InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FTC says fraud cost consumers $8.8 billion in 2022
On February 23, the FTC released data showing 2.4 million consumers reported losing a total of nearly $8.8 billion to fraud in 2022—a more than 30 percent increase from the prior year. Investment scam losses totaled more than $3.8 billion (the most of any category in 2022 and double the amount of investment scam losses reported in 2021). Imposter scam losses came in at $2.6 billion, up from $2.4 billion in 2021. The FTC reported receiving more than 5.1 million reports directly from consumers, federal, state, and local law enforcement agencies, the Better Business Bureau, industry members, and non-profit organizations. In addition to fraud reports, the FTC received identity theft reports and complaints related to issues concerning problems with credit bureaus, banks, and lenders. Reports received through the FTC’s database serve as the starting point for many of the FTC’s enforcement investigations, the agency said, adding that reports are also shared with federal, state, local, and international law enforcement professionals. Full coverage of the reports received in 2022 can be accessed here.
FTC, DOJ sue telemarketers of fake debt relief services
On February 16, the DOJ filed a complaint on behalf of the FTC against several corporate and individual defendants for alleged violations of the FTC Act and the Telemarketing Sales Rule (TSR) in connection with debt relief telemarketing campaigns that delivered millions of unwanted robocalls to consumers. (See also FTC press release here.) According to the complaint, filed in the U.S. District Court for the Southern District of California, the defendants are interconnected platform providers, lead generators, telemarketers, and debt relief service sellers. Alleged violations include: (i) making misrepresentations about their debt relief services; (ii) initiating telemarketing calls to numbers on the FTC’s Do Not Call Registry, as well as calls in which telemarketers failed to disclose the identity of the seller and services being offered; (iii) initiating illegal robocalls without first obtaining consent; (iv) failing to make oral disclosures required by the TSR, including clearly and truthfully identifying the seller of the debt relief services; (v) misrepresenting material aspects of their debt relief services; and (vi) requesting and receiving payments from customers before renegotiating or otherwise altering the terms of those customers’ debts. The complaint seeks permanent injunctive relief, civil penalties, and monetary damages. Two of the defendants (a debt relief lead generator and its owner) have agreed to a stipulated order that, if approved, would prohibit them from further violations and impose a monetary judgment of $3.38 million, partially suspended to $7,500 to go towards consumer redress due to their inability to pay.
District Court allows FTC suit against owners of credit repair operation to proceed
On February 13, the U.S. District Court for the Eastern District of Michigan denied a motion to dismiss filed by certain defendants in a credit repair scheme. As previously covered by InfoBytes, last May the FTC sued a credit repair operation that allegedly targeted consumers with low credit scores promising its products could remove all negative information from their credit reports and significantly increase credit scores. At the time, the court granted a temporary restraining order against the operation for allegedly engaging in deceptive practices that scammed consumers out of more than $213 million. The temporary restraining order was eventually vacated, and the defendants at issue (two individuals and two companies that allegedly marketed credit repair services to consumers, charged consumers prohibited advance fees in order to use their services without providing required disclosures, and promoted an illegal pyramid scheme) moved to dismiss themselves from the case and to preclude the FTC from obtaining permanent injunctive and monetary relief.
In denying the defendants’ motion to dismiss, the court held, among other things, that “controlling shareholders of closely-held corporations are presumed to have the authority to control corporate acts.” The court pointed to the FTC’s allegations that the individual defendants at issue were owners, officers, directors, or managers, were authorized signatories on bank accounts, and had “formulated, directed, controlled, had the authority to control, or participated in the acts and practices set forth in the complaint.” The court further held that the FTC’s allegations raised a plausible inference that the individual defendants have the authority to control the businesses and demonstrated that they possessed, “at the most basic level, ‘an awareness of a high probability of deceptiveness and intentionally avoided learning of the truth.’”
The court also disagreed with the defendants’ argument that the permanent injunction is not applicable to them because they have since resigned their controlling positions of the related businesses, finding that “[t]his development, if true, does not insulate them from a permanent injunction.” The court found that “the complaint contains plausible allegations of present and ongoing deceptive practices that would authorize the [c]ourt to award a permanent injunction ‘after proper proof.’” In addition, the court said it may award monetary relief because the FTC brought claims under both sections 13(b) and 19 of the FTC Act and “section 19(b) contemplates the ‘refund of money,’ the ‘return of property,’ or the ‘payment of damages’ to remedy consumer injuries[.]”
FTC launches Office of Technology
On February 17, the FTC launched a new Office of Technology to strengthen the agency’s ability to keep pace with technological challenges in the digital marketplace. The Office of Technology will support the FTC’s enforcement and policy work, and will be headed by Chief Technology Officer Stephanie T. Nguyen who said it is a “vital time to strengthen the agency’s technical expertise and meet the quickly evolving challenges of the digital economy.” Specifically, the Office of Technology will (i) strengthen and support law enforcement investigations into business practices and the underlying technologies by “helping to develop appropriate investigative techniques, assisting in the review and analysis of data and documents received in investigations, and aiding in the creation of effective remedies”; (ii) work with FTC staff and the Commission on policy and research initiatives to provide technological expertise on non-enforcement actions; and (iii) engage with the public and external stakeholders on market trends and emerging technologies that impact agency work. “Our office of technology is a natural next step in ensuring we have the in-house skills needed to fully grasp evolving technologies and market trends as we continue to tackle unlawful business practices and protect Americans,” FTC Chair Lina Khan said.
Wilson to resign as FTC commissioner
On February 14, FTC Commissioner Christine Wilson announced plans to leave the agency. Wilson penned a Wall Street Journal op-ed, in which she took issue with a number of FTC Chair Lina Khan’s initiatives, including Khan’s antitrust policy and rulemaking efforts to ban the use of noncompete clauses in employee contracts. Wilson accused Khan of willfully disregarding congressionally imposed limits on agency jurisdiction, defying legal precedent, and abusing power to achieve desired outcomes. Chair Khan and Commissioners Rebecca Slaughter and Alvaro Bedoya issued a brief statement following Wilson’s announcement wishing “her well in her next endeavor.” The FTC is headed by five commissioners, each serving a seven year term, with no more than three commissioners coming from the same political party. With Wilson’s resignation, there are now two open seats on the Commission.
FTC provides 2022 ECOA summary to CFPB
On February 9, the FTC announced it recently provided the CFPB with its annual summary of activities related to ECOA enforcement, focusing specifically on the Commission’s activities with respect to Regulation B. The summary discussed, among other things, the following FTC enforcement, research, and policy development initiatives:
- Last June, the FTC released a report to Congress discussing the use of artificial intelligence (AI), and warning policymakers to use caution when relying on AI to combat the spread of harmful online conduct. The report also raised concerns that AI tools can be biased, discriminatory, or inaccurate, could rely on invasive forms of surveillance, and may harm marginalized communities. (Covered by InfoBytes here.)
- The FTC continued to participate in the Interagency Task Force on Fair Lending, along with the CFPB, DOJ, HUD, and federal banking regulatory agencies. The Commission also continued its participation in the Interagency Fair Lending Methodologies Working Group to “coordinate and share information on analytical methodologies used in enforcement of and supervision for compliance with fair lending laws, including the ECOA.”
- The FTC initiated an enforcement action last April against an Illinois-based multistate auto dealer group for allegedly adding junk fees for unwanted “add-on” products to consumers’ bills and discriminating against Black consumers. In October, the FTC initiated a second action against a different auto dealer group and two of its officers for allegedly engaging in deceptive advertising and pricing practices and discriminatory and unfair financing. (Covered by InfoBytes here and here.)
- The FTC engaged in consumer and business education on fair lending issues, and reiterated that credit discrimination is illegal under federal law for banks, credit unions, mortgage companies, retailers, and companies that extend credit. The FTC also issued consumer alerts discussing enforcement actions involving racial discrimination and disparate impact, as well as agency initiatives centered around racial equity and economic equality.
FTC bans health vendor from sharing consumer info with advertiser
On February 1, the DOJ filed a complaint on behalf of the FTC against a telehealth and prescription drug discount provider for allegedly violating the FTC Act and the Health Breach Notification Rule by failing to notify consumers that it was disclosing their personal health information to third parties for advertising purposes. As a vendor of personal health records, the FTC stated that the company is required to comply with the Health Breach Notification Rule, which imposes certain reporting obligations on health apps and other companies that collect or use consumers’ health information (previously covered by InfoBytes here).
According to the complaint filed in the U.S. District Court for the Northern District of California, the company—which allows users to keep track of their personal health information, including saving, tracking, and receiving prescription alerts—shared sensitive personal health information with advertisers and other third parties for years, even though it allegedly promised users that their health information would never be shared. The FTC maintained that the company also monetized users’ personal health information and used certain shared data to target its own users with personalized health- and medication-specific advertisement on various social media platforms. The company also allegedly: (i) permitted third parties to use shared data for their own internal purposes; (ii) falsely claimed compliance with the Digital Advertising Alliance principles (which requires companies to obtain consent prior to using health information for advertising purposes); (iii) misrepresented its HIPAA compliance; (iv) failed to maintain sufficient formal, written, or standard privacy or data sharing policies or procedures to protect personal health information; and (v) failed to report the unauthorized disclosures.
Under the terms of the proposed court order filed by the DOJ, the company would be required to pay a $1.5 million civil penalty, and would be prohibited from engaging in the identified alleged deceptive practices and from sharing personal health information with third parties for advertising purposes. The company would also be required to implement several measures to address the identified violations, including obtaining users’ affirmative consent before disclosing information to third parties (the company would be prohibited from using “dark patterns,” or manipulative designs, to obtain consent), directing third parties to delete shared data, notifying users about the breaches and the FTC’s enforcement action, implementing a data retention schedule, and putting in place a comprehensive privacy program to safeguard consumer data.
FTC finalizes data-security order with ed tech provider
On January 27, the FTC finalized an order with an education technology (ed tech) provider which claimed that the provider’s lax data security practices led to the exposure of millions of users and employees’ sensitive information, including Social Security numbers, email addresses, and passwords. As previously covered by InfoBytes, due to the company’s alleged failure to adequately protect the personal information collected from its users and employees, the company experienced four data breaches beginning in September 2017, when a phishing attack granted a hacker access to employees’ direct deposit information. Claiming violations of Section 5(a) of the FTC Act, the FTC alleged the company failed to implement basic security measures, stored personal data insecurely, and failed to implement a written security policy until January 2021, despite experiencing three phishing attacks.
Under the terms of the final decision and order, the company (who neither admitted nor denied any of the allegations) is required to take several measures to address the alleged conduct, including: (i) implementing a data retention and deletion process, which will allow users to request access to and deletion of their data; (ii) providing multi-factor authentication methods for users to secure their accounts; (iii) providing notice to affected individuals; (iv) implementing a comprehensive information security program; and (v) obtaining initial and biennial third-party information security assessments. The company must also submit covered incident reports to the FTC and is prohibited from making any misrepresentations relating to how it collects, maintains, uses, deletes, permits, or denies access to individuals’ covered information.
Biden administration releases Renters Bill of Rights
On January 25, the Biden administration announced new actions for enhancing tenant protections and furthering fair housing principles, which align with the administration’s Blueprint for a Renters Bill of Rights that was released the same day. The Blueprint and fact sheet lay out several new actions that federal agencies and state and local partners will take to protect tenants and increase housing affordability and access.
- The FTC and CFPB will collect information to identify practices that unfairly prevent applicants and tenants from accessing or staying in housing, “including the creation and use of tenant background checks, the use of algorithms in tenant screenings, the provision of adverse action notices by landlords and property management companies, and how an applicant’s source of income factors into housing decisions.” According to the White House, this marks the first time the FTC has issued a request for information that explores unfair practices in the rental market. The data will inform enforcement and policy actions under each agency’s jurisdiction.
- The CFPB will issue guidance and coordinate enforcement actions with the FTC to ensure information in the credit reporting system is accurate and to hold background check companies accountable for having unreasonable procedures.
- The FHFA will launch a transparent public process for examining “proposed actions promoting renter protections and limits on egregious rent increases for future investments.” Periodic updates, including one within the next six months will be provided to interested stakeholders. FHFA Director Sandra L. Thompson commented that the agency “will conduct a public stakeholder engagement process to identify tangible solutions for addressing the affordability challenges renters are facing nationwide, particularly among underserved communities. The proposals discussed during this process will focus on properties financed by [Fannie Mae and Freddie Mac].” She noted that FHFA will continue to evaluate Fannie and Freddie’s role in providing tenant protections and advancing affordable housing opportunities.
- The DOJ intends to hold a workshop to inform potential guidance updates centered on anti-competitive information sharing, including within the rental market space.
- HUD will publish a notice of proposed rulemaking to require public housing authorities and owners of project-based rental assistance properties to provide tenants at least 30 days’ advanced notice before terminating a lease due to nonpayment.
- The Biden administration will also hold quarterly meetings with a diverse group of tenants and tenant advocates to share ideas on ways to strengthen tenant protections.
According to the announcement, the agencies’ actions exemplify the principles laid out in the Blueprint, which underscores key tenant protections, including: (i) renters should be able to access safe, quality, accessible, and affordable housing; (ii) renters should be provided clear and fair leases with defined rental terms, rights, and responsibilities; (iii) federal, state, and local governments should ensure renters are aware of their rights and are protected from unlawful discrimination and exclusion; (iv) renters should be given the freedom to organize without obstruction or harassment from housing providers or property managers; and (v) renters should be able to access resources to prevent evictions, ensure eviction proceedings are fair, and avoid future housing instability.
The administration also announced it is launching a related “Resident-Centered Housing Challenge”—a call to action for housing providers and other stakeholders to strengthen their practices and make independent commitments that will improve the quality of life for renters. The Challenge will launch this spring and encourages states, local, tribal, and territorial governments to improve existing fair housing policies and develop new ones.
FTC takes action against eye surgery provider
On January 19, the FTC announced an action against an Ohio-based eye surgery provider (respondent) concerning allegations that it engaged in “bait-and-switch” advertising. According to the FTC’s complaint, the respondent engaged in deceptive business practices by marketing eye surgery for $250, yet only 6.5 percent of patients who received consultations qualified for that price. According to the FTC, despite the advertising claims, for consumers with less than near-normal vision the company typically quoted a price between $1,800 and $2,295 per eye. The FTC also alleged that respondent neglected to tell consumers up-front that the promotional price was per-eye.
Under the terms of the decision and order (which was granted final approval on March 15) the respondent must, among other things, pay $1.25 million in redress to harmed customers. Additionally, the respondent is banned from using deceptive business practices and is required to make certain clear and conspicuous disclosures when advertising the surgery at a price or discount for which most consumers would not qualify. Specifically, such disclosures must include whether the price is per eye, the price most consumers pay per eye, and any requirements or qualifications needed to get the offered price or discount.
The Commission voted to issue the administrative complaint and accepted the consent agreement 3-1. Commissioner Christine S. Wilson issued a dissenting statement, arguing that there are “no clear rules” regarding the qualifications of eye surgery referenced in the complaint. She stated that she is “concerned that requiring the inclusion of specific medical parameters in advertisements, when those parameters could be either over- or under-inclusive depending upon the results of the consultation, could be more confusing than helpful.”