Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • FTC and NY claim of deceptive supplement advertising gets new life

    Courts

    On February 21, the U.S. Court of Appeals for the 2nd Circuit issued a summary order reversing the lower court’s dismissal of an FTC and New York State action, which alleges a biotechnology group’s (defendants) marketing campaign for a dietary supplement was deceptive under the FTC Act. According to the opinion, defendants claimed in advertising and marketing materials that a suite of dietary supplements (i) improve memory and provide other cognitive benefits; (ii) the effects are clinically proven; and (iii) have an active ingredient that “supplements” brain proteins. The FTC and New York State brought an action alleging deceptive marketing in violation of the FTC Act because the defendants study of the supplements showed “no statistically significant improvement in the memory and cognition of the participants,” and the few positive findings did not “provide reliable evidence of a treatment effect.” The lower court dismissed the action, finding the challenge to the study “never proceed[ed] beyond the theoretical” as the complaint only showed there were “possibilities that the study’s results do not support its conclusion.”

    On appeal, the 2nd Circuit found the complaint adequately alleges that the results of the study contradict representations made in the marketing materials, such as, the supplement “improved memory for most subjects within 90 days,” and concluded the lower court erred in dismissing the action.

    Courts Second Circuit Appellate FTC Act FTC

    Share page with AddThis
  • State AGs urge FTC to update identity theft rules

    State Issues

    On February 11, a bipartisan group of 29 state Attorneys General, the District of Columbia Attorney General, and an official from the Hawaii Office of Consumer Protection, responded to the FTC’s request for comment on whether the agency should make changes to its identity theft detection rules (the Red Flags Rule and the Card Issuers Rule), which require financial institutions and creditors to take certain actions to detect signs of identity theft affecting their customers. (Covered by InfoBytes here.) 

    In their response, the Attorneys General urge the FTC not to repeal the Rules, arguing that it “would place consumers at greater risk of identity theft, especially consumers in states that have not enacted” laws that complement the Rules. Instead, the response letter requests the FTC modify the Rules to “ensure their continued relevance” and “keep pace with the ingenuity of identity thieves.” The suggestions include: (i) that notices of changes to email addresses and cell phone numbers be sent to both the prior and updated addresses and phone numbers, an expansion of the current use of mailing addresses; (ii) the encouragement of more current forms of authentication, including multi-factor authentication, to replace examples which imply that knowledge-based authentication by itself is sufficient; and (iii) the addition of new suspicious activity examples related to the use of an account, such as a covered account accessed by unknown devices or IP addresses, an unauthorized user unsuccessfully trying to guess account passwords through multiple attempts, and attempts by foreign IP addresses to access multiple accounts in a close period of time.

    State Issues FTC Identity Theft RFI State Attorney General Privacy/Cyber Risk & Data Security

    Share page with AddThis
  • District Court temporarily stops debt collection operation at FTC’s request

    Courts

    On February 8, the FTC announced that the U.S. District Court for the Western District of North Carolina had issued a temporary restraining order and asset freeze regarding a debt collection operation allegedly collecting phantom debts. According to the FTC, the debt collection operation deceptively claimed to be attorneys, or to be affiliated with attorneys, to pressure consumers into paying debts which they did not owe, including threatening legal action if they did not pay, in violation of the FTC Act and the FDCPA. The order names 10 companies and six individuals as defendants and temporarily prohibits the defendants from, among other things, (i) misrepresenting information as it relates to collection efforts; (ii) threatening to take unlawful action; (iii) communicating with third parties without having obtained prior consent, other than to determine a consumer’s location; and (iv) failing to provide consumers with written debt information five days after initial contact.

    Courts FTC FDCPA Debt Collection FTC Act

    Share page with AddThis
  • Computer financing operator cannot use bankruptcy to discharge $13.4 million judgment

    Federal Issues

    On February 1, the FTC announced that the U.S. Bankruptcy Court for the Southern District of Florida ruled that the operator of a computer-financing scheme cannot use his bankruptcy to discharge a $13.4 million judgment entered in 2016 for violating a 2008 FTC order. The FTC alleged that the defendant and his affiliated companies collected more than $14 million from consumers based on promises that they would finance the purchase of new computers but failed to actually deliver the computers. The court determined that the contempt judgment issued in 2016 could not be discharged because it resulted from the defendant’s fraudulent conduct “based on both misrepresentation and concealment.” In a press release describing the ruling, the FTC stated that the defendant’s attempt to shield himself from complying with the order by filing for bankruptcy was an attempt to “avoid justice.”

    Federal Issues FTC Consumer Finance Bankruptcy Courts

    Share page with AddThis
  • VA releases Loan Guaranty Red Flag Rules Policy

    Agency Rule-Making & Guidance

    On December 13, the Department of Veterans Affairs (VA) released Circular 26-18-28, which outlines the VA’s Loan Guaranty Service Red Flag Rules Policy to aid in the detection, prevention, and mitigation of identity theft for certain loans financed by the VA (known as, “Vendee loans”), Native American Direct Loans, and refunded loans held by the VA. The policy lists categories and warning signs monitored by the VA, such as (i) credit reporting agencies alerts; (ii) suspicious documents that look altered or forged; (iii) suspicious or fictitious personal identifying information; and (iv) account activity inconsistent with established patterns. The policy notes that the VA Office of Inspector General will investigate accounts flagged for possible identity theft. Holds will be placed on the suspicious accounts or transactions as necessary.

    The VA is required by the FTC’s Red Flags Rule to develop and implement a written identity theft prevention program. Notably, as previously covered by InfoBytes, the FTC is seeking comments on whether the agency should make changes to the Rule. Comments are due by February 11, 2019.

    Agency Rule-Making & Guidance Department of Veterans Affairs FTC Identity Theft Privacy/Cyber Risk & Data Security

    Share page with AddThis
  • Court grants summary judgment in favor of FTC and Florida State Attorney General in debt relief scam case

    Courts

    On December 10, the U.S. District Court for the Middle District of Florida granted the FTC and the Florida Attorney General’s motion for summary judgment against an individual accused of participating in a scheme that allegedly targeted financially distressed consumers through illegal robocalls selling bogus credit card debt relief services and interest rate reductions. According to a 2016 complaint, several interrelated companies and the founder of such companies (defendants), among other things, allegedly violated the FTC Act, the Telemarketing Sales Rule, and the Florida Deceptive and Unfair Trade Practices Act by (i) claiming to be “licensed enrollment center[s]” for major credit card networks with the ability to work with a consumer’s credit card company or bank to substantially and permanently lower credit card interest rates; (ii) charging up-front payments for debt relief and rate-reduction services; and (iii) pitching credit card debt-elimination services, claiming the defendants could access money from a government fund to pay off consumers’ credit card debt in 18 months, when in actuality, no such government fund existed. In some cases, the defendants instructed consumers to stop paying their credit-card bills, resulting in “significant harm in the form of reduced creditworthiness, higher interest rates on their existing credit-card debt, and higher overall credit-card debt due to the accrual of late fees and interest charges.”

    The court entered a permanent injunction ordering the defendant founder of the companies involved to pay over $23 million in equitable monetary relief. The order also permanently restrains and enjoins such defendant from, among other things, participating—whether directly or indirectly—in (i) telemarketing; (ii) advertising, marketing, selling, or promoting any debt relief products or services; or (iii) misrepresenting material facts.

    Courts State Attorney General FTC Debt Relief Robocalls FTC Act Telemarketing Sales Rule State Issues

    Share page with AddThis
  • Additional defendants settle credit card laundering lawsuit

    Federal Issues

    On December 11, the FTC entered into a proposed settlement with an Arizona-based company and its officer (defendants) relating to an allegedly deceptive credit card telemarketing operation. As previously covered by InfoBytes, the FTC alleged that the defendants—as part of a larger group of 12 defendants comprised of an independent sales organization, sales agents, payment processors, and identified principals—violated the FTC Act and the Telemarketing Sales Rule by assisting a telemarketing company in masking its identity by processing the company’s credit card payments and laundering credit card transactions on behalf of multiple fictitious companies. The proposed settlement, among other things, prohibits the defendants from engaging in credit card laundering and bans them from telemarketing, processing payments, or acting as an independent sales organization or sales agent. The order also stipulates a judgment of $5.7 million, which will be suspended unless it is determined that the financial statements submitted by the defendants contain any inaccuracies.

    In March 2018, the FTC reached settlements with two of the other defendants (see InfoBytes coverage here). Litigation continues against the remaining defendants.

    Federal Issues FTC Settlement Anti-Money Laundering Credit Cards FTC Act Telemarketing Sales Rule Payment Processors

    Share page with AddThis
  • FTC reaches settlements with two student loan debt relief operators

    Lending

    On December 7, as part of Operation Game of Loans—a coordinated effort between the FTC and state law enforcement—the FTC announced settlements with operators of two student loan debt relief operations to resolve allegations that the defendants violated the FTC Act and the Telemarketing Sales Rule by, among others (i) charging consumers who purchased the debt relief services illegal upfront fees; and (ii) falsely promising to assist consumers in enrolling in government programs that would reduce or forgive their student loan debt.

    Under the terms of the settlement, the defendants are permanently banned from advertising, marketing, promoting, offering for sale, or selling any type of debt relief product or service—or from assisting others in doing the same. Combined, the settlements total more than $36 million, though judgments have been partially suspended due to the defendants’ inability to pay.

    Lending FTC Student Lending Debt Relief Settlement FTC Act Telemarketing Sales Rule

    Share page with AddThis
  • FTC seeks comments on identity theft detection rules

    Agency Rule-Making & Guidance

    On December 4, the FTC released a request for public comment on whether the agency should make changes to its identity theft detection rules—the Red Flags Rule and the Card Issuers Rule—which require financial institutions and creditors to take certain actions to detect signs of identity theft affecting their customers. The FTC is seeking comment as part of its systematic review of all of its regulations and guides. According to the FTC, consumer complaints relating to identity theft represented the third largest category of consumer complaints made to the FTC through the first three quarters of 2018 and the second largest category in 2017. The FTC is seeking comment on all aspects of the two rules, but also poses specific questions for commenters to address, such as (i) whether there is a continuing need for the specific provisions of the rules; (ii) what significant costs have the rules imposed on consumers and businesses; and (iii) whether there are any types of creditors that are not currently covered by the Red Flags Rule but should be covered. The request for comment is due to be published in the Federal Register shortly, and comments must be received by February 11, 2019.

    Agency Rule-Making & Guidance FTC Identity Theft RFI Privacy/Cyber Risk & Data Security

    Share page with AddThis
  • FTC commissioners discuss need for expanded authority over consumer data privacy and security

    Privacy, Cyber Risk & Data Security

    On November 27, the Senate Committee on Commerce, Science and Transportation’s Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security conducted a hearing to discuss, among other topics, whether the FTC should be granted expanded authority over consumer data privacy and security. The hearing entitled “Oversight of the Federal Trade Commission” heard from the Chairman of the FTC as well as the agency’s four commissioners. Ranking Member Senator Bill Nelson’s opening statement discussed the need for providing additional resources to the FTC in order to ensure the agency is able to perform its mandated duties and effectively protect U.S. consumers from unfair or deceptive acts or practices. The five witnesses agreed that enforcement remains a priority for the FTC and called for comprehensive consumer privacy legislation that would clarify the agency’s authority and the rules relating to data security and breach notification, while fostering competition and innovation to the benefit of consumers. Specifically, FTC Chairman Joseph Simons stated he would support federal data security legislation if it provided the following three items: (i) the ability to seek civil money penalties to effectively deter unlawful conduct; (ii) jurisdiction over nonprofits and common carriers; and (iii) broad rulemaking authority to issue implementing rules under the Administrative Procedures Act for consumer protection issues such as privacy and data security. Commissioner Rohit Chopra also emphasized the need for Congress to support the FTC’s authority under Section 13B of the FTC Act, which authorizes the FTC to seek preliminary and permanent injunctions against companies and individuals.

    However, Senator Blumenthal argued that too often the FTC has “fallen short” on protecting consumer privacy, particularly in terms of enforcement and pressing challenges. According to Senator Blumenthal, big tech companies misuse their power and consent orders are not “vigorously and adequately enforced.” He argued that the FTC must have the tools and resources to establish meaningful penalties for first offenses that pose a credible deterrent and recognize state attorneys general to ensure violations are investigated and punished.

    Among other things, the hearing also discussed topics addressing: (i) the FTC’s ongoing series of public hearings reexamining the agency’s approach to consumer privacy in light of changing technologies (see previous InfoBytes coverage here); (ii) federal preemption versus state-by-state laws and the risk of inconsistencies and compliance challenges; (iii) the potential use of the FTC’s Section 6B authority, which would allow requests to be sent to the tech industry to understand what data is collected from consumers and how that information is used, shared, and sold; (iv) privacy protections for children, including the strengths and weaknesses of the Children’s Online Privacy Protection Act, particularly with respect to children ages 13 and older; (v) data minimization controls; and (vi) notice and comment rulemaking authority.

    Privacy/Cyber Risk & Data Security FTC U.S. Senate Enforcement

    Share page with AddThis

Pages

Upcoming Events