FTC Tries to Stay One Step Ahead of Internet Fraud

BY: Nicole Kardell

The FTC’s recent settlement with a California-based Internet marketer may provide a good example of why the Commission is revising its online advertising guidelines. The FTC announced last Thursday that it has reached a settlement with Jaivin Karnani, his company, Balls of Kryptonite, and several associated companies.  The settlement resolves charges the FTC brought against Karnani in 2009 for allegedly deceptive tactics in marketing products to consumers in the United Kingdom.  The defendant allegedly misled British purchasers that his company, which sold a variety of electronics online, was based in the U.K.  The ruse was accomplished by tactics like using foreign website domains ending in .co.uk, listing prices in British pounds, and asserting that goods purchased would be shipped via “Royal Mail.”

British purchasers consequently believed that the websites were U.K.-based and therefore covered by Britain’s strong consumer protection laws for sales over the Internet (which, for instance, allow for return of purchases within seven days of receipt and full refunds for cancelled transactions and returned goods). Purchasers also believed that products would be covered by full warranties (which did not, in fact, apply to overseas purchases).

Among the terms of the settlement, Karnani and his companies will no longer be able to pose as U.K.-based.

The case highlights new complications faced by consumers and regulators in dealing with Internet sales and marketing. Just as people can create fictional personalities online through avatars and the like, so too can companies create artificial existences. How easy it is to create a false front when you don’t need to start with bricks and mortar! Karnani’s alleged shenanigans and manipulation of domain names provide a good example of the many things regulators and consumers need to look out for.

Such challenges, and the evolving dynamics of online marketing and sales, are part of why the FTC recently announced its plans to overhaul current Internet advertising guidelines. The current guidelines date back to 2000 and are pretty basic. In effect, they simply pronounce that consumer protection standards that apply to more traditional media also apply to the Internet.

The Commission’s announcement regarding the guidelines overhaul, which requests public comment through July 11, notes its seeks to address more specifics on the technical and legal issues of online marketing and sales, from dynamics of social media to “Apps” to pop-up blockers.

It obviously remains to be seen what exactly the new guidelines will address, but they may reflect issues brought out by this case. Other likely issues to be addressed, as we’ve seen them come up in FTC enforcement actions and as we have addressed them in this blog,  are (1) multi-party selling arrangements (e.g., affiliate marketing) and (2) privacy concerns over online tracking of consumer data.

We’ve been monitoring the public comments regarding the new guidelines and will post developments of interest.

FTC Says These ‘Free’ Offers Were Anything But Free

BY: Rachel Hirsch

Last month, the Federal Trade Commission filed a lawsuit against a Canadian entrepreneur and a group of web-based businesses that promised “free” offers that were far from free. In its lawsuit, the FTC charges the online marketers with scamming consumers in the United States, the United Kingdom, Canada, Australia, and New Zealand out of more than $450 million by charging them for products and services that the customers did not purchase. The lawsuit is the latest federal action targeting companies involved in what is known as the upsell industry and comes as a warning to online marketers to be careful in wording their advertisements.

Among those targeted in the FTC action is 24-year-old Jesse Willms, the owner of ten web-based businesses that touted free trials or risk-free offers on several products, including acai berry weight-loss pills, teeth whiteners, health supplements, work-at-home opportunities, access to government grants, free credit reports, and penny auctions. The lawsuit alleges that Willms obtained customers’ credit or debit card information through the promise of free or risk-free trial offers. Willms and other defendants allegedly contracted with affiliate marketers that used banner ads, pop-ups, sponsored search terms, and unsolicited email to lead consumers to the defendant’s websites. Once there, customers would be unknowingly charged for trial products or extra bonus products, plus a monthly recurring fee of typically $79.95.

The FTC alleges that the defendants provided banks with false or misleading information, in order to acquire and maintain credit and debit card processing services from the banks in the face of mounting charge-back rates and consumer claims. Thus, in addition to the FTC violations, Willms and his companies also face charges of violating the Electronic Funds Transfer Act and other U.S. regulations by debiting consumers’ bank accounts without their signed, written consent and without providing consumers with a copy of the written authorization.

Willms and his companies are not the first to engage in this type of sales strategy. Online marketers often engage in a technique commonly referred to as upselling, whereby the seller provides opportunities to the customer to purchase related products or services for the purpose of making a larger sale. In this case, however, the customers had no reason to believe that other products or services were being sold to them because the defendants “buried” important terms and conditions in fine print, the FTC alleged. According to David Vladeck, the director of the FTC’s Bureau of Consumer Protection, “The defendants used the lure of a ‘free’ offer to open an illegal pipeline to consumers’ credit card and bank accounts …. ‘Free’ must really mean ‘free’ no matter where the offer is made.”

The defendants’ sites also made penny auction offers that promised free bonus bids, but the FTC alleged that customers were hit with unexpected charges, including $150 for introductory bonus bids and $11.95 a month for ongoing bonus bids. Willms and his companies also allegedly made false weight loss and cancer cure claims for their products.

Interestingly, Willms, an avid blogger, talked about companies that make false claims online in a September blog post. “I know it’s tempting to make false or borderline claims,” the blog said. “We get excited about products and services and want to yell from the rooftops about how great they are. But, you need to keep it realistic.” In another blog post, Willms wrote that he never uses the word “free” to promote products because customers will assume the free products are useless.

For online marketers, this lawsuit is just another reminder that the FTC requires advertisers to substantiate all claims made in their ads. Put simply, under the FTC Guidelines, you cannot make claims about a product or service that require proof you do not have. This lawsuit should come as a warning to those who run penny auction sites as well: No online marketer is exempt from the FTC Guidelines.

Ifrah Law’s Blog Wrap-Up, May 1-13

BY: Jeff Ifrah

This is the fifth of a regular series of posts that summarize and wrap up our latest thoughts that have appeared recently on Ifrah Law’s blogs.

1. Bank Hit With FCA Complaint Over Mortgage Lending

The Justice Department uses a Civil-War era statute in a very unusual context – to try to recover more than $1 billion in a civil case from Deutsche Bank for statements it made to a federal agency about the quality of mortgages that it wrote.

Read the full post here on the Crime in the Suites blog.

2. What’s Next for Online Poker Players?

In the wake of the April 15 indictments in the online poker industry, we discuss the options available to people who still want to play poker but don’t have access to the websites they normally use.

Read the full post here on the Crime in the Suites blog.

3. Barney Frank’s Advice to Poker Players After ‘Black Friday’

The influential congressman gives a legal and political interpretation of the poker indictments and urges players to exert pressure on members of Congress.

Read the full post here on the Crime in the Suites blog.

4. Since When Did the FTC Start Regulating Cyber Security?

In a consent order with Twitter, the FTC resolves claims that the site deceived consumers regarding privacy protection. But is the agency trying to use the order as a wedge to regulate the entire online industry, arguably without a legal basis?

Read the full post here on the FTC Beat blog.

5. Supreme Court May Examine GPS Surveillance Issue

Do prosecutors need a warrant from a judge before they place a GPS device on a suspect’s vehicle? Federal appeals courts disagree on this issue, and the government has asked the Supreme Court to review it.

Read the full post here on the Crime in the Suites blog.

Sellers Beware: Regulatory Action May Lead to Criminal Charges

BY: Nicole Kardell

Having the Federal Trade Commission – or any other government agency – initiate an action against you or your company may seem like very bad news. But it can get much worse. Sometimes, what starts as a civil action by a government regulator can culminate in jail time. This is the hard lesson learned by Donald Barrett, founder and president of iTV Direct, an infomercial company.

Barrett and iTV Direct came under fire by both the Food and Drug Administration and the FTC in 2004 for marketing a purported health product, Supreme Greens. Barrett’s company had marketed the product with some pretty bold claims, such as that the product could prevent major health problems including cancer, Parkinson’s disease and heart disease. The FDA initially issued a warning letter to the company for marketing a non-licensed drug with false and misleading claims. The FDA letter was quickly followed by an FTC lawsuit for deceptive advertising, among other charges.

Not only were the assets of the defendants (Barrett, his company and additional related parties) frozen, but they were also ordered to pay a staggering $48.2 million in consumer refunds. And that wasn’t the end of it. As Barrett and other defendants lost a lengthy battle through the appeals process, the Department of Justice came in with criminal charges against Barrett for subscribing to a false tax return and misbranding. Barrett pled guilty earlier this month to those charges and is awaiting sentencing in July. He may face up to three years imprisonment.

Barrett’s experience demonstrates a difficult reality for individuals and companies that have evoked the interest of a government agency: a government investigation into one matter may lead to more and increased government involvement. Once an agency starts looking into a subject’s affairs, the proverbial can of worms is opened. There will almost invariably be some problems, some irregularities, identified. The investigated party may find themselves suddenly facing a panoply of issues across government agencies. With Barrett, what began as a matter with the FDA, then the FTC, opened him to issues with the IRS and the DOJ.

What is a company or individual to do in order to minimize exposure once a government agency initiates an action? Proceed with caution … and review the steps we suggest taking.

Since When Did the FTC Start Regulating Cyber Security?

BY: Nicole Kardell

There’s no question that the Federal Trade Commission has the authority to prevent deceptive and unfair trade practices, such as false or misleading claims directed at consumers. Somehow, however, that authority has morphed into a much broader reach than one would have expected on the basis of common sense. We’ve written extensively about such jurisdictional overreaching by the FTC in the health food industry (see, for instance, this article). One of the latest examples of the FTC’s expansion of its powers is its recent settlement agreement with Twitter.

The FTC and Twitter entered into a settlement agreement in March to resolve claims that the company deceived consumers regarding its privacy protection practices. The FTC’s action was a result of two security breaches at Twitter in 2009 that permitted hackers to obtain unauthorized administrative control of Twitter, including access to non-public user information and tweets. The security breaches and underlying security practices at Twitter, according to the FTC, were in contravention of Twitter’s published privacy policy.

The variance between Twitter’s stated policy and its practice was the “hook” for the FTC, which alleged that Twitter thus deceived its users regarding its privacy protection measures. To address this alleged deception, the settlement agreement between the FTC and Twitter requires that Twitter not make any misrepresentations about its security measures and its protection of non-public user data. This portion of the settlement makes sense and appears to be within Commission jurisdiction, but the settlement terms are far more extensive. One troubling aspect is that the agreement outlines security measures for Twitter to follow and institutes external monitoring requirements.

So how does the FTC go from preventing deceptive trade practices to regulating cyber security? And where is the statutory authority for this power? The Commission appears to be engaging in an increasingly common practice of creating new standards and expanding its reach – outside its authority, outside the traditional rulemaking process – by developing those standards through settlement agreements with companies under investigation. These companies are likely to agree to a variety of terms in order to get the government off their back. From their perspective, it often makes sense to end a dispute with the FTC rather than to challenge its power.

So Twitter may have determined that it was in its interest to agree to the FTC’s cyber security requirements. It may already have instituted adequate measures to comply with the terms of the agreement. But the FTC may next “shop” the terms of the Twitter settlement agreement to other companies it is considering investigating. The terms of the agreement will gradually become industry policy, and the FTC will go after companies that don’t adhere to that policy (which was never formally instituted).

This process of informal power expansion has been undertaken by the FTC in the health food industry and is being challenged by POM Wonderful LLC in federal district court. It remains to be seen whether the Commission will be reined in by the courts. In the interim, companies with a significant online customer base should be aware that the FTC is inching its way into regulating data privacy and data security.

FTC Files Suit Against Acai Marketing Sites Disguised as ‘News’

BY: Nicole Kardell

The FTC recently filed suit against ten operations with websites that market acai berry weight loss products. The FTC alleged that the companies’ websites – which look like news websites – deceived consumers who thought the sites were credible journalistic outlets as opposed to elaborate marketing schemes.

According to the FTC, the sites contained titles such as “News 6 News Alerts,” “Health News Health Alerts,” or “Health 5 Beat Health News” and would include the names and logos of actual major media outlets such as ABC, Fox News, CBS, CNN, USA Today and Consumer Reports. The sites published news-type headlines, articles with content that appeared to be objective investigative reporting, and supposed independent user comments at the end of the articles.

These websites, however, were made up entirely of marketing content to prompt consumers to click on hyperlinked acai berry weight loss product sites (which is how the website operators made money — when consumers clicked through to linked product sites and made purchases, the marketing site would receive a commission). This nature and purpose of the sites was not made clear to consumers – another failing alleged in the FTC’s suits.

The FTC’s action should come as no surprise to the defendant companies. Looking at a sample defendant company site (see, for example, the exhibit provided on the FTC’s Bureau of Consumer Protection blog) it seems pretty obvious that the marketing schemes of these companies attempted to entice consumers into believing their website content was objective news reporting. Such schemes seem textbook “deceptive” advertising as outlawed under the Federal Trade Commission Act.

Moreover, the FTC has been making noise over the last couple of years that should have put the companies on notice. Last August, the Commission succeeded in halting a similar deceptive scheme by Central Coast Nutraceuticals, Inc. regarding marketing of the very same product. And back in 2009, the FTC published guidelines on use of Testimonials and Endorsements in advertising, outlining how relationships with producers should be disclosed.

It is possible that the defendant companies knew of, but merely ignored, the fact that their marketing schemes could result in FTC action. They may have opted for temporary profit over long-run regulatory risk. But when the regulatory risk could mean frozen assets and disgorgement of profits, marketers should think twice before selling “by any means necessary.”

New Illinois Tax Law May Strike Hard Against Affiliates

BY: Sarah Coffey

A new Illinois law purporting to preserve and create jobs in the state may soon be putting Illinois affiliates out of business. Governor Pat Quinn recently signed a law requiring online retailers to collect sales tax on purchases made in Illinois, on the premise that the companies have a presence in the state due to in-state affiliates. This follows the Supreme Court ruling in Quill v. North Dakota, 504 U.S. 298 (1992), which stated that vendors are only required to track and collect sales tax on transactions for states in which they have a physical presence.

Illinois lawmakers claim that the bill will level the playing field for small businesses to compete with online merchants, and will generate $150 million in tax revenues annually. However, the plan could backfire on the state. Amazon.com, the online retailer at which the law is largely aimed, has responded by promising to terminate all of its Illinois affiliates in order to avoid charging the state sales tax. Other major online merchants such as Overstock.com are vowing to follow suit.

Illinois has cause to believe that Amazon will follow through with its threat. It has responded to similar laws in Colorado, North Carolina, and Rhode Island by terminating its contracts with affiliates in those states. In fact, officials at the Rhode Island Department of Revenue “do not believe that there has been any sales tax collected as a result of the Amazon legislation” according to Paul Dion, the head of the department’s revenue analysis-office.

Rather than support small businesses, this law will put Illinois affiliates out of business. We believe that this law unfairly targets internet affiliates, costing them their jobs and costing the state income tax revenue. Since the state will not generate additional sales tax if online retailers terminate their in-state affiliates, Illinois will be left in a worse position than it was before. We believe that this law punishes the small businesses which it purports to help, and that it should be repealed.

An Interview With David Deitch, New Ifrah Law Partner

BY: David Deitch

On April 1, 2011, David Deitch started work as a partner at the Ifrah Law Firm. David is an experienced trial lawyer and former Department of Justice counterterrorism prosecutor. Because he will now be a regular contributor to this blog, the editor of FTC Beat conducted this brief interview to introduce David to our readers. Please feel free to ask him your own questions in the comments section and at the end of this post.

Q. Can you tell us a little about your background — where have you worked, and what kinds of cases have you tried?

A. In the 20-plus years since I graduated law school, the largest portion of my career has been spent as a state and federal prosecutor. I worked for the Manhattan District Attorney’s Office in the early 1990s, and later worked as a federal prosecutor, as an Associate Independent Counsel, as an Assistant United States Attorney, and as a trial lawyer for the Department of Justice’s Counterterrorism Section. I have also worked for law firms such as Covington & Burling, Schulte Roth & Zabel, and Janis Schuelke & Wechsler.

Most of my trial work has involved criminal cases. The most prominent cases were the two trials for which I was co-lead counsel while I was with the Counterterrorism Section, in which defendants were charged with providing material support to terrorist organizations.

Q. In addition to counterterrorism cases, what other types of white-collar cases have you worked on?

A. My background in white-collar criminal law comes from two sources. First, my work on counterterrorism cases often included a lot of the same kinds of investigative processes, issues and charges that are usually associated with white-collar crime. For example, in many cases, the focus of investigation and prosecution was on the illegal movement of money, and the charges under consideration involved money laundering. Other cases may have involved other facts and charges that are not as different from traditional white-collar work as you might expect. Second, since I left the government in January 2007, I have been involved with a wide variety of investigations and prosecutions of white-collar criminal cases. These included internal investigations undertaken on behalf of the boards of directors of large corporations, as well as representation of individuals charged with violating federal criminal law. The subjects of these matters included wire fraud, bribery and gratuities violations, violations of the Foreign Corrupt Practices Act, and other federal crimes, as well as forfeiture statutes.

Q. Why did you choose to join Ifrah Law?

A. I joined Ifrah Law for a number of reasons. The firm offers attentive, expert and effective legal representation to its clients, and these are the qualities of service that I have always sought to bring to my clients. Ifrah Law also has a strong client base in a number of different industries. I am looking forward to a long and successful relationship with the firm.

Q. What do you see as some of the major trends in white-collar law and litigation in this decade?

There are a few prominent trends. The Department of Justice has made no secret about its vigorous efforts to seek out and prosecute companies and individuals who violate the Foreign Corrupt Practices Act, and law enforcement agencies at all levels are looking hard at some of the economic activity involving mortgages and investments that are viewed as being related to the downturn in the economy of the last few years.

These vigorous efforts at enforcement have also seen the use of investigative tools in white-collar cases that were once traditionally reserved for investigations into other kinds of crimes. The best example of that is the use of wiretaps in the Rajratnam insider trading case. As readers of the Crime in the Suites blog may know, Jeff Ifrah has been quoted in the media discussing that matter.

Q. Can you mention some steps that companies can take, as a matter of corporate policy, to avoid finding themselves in the cross hairs of prosecutors?

A. There are certainly no guarantees, but companies must train their employees about the rules and regulations that govern their employees’ activities. Then, I suggest that companies institute a vigorous compliance program that reinforces that training and create systems designed to identify employees who violate the law. Finally, if a company receives information that an employee has violated the law, it should move promptly to investigate the allegations so that company counsel can advise the company on the best course of action to protect the company’s interests.

Do Companies Need to Change the Way They Use Online Consumer Data?

BY: Nicole Kardell

The FTC recently entered into an agreement with Internet advertising company Chitika, Inc., settling charges that the company deceptively tracked consumers’ online activities. At issue in the FTC’s complaint was that Chitika’s privacy policy gave consumers the ability to opt out of being tracked by the company’s use of online “cookies,” but that – unbeknownst to consumers who chose to exercise this option – the opt-out lasted for only 10 days. After that, the company would resume tracking consumers’ online activity.

The FTC alleged that the short duration of the opt-out period was deceptive and violated federal law, since the company’s privacy policy did not specify an end to the period. (The company claims the 10-day opt-out duration was a technical glitch.)

One possible take-away from the FTC’s action is that, to avoid interest from government regulators, companies with privacy policies should ensure that those policies are not promising more than they can effectively deliver. After all, Chitika’s alleged violation was that it did not live up to its own privacy policy standards.

But recent legislative and regulatory developments could recommend a different course for companies with a significant online presence. Companies may want to prepare to change their practices when it comes to the collection and use of consumer data obtained through tracking consumers’ online activities.

The announcement of the FTC’s settlement with Chitika comes on the heels of preliminary Senate committee hearings on online consumer privacy. The U.S. Senate Committee on Commerce, Science, and Transportation began hearings in March on the state of online consumer privacy and the potential need for protective statutory measures. The initial hearings, held March 16, focused on how online consumer information is collected, maintained and used.

At the March 16 hearings, FTC chairman Jon Leibowitz testified on the Commission’s December 2010 report on consumer online protections, which outlines the FTC’s Do Not Track program. The program – reflected in enhanced consumer controls of online tracking by Microsoft and Mozilla – would allow consumers to choose not to have their Internet browsing tracked by third parties.

Do Not Track is currently being promoted by the FTC, along with other measures, to inform consumers of safeguards against unwanted collection of personal data. With or without additional legislation, the Commission, according to Leibowitz’s testimony and the December 2010 report, is actively engaging in proactive measures to change consumer and business practices online and to undertake enforcement actions against companies whose data collection and dissemination may violate current laws.

Another significant development with immediate consequences is an E.U. directive taking effect this May. The new E.U. law will require companies to obtain “explicit consent” from consumers before companies can use cookies to track the consumers’ online activities. Whether or not the E.U. law is a sign of tougher requirements to come in the United States is hard to say, as E.U. countries traditionally have had much more stringent data privacy protections.

Regardless, companies should be aware that the days of indiscriminate use of cookies to track consumer behavior may be coming to an end – either by law or by consumer demand. Companies may want to take cues from the likes of Yahoo and others who are preparing for more consumer choice in this important manner.

FTC Files First Lawsuit Against ‘Text Spam’

BY: Ifrah Law

 Spam seems to be everywhere these days, and it has now invaded your wireless handheld.

 Last month, the Federal Trade Commission filed its first lawsuit ever against an alleged perpetrator of “spam texting” – the practice of sending unsolicited commercial text messages to a large number of people.

 The FTC is alleging that Phillip Flora of Huntington Beach, Calif., sent some five million unsolicited commercial texts to wireless handhelds to promote his debt relief and loan modification programs. Flora’s mass texting, according to the FTC, violated the Federal Trade Commission Act because his “acts or practices … are unfair.” Although the allegation may sound vague, a closer review of the FTCA and the FTC’s jurisdiction may show that the case against Flora has a substantial basis in law.

 The FTC also charged Flora with other violations of the FTCA as well as of the CAN-SPAM Act, including deceiving consumers by representing a government affiliation and sending commercial e-mails without the required return address and opt-out provisions. The “unfairness” allegation, though, raises the most interesting questions under the law.

 The statute that gives the FTC authority to prevent “unfair” commercial practices also limits the agency’s jurisdiction to those practices (1) causing substantial injury to consumers, (2) which are not reasonably avoidable, and (3) which are not outweighed by benefits to consumers or competition. In its suit against Flora, the FTC alleged that the mass spamming caused substantial injury since text recipients were often charged under their cell phone plans for text messages received.  Recipients could not reasonably avoid the messages because the text spam was “foisted upon consumers,” including those who specifically requested to receive no more messages.  As for the third part of the “unfairness” test, the FTC merely asserted that there were no benefits outweighing harm to consumers without elaborating. 

 The biggest question appears to be whether or not text spam in fact causes substantial injury to consumers.  Can a charge of less than a dollar be considered substantial?  The Commission itself has previously stated that it “is not concerned with trivial or merely speculative harms.”   However, the FTC emphasized the large number of text spam recipients, and it has previously noted that a small harm to a large number of people could be considered substantial. Whether the court will agree is another question, but the FTC does appear to have decent arguments for why it has authority to pursue text spammers.

 Consumers themselves have also been going after text spammers. Class actions have been filed recently against, for example, Domino’s Pizza, Burger King, and Simon & Schuster for their text advertising. These lawsuits, which allege violations of the Telephone Consumer Protection Act, have regularly resulted in multimillion-dollar settlements – including up to a $250 reimbursement to each text recipient.