recommendations the FTC will develop after this study, but we will keep you posted.

Report from Energized FTC Seminar on Online Advertising

BY: Sarah Coffey

On May 30, 2012, the Federal Trade Commission held a workshop at its conference center in Washington, D.C., entitled “Advertising and Privacy Disclosures in the Digital World.” This workshop was intended both to provide guidance to the public concerning the FTC’s advertising requirements and to solicit input from the public for updates to the FTC’s existing online advertising guidelines, “Dot Com Disclosures” (DCD). The FTC hopes to update the DCD to take into consideration advancements in technology and advertising since the guidance document was initially introduced in 2000, including the discussion of platforms such as mobile devices and social networking.

Of particular interest to us was the panel entitled “Universal and Cross-Platform Advertising Disclosures.” This panel focused on how to make disclosures, rather than on the particular information that needs to be disclosed or who should be liable for failures to disclose. The panel hoped to explore and develop best practices for this purpose and discussed public comments for the FTC’s consideration in updating the guidelines. The panel, moderated by Michael Ostheimer, a staff attorney in the agency’s Division of Advertising Practices, was composed of consumer advocates, advertiser representatives, academics, corporate counsel, and an assistant state attorney general.

The panel emphasized that there are valid ways to allow merchants and advertisers flexibility in marketing on space-constrained forums while still making adequate disclosures to consumers. The panelists stated that it is impractical to try to put all relevant terms on one page, and that it may be counterproductive to do so since consumers will only read a fraction of the information. Therefore, clearly labeled hyperlinks may be used to draw attention to essential terms.

For example, a web page advertisement for coolers stating “satisfaction guaranteed” might be considered deceptive if a hyperlink lower on the page simply marked “Disclosures” led to a page disclosing that a material potential investment, such as a restocking fee for returned items, limits the guarantee. Therefore, the advertisement could be more compliant if the disclosure were closer to the relevant claim (“satisfaction guaranteed”) and if the hyperlink stated clearly the material term, such as “Disclosure – Restocking Fees Apply.”

The panel also agreed that the disclosures required to prevent deception are directly tied to the claims made in the advertisement. By limiting the dissemination of triggering claims, the advertiser also limits the necessary disclosures. Also, the complexity of the offer dictates the necessary disclosures. If an offer includes a continuity plan or other conditions or restrictions, the disclosures will necessarily also be more complex to prevent deception. It is important to note that a disclosure that contradicts an advertisement is not sufficient to make an advertisement non-deceptive.

The panel recommended that the FTC guidelines deal only with substantive issues and that the specific form of the disclosures, as opposed to their substance, be left to the discretion of the advertisers and merchants. For example, while disclosures must be prominent, there should not be a requirement that certain conditions be in bold, italics, or a certain font size. With text-based advertisements, such as tweets or sponsored search results, such a contrast is not possible. Therefore an upfront text disclosure, such as “Purchase Required,” should be sufficient to meet the standard.

The panelists were right to emphasize the need for advertisers to have flexibility and self-regulation without imposing FTC guidelines that do not comport with how business is done in the modern world.

We hope that the FTC will keep pace with evolving technology and business needs to allow advertisers flexibility to promote their products in ways that will best reach consumers.

Obama’s Consumer Privacy Bill of Rights: Less Than Meets the Eye?

BY: Nicole Kardell

A good bit of fanfare surrounded the Obama Administration’s release of its Consumer Privacy Bill of Rights in late February. The publication reflects the Administration’s efforts to improve online consumer privacy protections while not stifling the growth of the Internet industries.

The document is entitled, “Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy.”

The “Bill of Rights” is supposed to establish a “baseline of clear protections for consumers and greater certainty for companies,” providing for the following:

• Transparency: Consumers have a right to easily understandable information about privacy and security practices.

• Respect for Context: Consumers have a right to expect that organizations will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data.

• Security: Consumers have a right to secure and responsible handling of personal data.

• Access and Accuracy: Consumers have a right to access and correct personal data in usable formats, in a manner that is appropriate to the sensitivity of the data and the risk of adverse consequences to consumers if the data are inaccurate.

• Focused Collection: Consumers have a right to reasonable limits on the personal data that companies collect and retain.

• Accountability: Consumers have a right to have personal data handled by companies with appropriate measures in place to assure they adhere to the Consumer Privacy Bill of Rights.

But in our view, there is not that much here that is new, and the privacy protections that it purports to provide are not as comprehensive as they sound.

The framework is based in part upon the concept that the Federal Trade Commission will have the power to enforce privacy policies established by companies themselves. But that is something that the FTC has already been doing; see here for an example. 

It is true that lately, more companies have been signing on to privacy policies with “Do Not Track” features. Through the Digital Advertising Alliance, member companies (including Google, Yahoo, Microsoft and AOL) have agreed to a “Do Not Track” option on their browsers that would let consumers opt out of certain data tracking. But again, that’s something that’s already been in the works. See an example here.   And the exceptions to the “Do Not Track” option make it pretty weak.

The “Do Not Track” policies provided for would not apply to search engines or other first-party sites; they would apply only to third-party sites. So when the Administration touts the cooperation of these industry leaders through the Digital Advertising Alliance, it should be understood that the leaders are giving their blessing to restraints on others, not so much on themselves (although Google subsidiaries that are third-party sites, like DoubleClick, would be covered).

Under the “Do Not Track” policy, first-party sites can still collect user data and serve users ads based upon that data. Even third-party sites under the policy can maintain and use consumer data. They are simply restricted in how they can use it: They can use it only for market research and analytics.

Another major exception to the “Bill of Rights” is that it only applies to commercial use of data.

The White House’s publication notes that “Americans value privacy and expect protection from intrusions by both private and governmental actors.” But governmental actors are not subject to this “Bill of Rights.” The statement says in a footnote that it does not cover the government’s access to data in the possession of private parties.

We generally think of a “Bill of Rights” as having universal application. Perhaps the Administration shouldn’t have been so hasty to publish something and instead have waited and taken the time to prepare a statement that would have been more meaningful.

Why POM Wonderful Can Celebrate FTC Judge’s Ruling in Advertising Case

BY: Nicole Kardell

Pomegranate juice maker POM Wonderful has declared victory against the FTC . . . in spite of an administrative law judge’s ruling that upholds many claims in the agency’s complaint. But the California company has good reason to celebrate: certain FTC standards, the ones that POM cried foul on, were rejected by the court.

The epic battle between POM Wonderful and the FTC began roughly two years ago during an agency investigation of the company for false advertising. The FTC had approached POM with a proposed requirement of enhanced advertising standards for medical and health claims. These would have required the company to seek FDA approval before making certain claims; the standards would also have required more stringent research requirements for substantiation of such claims.

To support these new standards, the FTC showed POM consent orders it had recently entered into with Nestle U.S.A. and Iovate Health Systems, Inc. That’s when POM cried foul. It saw the FTC’s moves – shifting and enhancing standards through consent orders with other companies, as opposed to traditional notice and hearing procedures – as a major overstepping and defiance of the rulemaking process. The company took its complaint to court, filing a lawsuit in U.S. District Court for D.C. against the FTC for violating its First and Fifth Amendment rights. The FTC within two weeks issued its administrative complaint against POM for false advertising.

Now, two years later, after a voluminous hearing record in the administrative proceeding, the administrative law judge in the FTC’s action has issued an opinion upholding certain false advertising allegations in the FTC’s complaint – based on implied as opposed to express claims – but also siding with POM on the company’s major issues of contention. (Note that POM’s action in the U.S. District Court appears to still be pending as of May 23, 2012.)

POM is touting victory based on rulings by the judge that (1) any FDA pre-approval requirement “would constitute unnecessary overreaching” and that (2) more stringent double-blind, randomized, placebo-controlled studies were not necessary. It appears that these rulings effectively put the kibosh on the FTC’s sliding scale of regulation through settlement agreements … at least in this instance.

An important holding from the court that POM has cited in its press release is that “[t]he greater weight of the persuasive expert testimony in this case leads to the conclusion that where the product is absolutely safe, like POM Products, and where the claim or advertisement does not suggest that the product be used as a substitute for conventional medical care or treatment, then it is appropriate to favor disclosure.”

The court thus addressed some of POM’s concerns over a chilling effect on free speech that could have resulted from the FTC’s attempts to require FDA preapproval for certain health claims. This is a concern we had identified in an earlier post on the matter. While many articles published on the judge’s opinion to date have been headlining POM’s losses, the more important aspect may be the judge’s findings in favor of the company.

Should FTC Protect Gamers Against Unhappy Endings?

BY: Steven Eichorn

Whether you or not you are an avid gamer, you have probably realized that a significant segment of the general population takes gaming quite seriously. Probably a little too seriously sometimes.

It seems that the ending to the popular game Mass Effect 3 (“ME3”), which is produced by BioWare, disappointed many devoted players so much that they filed a petition with the FTC for deceptive advertising. According to the petition, the company’s advertising convinced the players that they were able to change the game’s ending, but in reality, there were only three different endings and they were relatively similar.

Unsurprisingly, the FTC did not comment on the petition. One can only imagine the “parade of horribles” that would happen if the FTC acted on the petition. We might see petitions against any movie that was not as good as advertised, against ball clubs for not being as competitive as advertised, against colleges for not being as good as advertised, and the like.

Generally, the FTC takes the reasonable position that consumers have a certain amount of responsibility for their purchases and should understand that even legitimate advertising is meant to persuade the consumer to purchase something. (On the other hand, BioWare’s co-founder, Dr. Ray Muzyka, did take the petition seriously and released a statement that “the team are hard at work on a number of game content initiatives that will help answer the questions, providing more clarity for those seeking further closure to their journey.”)

However, the same argument can be applied to some of the advertising campaigns that the FTC has criticized. For example, one could argue that a reasonable consumer should understand that Google is not going to hire him to work from home and compensate him handsomely, with absolutely no experience, and even without any job interview. Likewise, one could persuasively argue that the government is obviously not giving out grants to nearly every applicant for any random cause, just so long as you sign up for the monthly fee. Yet the FTC does oppose these forms of suggestive/misleading advertising.

One wonders if the true distinctions are the targeted audience of the advertising and the nature of consumer loss. If the targeted audience represents a more unfortunate and vulnerable segment of society, then the FTC is more likely to step in to protect the unfortunate and vulnerable consumer. If the targeted audience is more able to fend for themselves, however, the FTC is less likely to step in to protect them.

In addition, the consumer who is taken in by a misleading work-at-home scheme has, at the very least, lost valuable time and money. The consumer who plays ME3 has had a game experience for his or her money, just one that is perhaps not as exciting as he or she expected. There is a difference.

As a final note, there is a bright side to this petition. In an effort to draw attention, an online petition to redo the ending of ME3 also started a donation drive for Child’s Play, which provides video games for patients at children’s hospitals worldwide. In less than two weeks, the drive reached its goal and raised slightly more than $80,000. We are confident that even the FTC can agree that the charity drive was a good thing!