Online Advertising Targeted by Federal Trade Commission

On May 15, 2014, Maneesha Mithal, Associate Director of the Division of Privacy and Identity Protection at the Federal Trade Commission (“FTC” or “Commission”) testified, on behalf of the FTC, before the U.S. Senate Committee on Homeland Security and Governmental Affairs addressing the Commission’s work regarding three consumer protection issues affecting online advertising: (1) privacy, (2) malware and (3) data security. Below is a summary of the Commission’s testimony regarding these three key areas and the Commission’s advice for additional steps to protect consumers.


Privacy has been a top priority for the Commission since the early 1990s. In March 2012, the Commission released its Privacy Report, and it continues to engage in privacy enforcement actions involving the online advertising industry. In its testimony, the Commission highlighted several key enforcement actions in this area that demonstrate significant principles regarding privacy:

  • Chitika, Inc., No. C-4324 (F.T.C. June 7, 2011) – The FTC alleged that Chitika, an online advertising network, violated section 5 of the FTC Act when it offered consumers the ability to opt out of the collection of information to be used for targeted advertising – without telling them that the opt-out lasted only 10 days.
  • ScanScout, Inc., No. C-4344 (F.T.C. Dec. 14, 2011) – The FTC charged that ScanScout deceptively claimed that customers could opt out of receiving targeted ads by changing the computer’s web browser settings to block cookies, when, in fact, ScanScout used Flash cookies, which browser settings could not block.
  • Epic Marketplace, Inc., No. C-4389 (F.T.C. Mar. 13, 2013) – The company settled charges that it used “history sniffing” to secretly and illegally gather data from millions of consumers about their interest in sensitive medical and financial issues, ranging from fertility and incontinence to debt relief and personal bankruptcy. 
  • Google, Inc., No. C-4336 (F.T.C. Oct. 13, 2011) – Google agreed to pay a $22.5 million civil penalty to settle charges that it misrepresented to Safari browser users that it would not place tracking cookies or serve targeted ads to them, violating an earlier privacy order with the Commission.

Spyware and Other Malware

The Commission’s testimony emphasized that spyware and malware can cause substantial harm to consumers and to the Internet as a medium of commerce. Since 2004, the Commission has initiated a number of malware-related enforcement actions, which focus on three key principles:

  • Installing Software: A consumer’s computer belongs to him or her, not to the software distributor, and it must be the consumer’s choice whether or not to install software. Downloading spyware to a consumer’s computer without his/her knowledge is a violation of section 5 of the FTC Act.
  • Disclosures: Buried disclosures of material information necessary to correct an otherwise misleading impression are not sufficient in connection with software downloads. Burying material information in an End User License Agreement will not shield a malware purveyor from liability under section 5 of the FTC Act.
  • Removal of Malware: If a distributor puts a program on a computer that the consumer does not want, the consumer should be able to uninstall or disable it.

Data Security

The security measures implemented by companies to protect consumer data from third parties accessing such data without permission has been the focus of 53 enforcement actions initiated by the FTC. In addition to enforcement of the FTC Act, the Commission enforces several specific statutes and rules that impose obligations upon businesses to protect consumer data, including the Commission’s Safeguard Rule implementing the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, and the Children’s Online Privacy Protection Act. Through its 53 data-security-related enforcement actions, the Commission has developed the following principles, which apply to online advertising networks, as well as other businesses:

  • Reasonable and appropriate security measures must be continuously assessed to address risks
  • There is no one-size-fits-all data security program
  • The Commission does not require perfect security, but assesses security measures for reasonableness in light of the sensitivity and volume of consumer information held by the company, the size and complexity of the company’s data operations, and the cost of the available security tools

Recommendations for Next Steps

To continue to protect consumers in the areas of privacy, malware, and data security – particularly with respect to online advertising – the Commission offered three recommendations:

  • More widespread consumer education about how consumers can protect their computers against malware
  • Continued industry self-regulation to ensure that ad networks are taking reasonable steps to prevent the use of their systems to display malicious ads to consumers
  • Enactment of a strong federal data security and breach notification law to prevent breaches and protect consumers from identity theft and other harm

FTC to Media: Time to Lose Some Pounds

Just in time for the New Year, as thousands of people are making weight loss resolutions and searching for ways to stick to them, the Federal Trade Commission (FTC) released updated guidance for publishers and broadcasters on how to evaluate weight-loss claims when screening ads for publication. The imposition of liability on the media for deceptive claims that are published is not new, and major television networks already pre-clear advertisements to ensure that they not misleading violations of section 5 of the FTC Act. Thus, the guidance does not create new liability for publishers, but rather provides a reminder for publishers to be vigilant when it comes to weight-loss claims.

The FTC’s Gut Check: A Reference Guide for Media on Spotting False Weight-Loss Claims, provides an update to its original "Red Flag Bogus Weight Loss Claims" reference guide from 2003. "Gut Check" identifies seven automatically suspect weight loss claims that should trigger investigation by publishers to ensure truthfulness. Such claims include:

  • Causes weight loss of two pounds or more a week for a month or more without dieting or exercise
  • Causes substantial weight loss no matter what or how much the consumer eats
  • Causes permanent weight loss even after the consumer stops using product
  • Blocks the absorption of fat or calories to enable consumers to lose substantial weight
  • Safely enables consumers to lose more than three pounds per week for more than four weeks
  • Causes substantial weight loss for all users
  • Causes substantial weight loss by wearing a product on the body or rubbing it into the skin

Additionally, "Gut Check" provides guidance on the use of consumer endorsements and disclaimers. The guides remind publishers that consumer endorsements must either be typical of the weight loss results experienced by users, or must clearly and conspicuously disclose what the typical results are. The FTC concludes that as a rule, endorsements from people who claim to have lost an average of two pounds or more per week for a month or more (or endorsements from people who say they lost more than 15 pounds overall) should be accompanied by a disclosure of how much weight consumers typically can expect to lose. Regarding clear and conspicuous placement, the FTC says that disclosures should be:

  • Close to the claims they relate to – for example, consumer testimonials – and not buried in footnotes or blocks of text people aren’t likely to read
  • In a font that’s easy to read and at least as large as other fonts the advertiser uses to convey the claim
  • In a shade that stands out against the background
  • For video ads, on the screen long enough to be noticed, read, and understood
  • For video or radio ads, read at a cadence that’s easy for consumers to follow, and
  • In words consumers will understand

"Gut Check" was released in conjunction with settlements in four weight-loss cases, indicating this is an area of great concern to the FTC that will likely see continued stringent enforcement.

DMA Not a Supporter of "Reclaim Your Name" Campaign

Back in June, FTC Commissioner Julie Brill unveiled an initiative called, “Reclaim Your Name” at the Computer Freedom and Privacy Conference.  Her proposed initiative is directed to the big data industry and calls on data brokers to give consumers more control over their personal data.   According to Commissioner Brill, Reclaim Your Name would “empower the consumer to find out how brokers are collecting and using data; give her access to information that data brokers have amassed about her; allow her to opt-out if she learns a data broker is selling her information for marketing purposes; and provide her the opportunity to correct errors in information used for substantive decisions – like credit, insurance, employment, and other benefits.”

Commissioner Brill followed up her remarks at the Conference with an op-ed piece in the Washington Post earlier this month, again demanding transparency from data brokers.  In her op-ed, Commissioner Brill likened the efforts of data brokers who collect data on surfing habits and app usage to the type of information the NSA was collecting.  She also opined that “personal data could be — and probably are — used by firms making decisions that aren’t regulated by the FCRA but still affect users' lives profoundly” and that these decisions include whether consumers are too risky to do business with or aren’t right for certain clubs, dating services, schools or other programs.

One industry participant, the Direct Marketing Association (DMA), disagreed strongly with Commissioner Brill’s op-ed and took her to task in a letter.  That letter, signed by DMA CEO Linda Woolley said that the op-ed ignores the “social benefits” resulting from big data and that it “demonizes” data-driven marketers by wrongly comparing it with the NSA.  Woolley pointed out that the use of consumer information for commercial purpose is governed by laws distinct from surveillance issues.  She said that, “[c]onfusing issues of national security and responsible marketing paints an alarmist picture of supposed threats that the collection of marketing data poses to consumers.”  Woolley also said that Reclaim Your Name focuses on speculative harms and ignores the benefits of “customization and personalization of Internet experiences through the commercial use of data.”

While Commissioner Brill’s statements are informative, the FTC has not formally adopted her Reclaim Your Name initiative.   Any industry-based solution will need to consider the benefits of increased consumer notice and choice, as well as the benefits that responsible data-driven marketing can provide to consumers.

FTC Issues New COPPA Guidance Focusing on Ad Networks

This post was written by John Feldman and Frederick Lah.

It’s now been almost a month since the revised COPPA Rule went into effect July 1, 2013. Earlier this year, the FTC issued new guidance on how to comply with the revised Rule. As part of its new guidance, the FTC provided a detailed set of FAQs. To see our previous blog post on the FAQs, please click here.

The FTC is planning to make additional revisions to their FAQs, with these revisions focusing on the obligations of ad networks. Specifically, the FTC explains in what circumstances an ad network is deemed to have “actual knowledge” that it has collected personal information from users of a child-directed site (see D.10, D.11, D.12), and the obligations of ad networks after they discover that they have been collecting personal information via a child-directed website (see K.2). The revised FAQs also relates traditional enforcement policy to the context of a button within an app that automatically opens an email program or social network. Providing the facility for a child to share personal information is just as problematic as if the operator was collecting that information itself. Thus, verifiable parental consent is required when permitting children to share content that may contain personal information – such as a painting combined with a field that allows for free expression.

As of the date of this writing, the FAQs have not been updated to reflect these revisions, but we anticipate they will surely be updated soon.

In the meantime, the FAQs can be seen in their entirety below.

D.5. [Now at FAQ D.10]

D.9. I operate a child-directed app that allows kids to make paintings. I don’t collect the paintings — they rest on the device — but the app includes buttons for popular email and social media providers that kids can click on within the app. The buttons open the email program or social network, populate it with the painting, and allow the child to share it along with a message. I don’t collect or share any other personal information through the app. Do I have to seek verifiable parental consent?

Yes. The COPPA rule defines “collection” to include requesting, prompting, or encouraging a child to submit personal information online, and enabling a child to make personal information publicly available in identifiable form. In addition, under the COPPA Rule, “disclosure” includes making a child’s personal information publicly available in identifiable form through an email service or other means, such as a social network. You must get verifiable parental consent before enabling children to share personal information in this manner, even through third parties on your app. This is true unless an exception applies. (See Section I, Exceptions to Prior Parental Consent). However, in the situation you describe — where a child can email a painting and a message or post content on his or her social networking page through your app — no exception applies.

D.10. I operate an advertising network service. Under what circumstances will I be held to have “actual knowledge” that I have collected personal information directly from users of another Web site or online service directed to children?

The circumstances under which you will be deemed to have acquired “actual knowledge” that you have collected personal information directly from users of a child-directed site or service will depend a lot on the particular facts of your situation. In the 2012 Statement of Basis and Purpose, the Commission set forth two cases where it believes that the actual knowledge standard will likely be met:

  1. where a child-directed content provider (which is strictly liable for any collection) directly communicates the child-directed nature of its content to you, the ad network; or
  2. where a representative of your ad network recognizes the child-directed nature of the content. 

Under the first scenario, any direct communications that the child-directed provider has with you that indicate the child-directed nature of its content would give rise to actual knowledge. In addition, if a formal industry standard or convention is developed through which a site or service could signal its child-directed status to you, that would give rise to actual knowledge. Under the second scenario, whether a particular individual can obtain actual knowledge on behalf of your business depends on the facts. Prominently disclosing on your site or service methods by which individuals can contact your business with COPPA information – such as: 1) contact information for designated individuals, 2) a specific phone number, and/or 3) an online form or email address – will reduce the likelihood that you would be deemed to have gained actual knowledge through other employees. (See also FAQ D.12 below).

D.11. I operate an ad network. I receive a list of Web sites from a parents’ organization, advocacy group or someone else, which says that the Web sites are child-directed. Does this give me actual knowledge of the child-directed nature of these sites?

It’s unlikely the receipt of a list of purportedly child-directed Web sites alone would constitute actual knowledge. You would have no duty to investigate. It's possible, however, that you will receive screenshots or other forms of concrete information that do give you actual knowledge that the Web site is directed at children. If you receive information and are uncertain whether the site is child-directed, you may ordinarily rely on a specific affirmative representation from the Web site operator that its content is not child-directed. For this purpose, a Web site operator would not be deemed to have provided a specific affirmative representation if it merely accepts a standard provision in your Terms of Service stating that, by incorporating your code, the first party agrees that it is not child directed.

D.12. I operate an ad network and am considering participating in a system in which first-party sites could signal their child-directed status to me, such as by explicit signaling from the embedding webpage to ad networks. I understand that I would have “actual knowledge” if I collect information from users on a first-party site that has signaled its child-directed status. Are there any benefits to me if I participate in such a system?

Such a system could provide more certainty for you. If the system requires the first-party site to affirmatively certify whether it is “child-directed” or “not child-directed,” and the site signals that it is “not child-directed,” you may ordinarily rely on such a representation. Such reliance is advisable, however, only if first parties affirmatively signal that their sites or services are “not child-directed." You could not set that option for them as the default.

Remember, though, that you may still be faced with screenshots or other concrete information that gives you actual knowledge of the child-directed nature of the Web site despite a contradictory representation by the site. If, however, such information is inconclusive, you may ordinarily continue to rely on a specific affirmative representation made through a system that meets the criteria above.

K.2. I operate an ad network. I discover three months after the effective date of the Rule that I have been collecting personal information via a child-directed website. What are my obligations regarding personal information I collected after the Rule's effective date, but before I discovered that the information was collected via a child-directed site?

Unless an exception applies, you must provide notice and obtain verifiable parental consent if you: (1) continue to collect new personal information via the website, (2) re-collect personal information you collected before, or (3) use or disclose personal information you know to have come from the child-directed site. With respect to (3), you have to obtain verifiable parental consent before using or disclosing previously-collected data only if you have actual knowledge that you collected it from a child-directed site. In contrast, if, for example, you had converted the data about websites visited into interest categories (e.g., sports enthusiast) and no longer have any indication about where the data originally came from, you can continue to use those interest categories without providing notice or obtaining verifiable parental consent. In addition, if you had collected a persistent identifier from a user on the child-directed website, but have not associated that identifier with the website, you can continue to use the identifier without providing notice or obtaining verifiable parental consent.

With respect to the previously-collected personal information you know came from users of a child-directed site, you must comply with parents' requests under 16 C.F.R. § 312.6, including requests to delete any personal information collected from the child, even if you will not be using or disclosing it. Furthermore, as a best practice you should delete personal information you know to have come from the child-directed site.

The Risks of 'Native Advertising'

This post was written by Frederick Lah and Sulina Gabale.

Kim Kardashian is notorious for setting Twitter trends with her fashion-forward tweets. But would a consumer buy the same product knowing she was paid up to $20,000 for tweeting it?

The term "native advertising" refers to when an advertiser masks ads as editorial content in an effort to market more seamlessly to consumers. The intent behind this practice is to make advertisements less intrusive and to associate a brand with an experience.

For example, BuzzFeed, a popular blog notorious for hosting viral content, commonly features articles such as "24 Reasons Why 3D Street Art Is The Best" that look just like any other blog post, but are actually paid advertisements. In these instances, BuzzFeed clearly identifies the advertiser in the face and body of the post by indicating the article is "Presented by Canon."

But what about ads that don’t feature clear disclosures? Twitter has now become a hotbed for such activity, especially within the context of celebrity endorsements. A New York Times blog investigated a tweet by pop singer Miley Cyrus to her 12 million followers, thanking a private jet company for a flight. Although Ms. Cyrus declined to comment, the company admitted that she was given some consideration for her tweet. Nowadays, it is becoming increasingly unclear to consumers whether celebrities are genuinely plugging a product they admire or if they are just paid to tweet about it.

With this concern comes a push for both publishers and marketers to meet ethical standards in native advertising so consumers aren’t duped by ads posing as editorial content. The National Advertising Division ("NAD"), part of the Council of Better Business Bureaus, establishes the policies and procedures for self-regulation in the advertising industry. In an editorial for Ad Age, Laura Brett, staff attorney for NAD, mentions that this debate has been longstanding ever since the FTC ruled back in 1968 that sponsored content "which purports to give an independent, impartial and unbiased view ... [must] clearly and conspicuously disclose that it is an advertisement."

Three months ago, the FTC once again addressed this concern within the context of native advertising by issuing its latest version of the "Dot Com Disclosures" guidance, which explains how to make sponsorship disclosures clear and conspicuous to avoid misleading consumers. While such guidance does not have the effect of binding law, if a company fails to comply with the guidance, the FTC could potentially bring an enforcement action alleging an unfair or deceptive practice in violation of the FTC Act.

Whether featuring a suggested story on Facebook, branding a playlist on Spotify, or hiring a celebrity to throw you a shout out on Twitter, companies should consider the risks of native advertising before diving in head first.

FTC Chairwoman Ramirez Says Do-Not-Track System is 'Long Overdue'

Earlier this week, FTC Chairwoman Edith Ramirez spoke to members of the ad industry, urging them to provide “effective and meaningful privacy protection” to consumers with respect to online tracking. Chairwoman Ramirez’s position reportedly surprised, and even frustrated, some attendees by implying that the Digital Advertising Alliance's self-regulatory program does not do enough in the space. She said that consumers feel “unease” with online tracking, and that they’re still awaiting “an effective and functioning do-not-track system,” which she characterized as being “long overdue.”

Last month, Chairwoman Ramirez expressed some optimism that a solution would be reached among stakeholders if they use a “consensus-based approach.” As the W3C Tracking Protection Group continues its attempts to work toward a solution, though, frustration may be setting in. Some stakeholders, such as Jay Rockefeller (D-W.Va.), may feel that the time for legislation has come; earlier this week he announced that he will hold a hearing with the Senate Commerce Committee next week to push his do-not-track legislation. For more information about that hearing, please click here.

FTC Revises Guidelines for Online Advertising

This post was written by John Feldman and Caroline Klocko.

Yesterday, the Federal Trade Commission (FTC) released updated guidelines (PDF) for regulating unfair and deceptive trade practices in online marketing. The “.Com Disclosures: How to Make Effective Disclosures in Digital Advertising,” were released in 2000, before the meteoric rise of social media marketing and the advent of smartphone advertising. As the evolution of these two areas has drastically changed the way brands communicate with consumers and blurred lines between corporate and word of mouth advertising, the FTC saw a need to extend these guidelines to cover all online, social and mobile marketing.

Like the original, this set of guidelines focuses on ensuring that ads are not unfair or deceptive by requiring disclosures to avoid consumer confusion. The main implications for marketers are not in the required content of disclosures and consumer protection laws, which remain the same in the updated guidelines, but in the physical placement of disclosures. The updated guidelines include examples and mock ads that demonstrate implementation of the guidelines in social media and mobile marketing contexts. The most important updates are in the areas of disclosures and hyperlinks.


Disclosures must be clear and conspicuous and placed in close proximity to relevant claims on all platforms on which consumers can view ads. Unlike the original set of rules, which provided that disclosures should be placed “near, and when possible, on the same screen,” the new guidelines direct advertisers to place disclosures “as close as possible,” to the relevant claim. The most important thing to be aware of here is making sure that disclosures are properly placed on mobile ads, which are usually viewed on small screens. On a tiny screen, space is at a premium, so marketers should be careful not to make an abundance of claims requiring disclosures. Additionally, advertisers should ensure that most of their ad is able to be viewed all at once on the small screen and that relevant disclosures are included in this view (i.e., consumers should not have to scroll a significant way down in order to find disclosures). The guidelines also discourage the use of pop-ups to provide disclosures, as many users have blocked pop-ups on their phones and Internet browsers. The bottom line is that if an ad cannot be placed clearly and conspicuously on a platform, then the ad should not be run on it.


Like the original guidelines, the revised guidelines discourage the use of hyperlinks for health, cost and safety related disclosures and call for hyperlinks to be labeled clearly. The new guidelines also encourage advertisers to label hyperlinks as clearly as possible and to consider how hyperlinks will function on a variety of platforms. Advertisers should take extra care to ensure that hyperlinks are functioning on all devices, like mobile phones. Additionally, the guidelines create a responsibility for advertisers to monitor hyperlink usage and to change disclosure methods if enough people are not clicking on the disclosure links to make the disclosures effective.

FTC to Mobile Industry: $800K... Can You Hear Me Now?

On February 1, the FTC announced its largest settlement to date with a mobile app developer – an $800,000 penalty – in conjunction with the release of guidance on mobile app best practices for app platforms, app developers, third parties and app trade associations.  The guidance document and the enforcement action together demonstrate the need for companies with mobile apps to review disclosures, vendor agreements, and consumer consent mechanisms for data collection.

Please click here to read the complete report on our sister blog, Global Regulatory Enforcement Blog.

POM Wonderful's Claims ... Not So Wonderful

On January 16, 2013, the Federal Trade Commission in a 5-0 vote upheld a May 2012 Administrative Law Judge’s (“ALJ”) decision that POM Wonderful LLC (“POM”) and its owners had falsely advertised its POM Wonderful 100% Pomegranate Juice, and POMx liquid and pill supplements, by claiming that its products treat, prevent or reduce the risk of heart disease, prostate cancer, and erectile dysfunction, and that they were proven to work.

In upholding the previous decision, the Commission’s Opinion actually went further than the ALJ decision by finding that 34 out of 43 ads contained false or deceptive claims, whereas the ALJ decision found that only 19 contained false or deceptive claims.

In addition, the Opinion found that POM needed a more robust level of substantiation for its claims than what was determined by the ALJ decision. The Commission’s Final Order requires that any disease-related establishment or efficacy claims made about the challenged POM products, or in connection with the POM’s sale of any food, drug, or dietary supplement, must be supported by at least two well-designed, well-controlled, double-blind, randomized, controlled clinical trials.

Although POM allegedly has more than $35 million-worth of scientific testing on its products, including more than 10 clinical studies, many of the studies were found by experts to have flaws.

In its appeal to the Commission, POM argued that finding liability would violate its First Amendment right to free speech and its Fifth Amendment right to due process. The Commission rejected these arguments.

Although the outcome of the Opinion is a blow to POM, the Opinion was not a complete victory for the FTC, as it denied the FTC’s request that POM be required to obtain FDA approval for future claims.

POM Wonderful may appeal the decision to a Federal Appeals Court within 60 days of receiving the Final Order.

Why this matters: This case will likely have a significant impact on advertisers making disease-related claims moving forward as it sets forth a very specific level and number of required clinical studies to meet the “competent and reliable scientific evidence” standard. If POM appeals, this will be an interesting test case as to whether the FTC is indeed overstepping its bounds.

FTC Announces New COPPA Rule

FTC Chairman Leibowitz has followed though on his commitment to finalize the new COPPA rule by the end of the year. Earlier today, at a press conference, the Chairman, alongside Senator Jay Rockefeller, announced the agency’s update to the rule. The new rule expands the application of the rule to new categories of “personal information” and to third party information collectors. The new COPPA is expected to come into effect on July 1, 2013 and will have an important impact on children’s advertising. For more information on this announcement and some highlights from the amendments, please visit our sister blog, Global Regulatory Enforcement Law Blog.

Do you know where your children are?

Apparently, a lot of people want to know, according to the Federal Trade Commission Chairman Jon Leibowitz and Jeff Chester, Executive Director of the Center for Digital Democracy. To learn more why, read our Global Regulatory Enforcement Law Blog covering the latest complaint filed against a mobile game-maker for alleged COPPA violations.

Click here to access the post.

Children's Privacy in Mobile Apps Continues to be atop FTC's List of Concerns

One is hard-pressed to think of something more important than protecting the privacy of our children. Front and center in this debate is how such privacy concerns need to be addressed in mobile platforms like smartphones. As the saying goes, “There’s an app for that”, and such is certainly true in offerings directed to children. The Federal Trade Commission has now issued its second staff report on the privacy practices of mobile apps for children, “Mobile Apps for Kids: Disclosures Still Not Making the Grade.”

Please click here to read the complete report on our sister blog, Global Regulatory Enforcement Law Blog.

Federal Trade Commission Director Claims Victory with Largest Civil Fine in FTC's History for Consent Order Violation

This post was written by Frederick H. Lah and Douglas J. Wood.

David Vladeck, FTC Director of the Bureau of Consumer Protection, made comments Tuesday, citing the U.S. District Court’s approval of a $22.5 million civil fine against Google for violating a consent order as “a clear victory for consumers and privacy,” and demonstrating that the Commission “will continue to ensure that its orders are obeyed, and that consumers’ privacy is protected.” The consent order settled charges that Google misrepresented privacy assurances to users of Apple’s Safari Internet browser in violation of a previous FTC settlement Order.

In its release, the FTC noted that the approval “resolves allegations that Google made misrepresentations to Safari users about the placement of advertising tracking cookies and serving of targeted advertisements in violation of the FTC’s October 2011 order against Google. Under the settlement, Google will pay a $22.5 million civil penalty, which is the largest in the FTC’s history for violation of an administrative order. Google must also maintain systems to expire the cookies it placed contrary to its representations to consumers.”

In the proceedings, the FTC provided little explanation as to how it came to the $22.5 million figure. In fact, the FTC specifically stated that calculating the figure in this instance was difficult to do and instead relied on the fact that this was the largest civil penalty ever levied for an order violation.

Consumer Watchdog filed an amicus brief arguing that the $22.5 million amount was too low because it is a de minimis amount of Google’s profits and revenues. The FTC responded by arguing that the determination of a civil penalty must involve a multi-faceted analysis, not just a company’s profits or revenues, taking into consideration: (1) the good or bad faith of the defendants; (2) the injury to the public; (3) the defendants’ ability to pay; (4) the desire to eliminate the benefits derived by the violations; and (5) the necessity of vindicating the authority of the FTC. The FTC went on to say that it never alleged in its complaint that the conduct at issue – misrepresenting that it would not place tracking cookies on Safari users’ computers – yielded significant revenues for Google. The FTC further argued that it is difficult to place a dollar value on the harm suffered by consumers as a result of the conduct, so placing a “per violation” calculation of an appropriate penalty is difficult to arrive at with precision.

Finally, the FTC noted that the $22.5 million figure was “many times over the FTC estimates the company earned from the alleged violation.” In a declaration, an FTC attorney stated that, “using a variety of sources, the FTC estimated that Google profited no more than $4 million from the alleged violation.” No additional explanation was provided as to where that $4 million figure came from, other than to say that negotiations with Google were extensive and lasted more than two months.

Why This Matters: Under the Federal Trade Commission Act, the potential fines for violation of an FTC Order can be astronomical if calculated literally in accordance with the formula in the statute. Such a calculation, however, has never been used, and this case helps practitioners and companies better understand how the FTC approaches such cases.

FTC and CFPB Send Wake-Up Call to Ensure Compliance with Mortgage Acts and Practices Advertising Rule

This post was written by Keri S. Bruce and Douglas J. Wood.

The Federal Trade Commission (FTC) and Consumer Financial Protection Bureau (CFPB) announced today that they have sent warning letters to more than 30 companies, including lenders, mortgage brokers, real estate agents, home builders and lead generators, notifying them that their advertisements may have violated the Mortgage Acts and Practices Rules (“MAP Rule”). The MAP Rule prohibits material misrepresentations in any commercial communication (including advertising) regarding any mortgage credit product, and contains record-keeping requirements for persons subject to the rule. Mortgage advertisers that violate the MAP Rule could be subject to civil penalties. The FTC and CFPB reviewed more than 800 mortgage ads across a variety of media and found numerous types of potentially false or misleading claims, including:

  • Promises of low rates without discussing loan terms
  • Advertisements containing official-looking seals, statements, images or logos suggesting that the advertiser is affiliated with a governmental agency
  • Promises of “pre-approval” without discussing significant conditions on the offer
  • Promises that a reverse mortgage will let consumers stay in their home for free

Mock advertisements with misleading claims can be found here. The CFPB noted that many of the potentially misleading advertisements seemed to be directed at service members/veterans or older Americans. The text of the MAP Rule can be found here.

In a separate press conference, the two agencies announced that they had sent out a total of 33 warning letters; 20 from the FTC and 13 from the CFPB. They also announced that in addition to the companies that received the warning letters, 19 other companies are under active investigation for violations of the MAP Rule and possible deceptive marketing practices. The FTC is conducting 13 of those investigation while the CFPB is conducting the remaining six. At this time, it remains unclear how the two agencies split the targets of either the letters or the investigations. According to the spokespersons for the two agencies at the press conference, those companies that received the warning letters are believed to be companies that should be doing a better job, while those that are under investigation may be guilty of far more serious violations. Concerns were also expressed about ads that targeted veterans and offered reverse mortgages.

Why this matters: This is the first joint FTC/CFPB effort and an important reminder to entities and persons that market and advertise mortgage products that there are two federal agencies on the prowl to find violations and to ensure that mortgage product communications (including traditional advertisements, websites, direct marketing, and social media pages) are in compliance with the MAP Rule, and FTC and CFPB rules and regulations. It is also important to remember that states, in addition to the FTC and CFPB, can enforce the MAP Rule, so it’s not just the FTC and CFPB that are watching! This is clearly the first shot across the bow of the financial services industry by two very powerful federal regulators and is something that must be watched very closely. In addition to specific ads being targets, of equal importance is understanding how the two agencies split the responsibilities. Without a clear understanding of how that came about, the financial industry will be answering to two masters that may well have inconsistent perspectives.

FTC and CFPB to Announce Joint Efforts to Address Consumer Protection

Today, the Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB) announced they will hold a press conference on Monday, November 19 to reveal a coordinated effort to protect consumers. The agencies have concurrent jurisdiction over financial services companies so this announcement, the first sine the re-election of President Obama, will be very revealing of what’s to come as these two regulators begin their oversight in earnest.. We’ll report more on Monday. The full press release can be read here.

FTC Announces Robocall Summit

On the heels of our report that the Federal Communications Commission ("FCC") is putting the obligations on entities that use auto-dialers -- “Robocalls” -- to public safety phone lines on its agenda for the year (see our 10/17/12 blog: “New Do-Not-Call Public Safety Registry Creates Additional Obligations for Auto-Dial Operators” by Judith L. Harris and Amy S. Mushahwar), the Federal Trade Commission (“FTC”) issued an announcement today, it is hosting a Robocall Summit in Washington, DC.  Robocalls have been a major concern of the FTC, particularly in the past two years during which time the Commission says it has “stopped companies responsible for billions of robocalls that offered everything from fraudulent credit card services and so-called auto warranty protection, to home security systems and grant procurement programs.”  Despite the FTC’s enforcement activities, however, consumer complaints about robocalls are on the rise and the FTC wants to know why.  They hope to “explore innovations designed to trace robocalls, prevent wrongdoers from faking caller ID data, and stop unwanted calls.”

FTC Calling On Ad Networks to Limit and Justify Data Collection

The issue of data collection is an important one in online privacy, particularly as it applies to ad networks. This issue is especially contentious in the context of Do Not Track mechanisms. A number of browsers – such as Safari, Internet Explorer, and Firefox – have mechanisms that permit consumers to instruct websites not to track their activities across the web. The FTC has said on numerous occasions, though, that an effective Do Not Track system should go beyond opting consumers out of receiving targeted advertisements; it should opt them out of the collection of behavioral data for all purposes, unless the purpose is consistent with the context of the interaction (e.g., to prevent click-fraud). Such sentiments were expressed in the FTC’s Privacy Report, as well as its testimony before Congress.

Last month, FTC Commissioner Julie Brill delivered a speech at the State of the Net West conference in San Francisco, calling on ad networks to spell out why they say they must collect data from consumers who do not wish to be tracked. "On numerous occasions, the FTC and other stakeholders have asked the advertising networks for specific market research and product improvement uses that require retention of linkable consumer data. The advertising networks are the only ones who can make the case for such use; without input from them it will be hard to see how such uses can be justified when a consumer has opted out of tracking." In that same speech, Commissioner Brill cited to a recent study by the Pew Research Center on privacy concerns with mobile devices. That study noted that 54 percent of app users have decided to not install an app after they discovered how much personal information they would need to share in order to use it, and that 30 percent of app users have uninstalled an app that was already on their phone because they learned it was collecting personal information that they didn’t wish to share.

Ad networks, and more broadly, all companies that collect data about consumers, should take note of the FTC’s focus on data collection. Data collection efforts should be limited appropriately and be accompanied with accurate disclosures.

FTC's Increasingly Aggressive Role in Enforcement

At a recent speaking engagement at the University of California Berkeley School of Law, David Vladeck, Director of the Federal Trade Commission’s Bureau of Consumer Protection, said that the FTC is creating a legacy of enforcement that changes expectations and baselines. Vladeck used strong words to describe the FTC’s hardline stance on enforcement, saying that the FTC has “sent a signal to the fraudster community” that “if you engage in this kind of fraud, we’re going to take everything you have and then try to burn down your house.” He noted that the FTC has obtained in the last three years more than 300 redress orders worth hundreds of millions of dollars for consumers, and that it has obtained 150 occupational bans against bad actors. Berkeley law professor Ted Mermin also spoke at the engagement. According to Mermin, under the Obama administration, the FTC has been more aggressive than it has been over the last 35 years in bringing judicial actions, bringing an average of 57 actions annually, far more than any other President over that time (the next closest was President George W. Bush with 36 actions annually).


While Vladeck’s strong words seem to be focused on consumer scams and other types of fraud, reputable businesses should also take note, particularly with respect to their advertising practices. As companies continue to come up with innovative ways to reach their customers (see, for example, Twitter’s new targeted advertising tool), it is important that they understand the regulatory landscape in which they operate. As a baseline, advertisers should ensure that their ads are not misleading, and that their corresponding privacy policies are current and truthful. However, it is also important for the FTC to understand the realities of a competitive landscape and refrain from creating a chilling effect on innovation and competition by over regulation and aggression.

FTC to MySpace: Watch What You Do in Consumers' Space

On Tuesday, the FTC approved a final order and consent decree settling charges that MySpace misrepresented its protection of users’ personal information. The settlement bars MySpace from future misrepresentations about its privacy practices, and requires MySpace to implement a comprehensive privacy program with regular, independent privacy assessments for the next 20 years.

For more information, please visit the Global Regulatory Enforcement Law Blog and read their Client Alert, "FTC’s Final Order with MySpace Focuses on Privacy by Design and Protection of Unique Device Identifiers" written by Paul Bond, Amy S. Mushahwar, and Christine E. Nielsen.

Sorry, Your Baby Can't Read

Just before Labor Day, the Federal Trade Commission (FTC) filed false advertising charges against the marketers of “Your Baby Can Read!” The program, widely promoted via infomercials and the Internet, purports to use videos, flash cards and pop-up books to teach babies as young as 3 months old how to read. The complaint charges Your Baby, LLC, its former CEO, and the program’s creator, Dr. Robert Titzer, with false and deceptive advertising and deceptive expert endorsements. According to the complaint, the defendants failed to provide competent and reliable scientific evidence that babies can learn to read using the program, or that children at age 3 or 4 can learn to read books such as Charlotte’s Web or Harry Potter.

The program’s former President and CEO, Hugh Penton, Jr., has already settled with the FTC. The settlement imposes a $185 million judgment (equal to the company’s gross sales since January 2008), but suspends the judgment upon the payment of $500,000 because of the company’s financial condition.

This case is one of many recent FTC cases attacking the issue of “competent and reliable scientific evidence.” Advertisers should monitor the FTC’s enforcement actions to stay abreast of changes.

FTC Issues Guidance to Mobile App Developers

On September 5, 2012, the Federal Trade Commission published "Marketing Your Mobile App: Get It Right from the Start", a set of guides addressing compliance with truth in lending and privacy principles for mobile app developers. Disclosures and privacy protection for mobile apps is a major issue and the FTC's guidance is important. In their summary, the FTC provided an overview that advised that app developers:

  • Tell the Truth About What Your App Can Do
  • Disclose Key Information Clearly and Conspicuously
  • Build Privacy Considerations in From the Start
  • Offer Choices that are Easy to Find and Easy to Use
  • Honor Your Privacy Promises
  • Protect Kids’ Privacy
  • Collect Sensitive Information Only with Consent
  • Keep User Data Secure

Pretty basic stuff, but the reminders from the FTC are well taken and should be carefully digested by anyone in the mobile app business, whether they’re developers or marketers. For a copy of the full publication, click here.

FTC COPPA Rule Revision Comments-Deadline Extended to December 23

No need to fret over Thanksgiving! The Federal Trade Commission has extended until December 23, 2011, the deadline for the public to submit comments on proposed amendments to the Children’s Online Privacy Protection Rule. That's good news because the revisions are significant and include the demise of the flexible "sliding scale" approach that permitted operators to install an "email plus" method of obtaining verifiable parental consent when the collection and use was of a very limited nature. Without any data or evidence of consumer harm, the FTC has determined that the "shelf life of 'email plus' has expired," to use the phrase of Commissioner Julie Brill at a recent Promotion Marketing Association conference. Apparently, making it harder for industry to market to children will force it to "innovate" new ways to comply. Sounds expensive. But, unless industry can come up with some hard evidence of those costs, the process of engaging children in interactive media will be significantly altered. There are other major changes. (The proposed changes will mean the end of user-generated contests for kids if they involve any uploaded photographs of themselves, for example.) Several industry groups, including the PMA, are planning to file comments. This extension will give industry more time to come up with hard numbers. Our sources at the staff level indicate that although there is a definite desire to kill email plus, carving out exceptions might be possible (at least in the Frequently Asked Questions that the FTC has published to help operators comply with the COPPA Rule) if commenters can produce solid reasons why this removal of the flexible approach is going to impose unreasonable costs, compared with the potential protection from admittedly hypothetical harm.

Unlike some of the recent FTC initiatives, which are arguably overreaches, these revisions, albeit aggressive, are probably within the broad Congressional authority granted to the Commission under COPPA. That makes it even more important that commenters come up with numbers about the costs of these revisions and how they might be likely to affect jobs. Even with regard to the Commission's apparent usurpation of oversight from self-regulatory bodies in the area of children's privacy, those bodies are subject to regulation by the FTC by virtue of the safe-harbor provisions. Thus, even though it will be imposing new costs and requirements on the Children's Advertising Review Unit (CARU), which was monitoring the collection and use of information from children before there even was COPPA, CARU, because it sought safe harbor status, is subject to whatever new requirements the Commission may impose. One has to wonder, however, whether the existing safe harbor entities are sanguine about the new burdens because the FTC will be effectively making the barrier to entry for new safe harbor competitors nearly impossible. Interesting anti-competitive question.

FTC Signals Retrenching on IWG Proposals

After a swift left to the chin in early September from the Republican-controlled House Energy and Commerce Committee Chair, Rep. Fred Upton, David Vladeck, the FTC Director of the Bureau of Consumer Protection, testified before the Subcommittee on Commerce, Manufacturing, and Trade, and the Subcommittee on Health, October 12, 2011, discussing the International Working Group (IWG) and changes that are underway.

  • The tone of Vladeck’s statement bore a marked respect for, though not deference toward, advertising self-regulation. This is in contrast to his speech before the self-regulatory National Advertising Division of the Council of Better Business Bureaus October 3, 2011, in which he only mentioned in passing the positive role of self-regulation. In his statement before the Subcommittees, he made a much more significant effort to acknowledge the success that has been achieved to date by self regulation both in the form of the Children’s Advertising Review Unit (CARU) and the Children’s Food and Beverage Advertising Initiative (CFBAI).
  • Because there is no scientific link between marketing of food and obesity, Vladeck made it clear that the Commission is asking industry to take on a share of the responsibility for solving the obesity problem “regardless of whether or to what extent food marketing may have contributed to the problem of childhood obesity” in the first place. In other words, according to Vladeck, it is a proper role of government to pressure industry to help solve multi-factored social problems by not marketing (and therefore not selling) products that may have no relationship to the social problems that the government is seeking to address. Vladeck referred the Institute of Medicine (IOM) Report from 2008 to highlight the fact that marketing influences food and beverage preferences, purchase requests and short-term diets of children under 12 to support the Commission’s position that industry should use its marketing power to eat certain foods rather than other foods. One can interpret this initiative as simply government telling industry what to advertise and what to sell based on a stated political goal. “Children’s health is the ultimate goal, and marketing of more nutritious foods is one effective tool to help achieve that goal.” 
  • Vladeck, who famously dismissed the notion that the IWG proposals could raise First Amendment concerns last summer in a blog post, apparently has been convinced that there may be some validity to the First Amendment arguments made by academics and lawyers in the advertising field. He states, “Our commitment to finding the best balance between what is best for children’s health and what is workable for industry has guided this entire process. . . . .The Working Group’s proposal is strictly voluntary. The Commission recognizes that some forms of regulatory action could raise First Amendment concerns.”
  • After 29,000 comments and after new CFBAI guidelines, which go a long way toward achieving the government’s goal of restricting marketing behavior related to certain foods and beverages, the FTC is signaling significant changes to its proposals. Those changes include:
    • Limiting the scope of marketing to children to those aged 2-11, rather than the originally proposed 2-17. Vladeck: “It is often difficult to distinguish marketing designed to appeal to this age group from marketing directed to a general or adult audience.”
    • Limiting the scope of the marketing activities included within the proposals. Vladeck: “The FTC staff believes that philanthropic activities, charitable events, community programs, entertainment and sporting events, and theme parks are, for the most part, directed to families or the general community and do not warrant inclusion with more specifically child-directed marketing. Moreover, it would be counter productive to discourage food company sponsorship of these activities to the extent that many benefit children’s health by promoting physical activity.”
    • Eliminating recommendations regarding trade dress and brands. Vladeck: “The Commission staff does not contemplate recommending that food companies change the trade dress elements of their packaging or remove brand equity characters from food products that don’t meet nutrition recommendations.”
    • Eliminating recommendations regarding in-store displays and packaging of seasonal or holiday confections.
    • Adjusting the proposed audience share criterion for “traditional media marketing,” including television, radio, and print, from 30 percent children ages 2 to 11 years, to 35 percent – which is the same age criterion used by CFBAI.

The IWG proposal is not dead, however. Expect to see the revised version focused more specifically on traditional media and on online, digital, and social marketing. Also, the IWG proposal will still seek to press its recommendations in the area of advertising or product placement in movies and video games. Additionally, it will cover sweepstakes and premium offers. And, in the one remaining proposal that will cover children and adolescents, Vladeck signaled that the proposal will cover marketing activities in schools for both children and adolescents.

Thus, the IWG proposal will be scaled back significantly. One important lesson: Self-regulation is critical, but industry must be careful of using self-regulation so aggressively that it creates a blueprint for “voluntary” regulation by governmental bodies. Cooperation between government and industry that results in co-regulation is not self-regulation. With the FTC standing right beside self-regulatory efforts, tweaking self-regulation as it deems necessary to advance espoused governmental goals of protecting children, the augmented CFBAI standards may be likely to be the presumptive norm for governmental expectations (and enforcement?). Let’s hope that the blueprint we’re now working off of will build a structure we can all live in.

The FTC's Investigation of Google: What To Do When The FTC Sends Your Company An Inquiry

This post was written by Rachel A. Rubin and Joseph I. Rosenbaum.

In June, Google confirmed that the Federal Trade Commission (FTC) opened an antitrust investigation against it. While the scope and details of the investigation have not been disclosed, the FTC is likely examining whether and how Google has used its dominance in Internet search and advertising to stifle competition, and whether Google’s actions cause harm to consumers.

As part of its investigation, the FTC can and will reach out to third parties, including Google’s partners, advertisers, and competitors, to learn more about the way Google behaves in the market. As the recipient of an FTC inquiry that is not purely voluntary, you are obligated to provide certain information to the FTC. While the nature and extent of this information will vary by company, receiving an FTC inquiry raises a host of legal questions and concerns.

So what do you do when the FTC reaches out to your company? We have prepared a set of FAQs – What Should You Do When The FTC Calls About Google? – to help your company understand the range of possible inquiries, the process of responding to the FTC, and your company’s potential liability.

For more information before or after you receive a letter from the FTC, please contact Joseph I. Rosenbaum or Rachel A. Rubin.

FTC Dot Com Disclosures -- Really?

Many people are unaware the Federal Trade Commission issued a set of guidelines regarding advertising on the web several years ago, known as the "Dot-Com Disclosures". Well, the FTC has decided to revisit these guidelines to determine their applicability with the rapidly changing digital landscapes, and to seek comments from the general public as to what still works and what needs to be fixed. Please enjoy this client alert that details the FTC's efforts in this endeavor.

Commissioner Brill Introduces Competition Analysis to Privacy Debate

FTC Commissioner Julie Brill stated today that "there may be a tipping point" at which self-regulatory privacy initiatives "turn[] anticompetitive, particularly in cases where the mechanisms are developed by a trade association or industry players that have a dominant market position." A self-regulatory privacy proposal could raise "competition concerns," she said, if it "disadvantages competitors of the platform offering the proposal, especially if the platform operator has a dominant market share and is vertically integrated." Proposals offered by a group of rivals or their trade association could raise competition concerns if the rivals "act in ways that favor their own economic interests to the detriment of other competitors and consumers." In the recent Google Buzz settlement, FTC Commissioner Rosch raised similar concerns about whether seemingly pro-privacy moves could have anticompetitive effects.

For more information on Commissioner Brill's Analysis, please read Paul Bond's and Chris Cwalina's article on the Global Regulatory Enforcement Law Blog.

Rep. Markey Releases a Kids Do Not Track Discussion Draft Bill

This post is written by John Feldman and Amy Mushahwar.

Bill Adds to the Web of Proposed Privacy Legislation and Contains Much More Than Kids Do Not Track

Today, Rep. Ed Markey (D-Mass.) circulated a discussion draft of his kids online do-not-track bill, co-sponsored by Joe Barton (R-Tex.) that proposes to make it illegal to use kids' or teens' information for targeted marketing and require parental consent for online tracking of the info. Both Congressmen co-chair the House Privacy Caucus and their kids' privacy bill will join other more generally-applicable privacy legislation pending in the 112th Congress by Representatives Cliff Stearns (R-Fl.), Fred Upton (R-Mich.), Jackie Speier (D-Calf.) and Bobby Rush (D-Ill.) and Senators John Kerry (D-Mass.) and John McCain (R.-Ariz.) with Senator Jay Rockefeller (D-W.Va.) promising to release a generally-applicable privacy bill containing Do Not Track provisions next week.

But, members of the privacy community were expecting this piece of proposed legislation. Markey had promised since late 2010 that the bill was coming. Specifically, the bill would update the Childrens' Online Privacy Protection Act of 1998 ("COPPA") provisions relating to the collection, use and disclosure of children's personal information. Further, it would establish protections for personal information of teens who were previously not addressed in COPPA at all.

Key provisions of the bill include:

Scope Updates: The bill would expand the scope of the definition of covered Internet operators to include online applications and the mobile web. The Federal Trade Commission ("FTC") would also be empowered with rulemaking authority to create more flexible definitions of operators that account for the development of new technology. The also expands the personal information protected to include IP Addresses, mobile SIMs or any other computer or other device identifying numbers.

Privacy Policies/Disclosure: The bill would require online companies to explain the types of personal information collected, how that information is used and disclosed, and the policies for collection of personal information.

Further Parental Choice: In addition to keeping the existing requirements for online companies to obtain parental consent for collection of childrens' personal information, the bill also includes provisions requiring companies to provide parents access to the information collected about their child and the opportunity to opt-out of further use of maintenance of their child's data.

Targeted Marketing Prohibitions for Kids & Minors: Website operators and other online providers would be prohibited from knowingly collecting personal information for behavioral marketing purposes from children and minors. The FTC would be required to issue regulations within one year of the bill's passage.

Digital Marketing Bill of Rights for Teens & Fair Information Practices Principles: This section incorporates the Fair Information Practice Principles ("FIPPs") concept that was in the Department of Commerce's Privacy Green Paper. Under this proposed bill, website operators and other online providers are prohibited from collecting personal information from any minors, unless they adopt a Digital Marketing Bill of Rights for Teens. Such a bill of rights or FIPPs must include provisions regarding data: collection, quality, purpose specification, use limitations, security, use transparency, access and correction.

Geolocation Information Collection of Kids and Minors: Website operators and service providers must establish procedures for notice and choice regarding geolocation information. In the case of information collection from children, an operator/provider must obtain verifiable parental consent before this information would be collected, in most cases.

Eraser Button: Website operators must create an "Erase Button" for parents and children by requiring companies to permit users to eliminate publicly available personal information content when technologically feasible. (Such a provision, however, could lead parents and children into a false sense of security on the web. With multiple outlets for data cashing, it is difficult to wholly erase data on the web.)

Expansion of FTC Jurisdiction to Telecom: In keeping with the Kerry bill, the Markey bill also seeks to expand FTC jurisdiction to telecommunications carriers.

We will be carefully evaluating these provisions while this bill pends, but we can readily identify that complications are likely to arise for marketing to young adults. For example, teens are far more likely to lie when faced with traditional age screens. So, even though the statute contains a 'knowing' information collection requirement, to what degree would marketers be required 'fortify' their existing age screens to account for teens? If more stringent age screens must be employed, will the more tedious screens reduce marketing to adults, too?

If this bill advances on the Hill, please lookout for upcoming privacy bill updates from our team.

Lots of "Buzz" Around Google Buzz

Earlier this week, Google, Inc. agreed to a proposed consent order over charges that it used deceptive tactics and violated its privacy promises to consumers when it launched its social network, Google Buzz. For more on this important development, please click here.

The First of Many?

Have many people realize the digital advertising industry stood witness to two important developments recently? One was a highly publicized incident and the second one, lesser so. First, on Monday of last week, Aflac announced that it was terminating Gilbert Gottfried as the voice for its iconic duck, as a result of a series of inappropriate tweets that he posted the previous weekend about the crisis in Japan. 

The second incident, which in this author’s humble opinion has greater industry-wide implications, was the announcement by the Federal Trade Commission that it reached a settlement with the online ad company Chitika, Inc. over the company’s “opt-out” settings. Chitika is a data analytics and online ad network that utilizes user information to sell and target ads based on likely interest.

According to the FTC, Chitika offered users an opt-out feature that allowed them to “opt-out” of being tracked and targeted online, though only for a mere 10 days. After the 10-day period expired (and each one thereafter), Chitika would resume tracking a user’s online activity unless he/she underwent the same opt-out exercise. According to Chitika, the 10-day timer was an inadvertent and unintentional glitch in the code.  

In the FTC’s settlement:

  • Chitika is restricted from making misleading statements about the way in which it collects and uses consumer data
  • Chitika is required to post a permanent opt-out link on each targeted ad that provides consumers the choice not to be tracked or targeted for at least five years
  • Chitika must destroy any and all identifiable user data that was collected from users who previously sought to opt out before March 1, 2010, and more…

Why is this FTC action so important and relevant to advertisers, ad networks, agencies, data aggregators, etc.? For many reasons, including:

  • It demonstrates through actions, and not just through rhetoric or policies, just how seriously the FTC is taking and policing online behavioral advertising
  • Although this case turns primarily on an ad network saying one thing to consumers/users and seemingly doing something else, the FTC nevertheless believes that it can assert a section 5 FTC Act claim (i.e., deceptive and misleading advertising practices) against a company engaged in online behavioral advertising
  • The FTC seems to reconfirm its belief in the benefits of an opt-out system, and apparently believes that a five-year opt-out is a reasonable period of time
  • In painstaking detail, the FTC actually lays out what it believes to be an acceptable opt-out notice and system, from the number of clicks away a consumer can be from the opt-out notice to the actual opt-out notice text
  • The FTC has ordered Chitika to deliver a copy of the FTC settlement/order to all current and future employees, agents and representatives who are responsible for upholding and enforcing the FTC’s mandate

While this case clearly raises more questions than it delivers answers, it’s essential to appreciate that Chitika’s conduct was deemed deceptive by the FTC, not because it failed to offer a more robust opt-out program to consumers, but because it led consumers to believe they had opted-out permanently, when in reality it was for just 10 days at a time. Although players within the online behavioral advertising ecosystem should begin to look carefully for trends and whispers of best practices according to the FTC, these are not simple issues, and the privacy landscape is getting considerably more complicated and complex. Between proposed federal and state legislation, governmental agency policies and positions, and the DAA’s self-regulatory program taking shape, advertisers, ad networks and agencies alike should be increasingly turning to their privacy officers and legal counsel on these kinds of matters before they run afoul and become the next FTC test case.

Reed Smith Attorney Weighs in on Recent FTC Action

Our Editor-in-chief, Adam Snukal, was recently quoted in an article that appeared in Mobile Marketer concerning an FTC action brought against a company in the financial services industry. The article and quote can be accessed here.

Privacy Remains At the Forefront

Last week saw a flurry of activity on the privacy front, likely unprecedented at least in recent history. Over the course of less than 48 hours, three different privacy bills were introduced in the House of Representatives, one by Rep. Bobby Rush (D-Ill.), and two by Congresswoman Jackie Speier (D-Cal.). Speier is no stranger to the privacy arena, having been the primary driver behind very similar legislation, the California Financial Privacy Act, that was passed in her home state back in 2003. In a somewhat unique twist, Speier introduced two bills on Friday – the "Financial Information Privacy Act of 2011" and the "Do Not Track Me Online Act." We discuss each of the Rush bill and the Speier "Do Not Track Me Online" bill below (with a separate article on Speier’s "Financial Information Privacy Act of 2011" bill to follow shortly).

Rush Bill

Rush’s bill, essentially the same bill he introduced in July 2010 during the last Congress, is focused on enhancing consumer privacy online. Rush’s bill, dubbed "Best Practices Act for Online Privacy," allows for the collection and use of information from consumers, but requires entities to provide consumers with the ability to opt out from such collection, and to obtain a consumer’s consent before his/her data may be shared with any third party. Rush's proposed legislation, which would apply to both online and offline companies collecting personally identifiable data from customers, attempts to build federal standards around the ways personal data can be collected and used.

More specifically, the Rush bill provides (again):

  • Companies are required to provide concise, meaningful, timely, prominent and easy-to-understand notice to users about their privacy policies and practices, including what information and why
  • Internet companies, like search engines and social networks, would be required to get explicit consent from consumers before using any sensitive personal information for commercial purposes
  • Companies that have already collected personal information may keep such data on hand as long as it either serves a legitimate business need or is used for law-enforcement needs
  • State attorneys general may also bring actions against companies that violate customers’ privacy rights, with a maximum penalty of $5 million
  • Companies outside the Federal Trade Commission’s traditional jurisdiction — including financial services firms, nonprofits and agricultural businesses — are exempted
  • The FTC shall be tasked with establishing regulations under this proposed law, including the establishment of a safe harbor program for companies that wish to self-regulate. By voluntarily pledging to follow the new privacy policy, Rush is proposing that companies would no longer need to obtain user consent to share information.

Both in contrast to Speier’s "Do Not Track Me Online" bill and interesting in its own right, Rush’s bill does not mandate a do-not-track mechanism that would give consumers an easy way to opt out of having their Web activities tracked for advertising purposes, as does the Speier bill.

Speier’s "Do Not Track Me Online" Bill

By way of background, the "Do Not Track Me Online" bill is intended to define (i) who is subject to the bill, (ii) the nature of data that is subject to the bill, (iii) the Federal Trade Commission's (“FTC”) responsibility to establish online opt-out mechanisms, and (iv) the penalties assessed against violators of the proposed Do Not Track Me laws, if applicable.

The term covered entity is defined to include any party that collects and stores online data containing covered information in interstate commerce. Covered information is represented by a fairly extensive rundown of information generated from an individual’s online activity, including: (i) the websites and content accessed, (ii) the date and hour of online access, (iii) the computer and geo-location from which online information was accessed, (iv) the means by which such information is accessed (i.e., device, browser or application), (v) any unique user identifiers (i.e., customer numbers, IP addresses, etc.), and (vi) personal information (i.e., name, address, email addresses, etc.).  From there the bill creates a further category – sensitive information. The term sensitive information is defined to encompass medical history (including both physical and mental health information), an individual’s social security number, unique biometric data, race or ethnicity, religious beliefs, sexual behavior, income assets, financial records and related information, and a user’s geo-location information. 

The bill directs the FTC to establish and promulgate, within 18 months from its enactment, standards that establish an online opt-out mechanism that allows consumers to stop the collection or use of any covered information and to require a covered entity to honor such individuals’ opt-out decisions. Moreover, covered entities are required to disclose their information collection and use-practices, and have processes and procedures in place to abstain from the collection of covered information from those consumers that have opted-out of such collection or use, unless the consumer changes his/her opt-out preferences. Moreover, the FTC is given the authority to prescribe regulations it feels are necessary to carry out the purposes of this bill, to perform random audit of covered entities for investigative purposes to ensure compliance with the regulations, and to take any action it deems necessary to monitor, implement and enforce the regulations.

Sensitive to the realities that there are many uses of data, the bill enumerates several data uses that the FTC may exempt from some or all of the regulations. For example, the bill contemplates that there are data uses where consumer choice is not necessary, including analyzing data related to use of a product (e.g., web metrics), customer service, basic business functions (e.g., accounting, inventory, quality assurance and supply chain management), protecting or defending one’s rights or property, and compliance with applicable federal, state or local laws. 

The Speier bill provides that a violation of the regulation amounts to a deceptive and unfair advertising and marketing practice, under 18(a)(1)(B) of the Federal Trade Commission Act (15 U.S.C. 57a(a)(1)(B)). In contrast to the Rush bill, Speier’s bill more closely follows the recent FTC report on Privacy, which asked for comment on a proposed do-not-track mechanism. While the Rush bill contemplates the FTC establishing rules to implement his Best Practices for Online Privacy initiative, Speier’s bill goes further by specifically empowering the FTC under Section 553 of Title 5 to prosecute deceptive and unfair advertising practices. The most immediate challenges facing Speier:  no GOP co-sponsor, she’s not a member of the House Energy and Commerce Committee, and the likelihood that we’ll see several more privacy bills introduced in the coming weeks and months.           

Senate Judiciary Committee on Privacy, Technology and the Law

Lastly, on February 14, 2011, Sen. Patrick Leahy (D-Vt.), Chairman of the Senate Judiciary Committee, announced the creation of a subcommittee on Privacy, Technology and the Law.  The subcommittee will be chaired by Sen. Al Franken (D-Minn.), and its jurisdiction will include oversight of laws and policies that govern the commercial collection, use and dissemination of personal information. Both the niche and agenda of this subcommittee remains somewhat in flux, as is the manner in which this committee will navigate the choppy and increasingly crowded privacy waters. While this subcommittee will increase the Senate’s focus on privacy issues, it is likely to encounter both political and jurisdictional conflicts with the Financial Services and Commerce Committees when proposing legislation.

Why This Is Important

While Congress continues to consider and debate various incarnations of a privacy law and model, this issue is clearly picking up momentum. There is also fervent activity within the states and courts, as privacy causes of action continue to be used by class-action plaintiff attorneys. With the FTC and DOC both issuing final privacy reports this year, 2011 promises to be an interesting year in the privacy world. 

The Industry Speaks Out - Developments Within the Digital Advertising Alliance

This post was written by Edgar Hidalgo.

The online behavioral advertising sector received a rude awakening at the end of 2010 from unsatisfied federal regulators. Both the Federal Trade Commission and the Department of Commerce published reports espousing increased regulation of online behavioral advertising – the former report encouraging Congress to consider a “Do Not Track” regime and the latter expressing an arguably more favorable stance on industry self-regulation. Similarly, legislators on one side of the aisle have introduced online privacy legislation, and those on the other side have at least intimated interest in the issue. Thus, it comes as no surprise that just three weeks into 2011, the advertising industry has taken steps to strengthen its collective effort at keeping the government at bay and beefing up its self-regulation arsenal.

On Tuesday, January 18, the president and CEO of the Association of National Advertisers, Bob Liodice, reached out to the association’s members in direct response to the FTC’s report. Via email, Liodice encouraged the ANA members to adopt privacy best practices and the self-regulation program the association and its progeny, the Digital Advertising Alliance (DAA), published and implemented in the past two years. Additionally, the email was accompanied by a newly drafted toolkit geared to facilitating compliance with these best practices. (The email and toolkit can be seen in full here.)

Right on the heels of the ANA’s outreach, on Thursday, January 20, the DAA announced its approval of a third trustmark privacy platform provider, TRUSTe and its TRUSTed Ads platform. TRUSTe joins DoubleVerify and Evidon as the third approved provider of consumer privacy icons and platforms. These icons and platforms form a significant piece of the DAA’s self-regulation program that seeks to appease privacy concerns by giving consumers clear disclosures on how data collected through ad is used, as well as providing them with opt-out mechanisms. (More details on the DAA program can be found at To encourage advertiser compliance with the DAA’s self-regulation program, TRUSTe is offering its platform for free on a trial basis. With more trustmark ad platform options, the DAA can expect to gain additional buy-in from online advertisers.

While commentary on the FTC report does not close until the end of this month, regulators have clearly presented the ad industry with strong incentives to speed up its self-regulation efforts – and thus far, the industry seems to be responding swiftly.

Reed Smith Partners with ANA to Present on the FTC's Proposed Revisions to the Green Guides

In one of the first in-depth and formative talks delivered on the FTC's recently proposed revisions to its Green Guides, John Feldman of Reed Smith joined forces with Keith Scarborough, Senior Vice President of Government Relations at the Association of National Advertisers, to deliver a teleseminar yesterday (Tuesday, October 12th, 2010) that was widely attended by both attorneys and industry players alike. You can access the teleseminar materials here. The FTC has requested public feedback on its revisions through December 10th, 2010.

If you have questions regarding the Green Guides or wish to explore how the revisions may impact your business, please contact either John Feldman or Adam Snukal.

Reed Smith and the ANA Discuss the Green Guides

If you sign up for only one teleseminar on the FTC's proposed revisions to its Green Guides, make it this one:

Green Marketing: Can the FTC's Green Guides Bring Consumer Perception of Environmental Claims into Focus?

On Wednesday, October 6, the Federal Trade Commission issued its long awaited proposed revisions to its Green Guides. This notice seeks to bring clarity to an array of existing and new environmental marketing terms, like "renewable energy" and proposes ways in which consumers reasonably understand terms, seals, and certifications. The Commission is going to be seeking input from the public and there will be many areas that are sure to impact any marketer who engages in "green" marketing. This is a must attend teleseminar for any executive involved in creating materials promoting green initiatives.

John Feldman is a partner in the D.C. office of Reed Smith in the Advertising Technology & Media Industry Group. John devotes a substantial portion of his practice to providing advice to advertisers on regulatory issues, including environmental claims, behavioral marketing, privacy, sweepstakes, rebates, coupons, and advertising substantiation. John also handles contested advertising matters before regulatory bodies and between competitors, with a particular emphasis on advertising cases before the National Advertising Division of the Council of Better Business Bureaus (NAD).

Keith Scarborough is the Senior Vice President of Government Relations at the Association of National Advertisers (ANA). 

Click here to register by Monday, October 11!

The Green Guides' Proposed Revisions Have Arrived

In what was the next of the Federal Trade Commission’s (“FTC”) pillar documents to undergo an overhaul, the FTC yesterday disclosed its proposed revisions to its Guides for the Use of Environmental Marketing Claims (the “Green Guides”). The Green Guides (16 C.F.R. Part 260) set forth the FTC’s position on permissible environmental claims in advertising. The Green Guides were first issued in 1992 and then revised in 1996 and 1998. The proposed revisions have been released for public comments through December 10, 2010, at which time the FTC will decide on those changes that make the final cut. 

The FTC has communicated that its goal in releasing the Green Guides’ revisions is to provide marketers with guidance in helping them avoid making misleading environmental claims, and also to update the guides and make them easier for companies to understand and use. According to FTC Chairman, Jon Leibowitz: "In recent years, businesses have increasingly used 'green' marketing to capture consumers' attention and move Americans toward a more environmentally friendly future. But what companies think green claims mean and what consumers really understand are sometimes two different things. The proposed updates to the Green Guides will help businesses better align their product claims with consumer expectations." Let’s see…

Adhering to many of the same trends and areas of focus upon which the FTC undertook its revision of the endorsement and testimonial guidelines last year, the FTC has sought to curb unqualified general environmental benefits that are nearly impossible to substantiate, to limit claims as much as possible to those benefits actually realized by consumers, and to ensure advertisers make their disclosures clearly and prominently.

Areas of environmental advertising and marketing taken up within the Green Guides by the FTC include:

  • Certifications and Seals: Third-party certification does not eliminate an advertiser’s need to have substantiation for all claims, and the FTC considers both certifications and seals to be endorsements, and therefore, subject to the FTC’s Endorsement Guidelines;
  • Compostable: An advertiser may not describe a product as “compostable” unless it can substantiate that all of the materials comprising such product will break down into, or otherwise become a part of, usable compost in approximately the same time as the other material with which it is composted;
  • Recyclable: Advertisers may only assert an unqualified “recyclable” claim if a “substantial majority” of consumers have access to recycling facilities. Otherwise, advertisers shall be required to qualify a “recyclable” claim depending on whether a “significant percentage” have or lack access to recycling facilities;
  • Degradable: An advertiser should only qualify a product as being “degradable” if it can substantiate that the entire product or product packaging will completely break down and return to nature within one year of customary disposal practices. Accordingly, advertisers should not make unqualified “degradable” claims for items likely destined for landfills, incinerators or recycling facilities.

Among a number of hot-button issues which the FTC took up, a great deal of discussion centers on the issue of an advertiser’s use of the word “free” in its advertising and marketing materials. The FTC has proposed that advertisers may not employ the expression “free” to describe the absence of a substance if: (i) the item has substances that pose the same or similar environmental risks as the mentioned substance, or (ii) the substance has never been associated with the product category. Interestingly, the FTC recognized that use of the term “free” may convey (intentionally or not) additional environmental claims such as superiority over other products, and these claims will also require substantiation.

Some of the new areas taken up by the FTC in its proposed revisions include claims that products are manufactured using (i) renewable materials, (ii) renewable energy and (iii) carbon offsets. Of interest however, is the fact the FTC chose not to address use of the terms “sustainable,” “natural” or “organic.”

We intend to issue a more detailed client alert on the proposed revisions to the Green Guides in the coming days, so stay tuned. As always, if you have any questions or concerns regarding the FTC’s announcement and the proposed revisions, please feel free to contact Doug Wood, John Feldman or Adam Snukal.

Release of Revised FTC Environmental Marketing Guidelines, October 6, 2010 at 11 AM

This post was written by Dan Jaffe.

We have been informed by several sources that the Federal Trade Commission will release its revised Environmental Marketing Guides on Wednesday, October 6, 2010 at 11 AM. These revisions are in response to the FTC’s review of its current guidelines on the use of green marketing terms, which began in 2008. It is expected that the revised guidelines will be more extensive and wide-ranging than those currently in place. The release will be in the form of a proposal, and comments will be requested. We will closely monitor new information about the release as we receive it. Our office will keep you informed about any actions we may take in response to this release.

If you have any questions about this matter, please contact Dan Jaffe in ANA’s Washington office at 202-296-2359 or at


The Federal Trade Commission testified that while teens are heavy users of the digital environment and may benefit from using the Internet to socialize with peers, learn about issues that interest them, and express themselves, it also can pose unique challenges for them. The FTC testimony to the Senate Committee on Commerce, Science, and Transportation, Subcommittee on Consumer Protection, Product Safety, and Insurance notes that the Commission will continue to use law enforcement, education, and policy tools to protect teens in the digital environment.

ANA Wins Major Legislative Victory on New FTC Enforcement Powers

This post was written by Dan Jaffe.

ANA and the entire marketing community won a major victory on the day after we celebrated our 100th anniversary!

At 3:05 AM this morning, Senate and House conferees approved the final version of the Wall Street reform legislation. Fortunately for us, that bill does not include the sweeping new enforcement powers for the Federal Trade Commission (FTC) that were included in the House version. Those changes would have serious implications for every ANA member.

The House passed its version of the financial regulatory reform bill last December. Buried in that bill were three critical changes in FTC authority:

  • Repealing the Magnuson Moss rulemaking procedures (including the requirement that an activity be “prevalent” in an industry before Commission action) and allowing the FTC to promulgate broad industry-wide rules on any consumer protection matter in a highly expedited procedure – all done with a lower standard of judicial review;
  • Expanding the FTC’s authority to immediately impose civil monetary penalties for any violation of the FTC Act without the involvement of the Department of Justice;
  • Providing new liability for “aiders and abettors” of companies that violate the FTC Act, potentially putting thousands of companies at risk by running ads.

These changes were not limited to the authority of the FTC over financial products and services. They would have applied to the broad regulatory authority the FTC has over almost every segment of our economy, including anti-trust.

These expanded powers were not included in the Senate’s version of the financial reform bill. ANA and our member companies and other industry groups met with all of the conferees and more than a hundred other members of both the Senate and House to argue that these sweeping changes should be separately considered as part of FTC reauthorization rather than being added to the Wall Street reform bill.

House Energy and Commerce Committee Chairman Henry Waxman aggressively pushed for these changes at several points during the conference. Each time, Senate Banking Committee Chairman Chris Dodd and other Senate conferees held firm in opposition to these provisions.

While our victory in the conference committee is important, it is clear that these issues will not go quietly into the night. ANA and other industry groups met earlier this week with Senate Commerce Committee Chairman Jay Rockefeller to discuss these issues. Chairman Rockefeller stated that he will continue to aggressively push for new enforcement powers for the FTC during this Congress. We expect Chairman Waxman to join that effort and it is likely to begin very soon.

We believe this was one of the most concerted across-the-board efforts of the ad community. Throughout the past several months, we have worked closely on these issues with virtually every segment of the ad community. We continuously alerted our members to developments and got a number of member companies actively involved in the fight. We should feel very proud of this success which was not certain until the final minutes of the conference committee.

If you have any questions about this matter, please contact Dan Jaffe ( or Keith Scarborough ( in ANA’s Washington, DC office at (202) 296-1883.

@SecuredTweets: Twitter settles privacy charges brought by Federal Trade Commission

Today, Twitter and the Federal Trade Commission settled charges that the micro-blogging site had engaged in unfair and deceptive trade practices because of “serious lapses in the company’s data security.” The FTC began an investigation into Twitter after hackers obtained administrative control of the service, accessed tweets that consumers had designated private, and sent out phony tweets (from then-Presidential candidate Barack Obama, Fox News, and others).

In its complaint, the FTC alleged that Twitter was vulnerable to these attacks because it failed to take certain reasonable steps to prevent unauthorized administrative control of its system. Those steps included:

  • Requiring employees to use hard-to-guess administrative passwords that are not used for other programs, websites, or networks
  • Prohibiting employees from storing administrative passwords in plain text within their personal e-mail accounts
  • Suspending or disabling administrative passwords after a reasonable number of unsuccessful login attempts
  • Providing an administrative login webpage that is made known only to authorized persons and is separate from the login page for users
  • Enforcing periodic changes of administrative passwords by, for example, setting them to expire every 90 days
  • Restricting access to administrative controls to employees whose jobs required it
  • Imposing other reasonable restrictions on administrative access, such as by restricting access to specified IP addresses

Under the settlement, the FTC will require Twitter to set up a new security program to be assessed by a third party. It will also be prohibited from what the agency described as “misleading consumers about the extent to which it maintains and protects the security, privacy, and confidentiality of nonpublic consumer information, including the measures it takes to prevent authorized access to information and honor the privacy choices made by consumers.”

According to the FTC, this marks the 30th case brought as a result of lax security procedures, and the first against a social network.

Why This Matters:  As we have known for some time now, privacy is a hot-button issue at the FTC. To avoid an FTC investigation, you must consider whether your current privacy practices live up to both: (1) what the Commission considers “standard, reasonable” security procedures; and (2) your own privacy policy, which operates as a set of promises to consumers who use your service/patronize your business. If your security procedures fall short of either mark (or worse, both), the FTC could come calling. This then begs the question, when was the last time you audited your security and privacy procedures?

FTC Issues Closing Letter in Gift to Blogger Case

Making good on its suggestion that advertisers who have blogger policies might fare better than those who don't, the FTC yesterday announced the closing of an investigation into Ann Taylor Stores Corp.'s advertising practice whereby its LOFT division would send free goods to bloggers to preview. The FTC decided to close the case because (1) the previewing event was a one-time isolated incident; (2) only a few bloggers posted reviews; and (3) LOFT had a written policy (adopted after the launch of the event) stating that LOFT will not issue any gift to any blogger without first telling the blogger that the blogger must disclose the gift on his or her blog. The Commission, in letting Ann Taylor Stores off the hook, left the advertiser with a parting warning: "The FTC staff expect that LOFT will both honor that written policy and take reasonable steps to monitor bloggers' compliance with the obligation to disclose gifts they receive from LOFT."

What This Means

The fact that the FTC even initiated an investigation is troublesome and should not be lost in the salve of the closing letter. The "previewing event" that the advertiser engaged in was not an online event. It was a physical event that people (identified by the FTC staff as "bloggers") attended in order to view a preview of LOFT's Summer 2010 collection. A sign at the preview told bloggers that they should disclose the gifts if they posted comments about the preview. The FTC alleged that LOFT had an expectation that the people attending the previewing event would blog about the collection. One might question how much knowledge Ann Taylor actually had about who the people at the preview were. Were they all very well known fashion critics who just happened to use social media to publish their reviews? What if there was a fashion show to which members of the world press were invited? It's not beyond the realm of imagination to presume that everyone who attended would get some token from one or more designers in a gift bag, etc. Obviously, the designer wants the reviewer to write something positive about the products. Is this an example of how the FTC will look at bloggers differently from "traditional media"? And, what does this mean for other industries where gifts at trade shows are commonplace? Will a sign at the booth be necessary or even sufficient? Is swag at a trade show now subject to the testimonial guides? The answer should be no, but, the fact that this investigation was even pursued suggests that just letting people come to a site to look at or sample products, with some knowledge that the people might be likely to write a review about the products, creates a situation in which any gift to the attendee could taint the resulting review, turning it into "sponsored" speech and subjecting it to FTC scrutiny under section 5 for failure to disclose a material connection. Maybe more analysis was undertaken by the FTC staff to determine whether there was any sponsored speech. Or, maybe some of the blogger paranoia that has accompanied the revised Testimonial and Endorsement Guides was justified after all.

There is an 'I' in Behavioral Advertising

Coming soon to many websites near you (possibly…), you may find a slew of little blue “I” icons populating the Internet. This icon represents the latest collaboration between the Federal Trade Commission, Congress and the advertising industry to create a standardized icon, known as the “Power I,” intended to notify consumers of the online behavioral advertising practices and policies that are followed by specific websites and advertisers. Online behavioral advertising is essentially the practice carried out by some advertisers to collect and use consumers’ surfing history, demographic profiles and other personal data to deliver ads tailored to their unique and individual interests. More formally, online behavior advertising is “the collection of data from a particular computer or device regarding Web viewing behaviors over time and across non-Affiliate Web sites for the purpose of using such data to predict user preferences or interests to deliver advertising to that computer or device based on the preferences or interests inferred from such Web viewing behaviors.”

The “I” is intended to essentially function as both a trusted standard in the area of behavior advertising that consumers will immediately identify, and also as a link that, when clicked on, will take a user to a separate web page detailing why particular ads are being shown to him or her. Although websites or ads are not legally required to post the “I,” the leading trade associations behind this initiative are clearly hoping that the advertising industry will adopt this new measure, and thereby avoid the need for further government action and regulation. A detailed description / PR campaign of the “Power I” initiative has already been launched and can be accessed here, and a second PR campaign is underway.

While it’s far too early to gauge the effects of the Power I, its rate of adoption among industry players, and its success in staving off governmental action, this program is certainly an important step in the right direction, namely, a step toward further transparency and consumer education. This author wants to know if we’re likely to see a “Power C” for user consent and/or a “Power R” for data retention practices.

Déjà Google

Give Google credit that when it announced its acquisition of AdMob, a leading provider of mobile advertising services and technology, in November 2009, it proactively addressed the likelihood of a Federal Trade Commission (FTC) investigation into the transaction. Google even went as far as posting a web page that the media, regulators and other interested parties alike could access that explained why it believed the deal did not pose any “competitive” (note: antitrust) concerns.  Whether it was a self-fulfilling prophesy or just an inevitable step whenever Google makes an acquisition in the digital advertising space, Google last week announced it received a second request for information from the FTC on the AdMob acquisition. This, however, is familiar territory for Google, which has been the target of government scrutiny over previous deals. The FTC held an eight-month investigation into Google's plan to buy DoubleClick Inc. in 2007 before approving that transaction, and last year Google walked away from a search deal with Yahoo after the U.S. Justice Department indicated that it would consider blocking the agreement and strategic alliance.

What Google may not have expected is the data privacy and consumer protection industry group backlash that has taken up the not-yet-completed transaction as a struggle to protect consumer data and the mobile advertising market. At least two prominent consumer groups reportedly approached the FTC, asking it to block the acquisition, arguing that a Google/AdMob combination would put “significant amounts of data for tracking, profiling and targeting” of U.S. mobile consumers into the hands of a single advertising network. Google and AdMob combined will form the largest mobile-advertising company, with 30 to 40 percent of the market, according to Karsten Weide, an analyst with researcher IDC in San Mateo, California. These groups want the FTC to consider whether Google's access to AdMob's technology will give it an unfair advantage in selling mobile advertising.

Understandably, Google has asserted that the economic/market impact of such an acquisition would be almost impossible to measure against the dozens of other mobile ad networks that compete with AdMob on a daily basis. Moreover, a spokesperson for Google has suggested the deal will provide users with more free mobile applications, in some cases as an alternative to pay-to-download apps, since it will allow developers to subsidize their products through better and more targeted mobile advertising.

One interesting issue that has arisen from this and other similar transactions over the past couple of years is whether and how consumer privacy fits into an FTC antitrust analysis. It is well documented that the FTC primarily rests its antitrust analysis on two categories: (i) agreements that are per se illegal, and (ii) agreements that are analyzed under the Rule of Reason. Types of agreements that have been held per se illegal include agreements among competitors to fix prices or output, rig bids, or share or divide markets by allocating customers, suppliers, territories, or lines of commerce. On the other hand, agreements not challenged as per se illegal are analyzed under the Rule of Reason to determine their overall competitive effect. A Rule of Reason analysis entails a flexible inquiry and varies in focus and detail, depending on the nature of the agreement and market circumstances. While this analysis still begins with a review of the primary agreement (e.g., merger, joint venture, license, etc.) driving the FTC’s analysis, it will then extend to other external factors.

Largely until 2007 and the Google/DoubleClick transaction, the issues and types of analysis described above were primarily centered on consolidations and combinations of goods and services, and not privacy or consumer information. During the FTC’s review of Google’s acquisition of DoubleClick, however, all five FTC commissioners who reviewed that transaction agreed that data privacy can constitute a form of non-price competition under a Rule of Reason analysis and, where/when appropriate, should be considered as one of many pieces in their study and review of a prospective transaction. In fact, the FTC, in its decision approving the Google/DoubleClick transaction, provided, “We investigated the possibility that this transaction could adversely affect non-price attributes of competition, such as consumer privacy.” At the core of the FTC’s review was whether, given the nature and economics of online and digital advertising, the concentration of user information that results from a Google/DoubleClick combination meant that no other company would be able to buy, target and optimize ads as profitably, thereby substantially reducing the ability of other ad networks to compete.

On what basis, then, is consumer privacy evaluated? Proponents have successfully argued that privacy harms can reduce consumer welfare, which is a principal goal of modern antitrust analysis. In addition, these same groups have argued that privacy harms can lead to a reduction in the quality of a good or service, which is a standard category of harm that results from excessive market power. On the other hand, those who oppose the incorporation of a privacy review in any antitrust analysis generally rest their argument on two points: (i) they disagree that privacy is a competition-related issue and point to precedents in which non-competition issues (like pollution) have not been traditionally factored into an antitrust analysis, and (ii) these transactions have proved themselves to create market efficiencies and improved offering/technology that ultimately benefit consumers with a more personalized online experience. This latter opinion may best be summarized in a Yahoo statement from 2008: “The advertising model has made Internet content and services available to millions of people in the United States and around the world—for free. The business model of relying on advertising revenue to fund websites has meant that vast amounts of information on the Internet has been fully accessible to people of all ages and income levels.”

Why this Matters: 

Those who ignore history are doomed to repeat it. Our economy today is flush with companies that have been created to essentially trade in almost every aspect of behavioral advertising and consumer data. In fact, one might argue that consumer data has become a currency of sorts in the digital advertising and media industries. As consumer privacy becomes, on the one hand, increasingly protected by both legislation and self-regulatory initiatives (leaving aside the even more complex discussion of the implications of cross-border transactions and acquisitions where the same piece of consumer data may be subject to varying laws), and also a valuable commodity that is highly sought after, companies should be more aware of the legal implications associated therewith in all spheres of their business – including the arena of mergers and acquisitions. Whether one agrees that consumer privacy should be factored into an FTC antitrust analysis or not, it seems unlikely that the FTC will shift from the position it seems to have taken (as evidenced by the Google/AdMob transaction) over the past couple years, and therefore, companies that are contemplating mergers or acquisitions in the digital media and advertising arenas should at least consider the implications that consumer privacy may have on their deals.

Self-Regulation Once Again Called into Question by FTC as It Revisits Violence in Music, Movies, and Electronic Games Advertised to Children

On December 3, 2009, the FTC released a report to Congress that outlined various ways in which self-regulation has not done enough to limit advertising to children of music with explicit lyrics, and movies and games that depict violence.

The report spans various media platforms and contains specific recommendations to the entertainment industry. 

  • The movie industry and the music industry should develop specific and objective criteria to restrict marketing of violent movies and music to children.
  • The FTC is looking for restrictions not only for advertising R-rated movies in venues reaching a substantial under-17 audience, but also for the advertising of PG-13 movies in venues reaching a substantial under-13 audience.
    • These criteria should apply both to direct advertising of the movie and to indirect promotion of the movie through tie-in advertising of foods, toys, and other licensed products appealing to children.

    • The FTC also recommends that the music industry should implement restrictions for all Parental Advisory Label (PAL)-stickered music in venues reaching a substantial under-17 audience.

  • The criteria implemented by the movie and music industries should include not only the percentage of the underage audience, but also other factors like the absolute number of children reached, whether the content is youth-oriented, and the youth popularity and apparent ages of the characters and performers.
  • The movie, music, and electronic game industries should evaluate their restrictions and tighten them as necessary, paying particular attention to online and viral marketing, to ensure that advertising is not placed in venues reaching large underage audiences.
    • The movie industry should increase enforcement efforts against online posting of “red tag” trailers without adequate age-based restrictions on access.

    • The movie industry should carefully examine the content of “appropriate audience” trailers for consistency with the feature films they will precede.

    • The movie industry should place all rating information prominently on the front of DVD cases and other packaging for home releases of movies and should make disclosure of both rating and rating reasons prominent in all advertising venues.

    • The music industry should display the PAL more prominently in advertising, particularly in television and online venues, and should provide information about the specific type of explicit content.

    • The electronic game industry should include content descriptors with the rating on the front panel of game packaging and should continue to provide more detailed rating summaries for parents online.

    • The movie industry should take steps to better inform parents about additional adult content in unrated DVDs and should give parents a way to assess the appropriateness of unrated versions for their child.

  • Specifically, the industry should either re-rate DVD releases that contain additional content or, at a minimum, extend the new disclosure rule regarding the content of unrated DVDs to all forms of advertising and improve the level of compliance with the rule.
  • Retailers and theater owners should continue to strengthen enforcement efforts restricting the sale of tickets to R-rated movies, R-rated and unrated movie DVDs, PAL-stickered music, and M-rated games to children, paying attention to possible enforcement gaps created by the use of gift cards for online purchase.

Since the FTC issued its first report on marketing violent entertainment to children in 2000, the agency has called on the entertainment industry to be more vigilant in three areas: restricting the marketing of mature-rated products to children; clearly and prominently disclosing rating information; and restricting children’s access to mature-rated products at retail.  This latest report found areas for improvement among music, movie, and video game marketers, but credited the game industry with outpacing the other two industries in all three areas.

The report, entitled “Marketing Violent Entertainment to Children: A Sixth Follow-up Review of Industry Practices in the Motion Picture, Music Recording & Electronic Game Industries” analyzed information from sources including marketing documents submitted by industry members, an undercover “mystery” shopper survey, consumer surveys conducted in shopping malls and by telephone, “surfs” of industry Web sites, and data acquired from proprietary ad-monitoring services.  Findings included:

  • Music: While the music industry’s Parental Advisory Label alerts parents to explicit lyrics in recordings, it does not provide information about the nature of that content.  The music industry has declined to implement rules restricting the marketing of explicit-content labeled music to children.  The report does not find any indication of specific targeting of children, but does show numerous examples of ads for explicit-content music on television programs popular with teens.  Disclosure of the label in advertising is still spotty, including on official artist and company Web sites, where the label usually is not readable.  Television ads display the explicit content label only half the time and even then usually not prominently.  Music CD retailers and online download sites, by contrast, do an excellent job of displaying the parental advisory label.  Finally, retailers do not effectively prevent children from buying explicit-content music, with seven in 10 underage shoppers able to buy CDs with a Parental Advisory Label.
  • Movies: Although the movie industry determines on a case-by-case basis whether a PG-13-rated film may be advertised to children under 13, there is no explicit policy restricting such marketing.  As detailed in the marketing plans reviewed by the Commission, movie studios targeted violent PG-13 films to children under 13 both through advertising and promotional tie-ins with foods, toys, and other licensed products.  Studios continued to place a significant number of ads for violent R-rated movies on television shows and Internet sites highly popular with children under 17.  Increasingly, industry members post “red tag” trailers for R-rated movies, intended for age-restricted audiences, on the Internet without age-based access restrictions.  Although the MPAA rating and rating reasons are not always prominent, the industry generally does display the MPAA rating in advertising. Rating information on DVDs is not prominently placed; moreover, more and more DVD versions of movies are not rated, and some studios hype the lack of a rating.  The Commission’s research shows that parents are not adequately informed that unrated DVDs may contain additional violent or adult content.  On the positive side, theaters denied 72 percent of underage shoppers admission to R-rated movies, a significant improvement from 2006 and even more so from 2000. Most retailers, however, continue their poor record of enforcement against underage purchase of R-rated and unrated DVDs.
  • Electronic Games: The FTC finds a high degree of compliance with the video game industry’s marketing and advertising rules, although these standards allow game marketers to advertise on many television shows and Web sites popular with children.  Further, retailers are enforcing age restrictions on the sale of M-rated games to children, with an average denial rate of 80 percent.  The report notes, however, that children may be able to obtain M-rated games by, for example, using retailer gift cards online.  Finally, the proliferation of game applications for mobile devices provides challenges – for example, some companies do not provide any rating system for games available on their networks, and there is no consistent system of age-based parental controls for these applications.

More Perspective on the FTC's Recently Updated Endorsement and Testimonials Guides

On Tuesday, Dec. 1, 2009, the revised "Guides Concerning the Use of Endorsements and Testimonials in Advertising" released by the Federal Trade Commission came into effect. John P. Feldman, an authority in these types of advertising regulations and compliance, put together some thoughts concerning the implications of these Guides upon coming into effect, continuing his thoughtful and practical analysis. John's analysis asks and answers the following questions about these Guides:

  • What does this mean for advertisers?
  • What is the most dramatic shift in enforcement policy?
  • What will this mean for advertisers that use celebrity endorsers?
  • How much control should sponsoring advertisers exercise over endorsers in new media channels?
  • What impact will the FTC's new approach to clinical trials have on the OTC, cosmetic, and pharmaceutical industry?
  • Is there a role for self-regulation and what do you make of the proposed "best practices" recently announced by the Word of Mouth Marketing Association (WOMMA)?

John's analysis can be downloaded here.

More New Faces at the FTC; Reed Smith Client Alert

As we continue to follow the important (and seemingly daily) developments within the Federal Trade Commission, it's our pleasure to provide you with the following Client Alert that discusses President Obama's very recent nomination of Julie Brill and Edith Ramirez to open FTC Commissioner Post.

The Impact of the CFPA Act on the FTC

To:  ANA Washington and Legal Representatives

From:  Dan Jaffe 

Re:  The Impact of the CFPA Act on the FTC

Date:  October 28, 2009


We sent out a letter to the House Energy and Commerce Committee regarding the CFPA Act last night. A markup in that Committee has been scheduled for tomorrow. We hope that the Committee will hear from numerous sources about the problems with this bill. If you have any questions, please feel free to call me or Keith Scarborough, our Senior VP, Government Relations.


Dan Jaffe
EVP, Government Relations
Association of National Advertisers
202-296-2359 office
646-369-4886 cell

Markup on FTC provisions in the CFPA legislation

To:  ANA Washington and Legal Representatives

From:  Dan Jaffe

RE:  Markup on FTC provisions in the CFPA legislation

Date:  October 27, 2009


The markup is expected on the CFPA bill imminently. Apparently, Chairman Waxman of the House Energy and Commerce Committee appears poised to give the FTC its complete wish list as described in the attached letter from FTC Chairman Leibowitz without any hearings or careful consideration. We will have another letter out opposing all this later today and hope others will be weighing in as loudly as possible. It appears that we will be facing a new powerful CFPA, a dramatically strengthened FTC and states that can have even more extensive regulation. This multiple overlapping regulation is particularly harmful for those who need to run coordinated national advertising campaigns. If the FTC gets immediate civil penalty authority, the dollar risk for every company will also go up astronomically. Not a pretty picture. Hopefully, the opposition will increase and we can chip away at some of this as we go through the process.

If you have any questions or comments about the impact of the CFPA on the marketing community, please contact Dan Jaffe ( or Keith Scarborough ( in ANA’s Washington, DC office at (202) 296-1883.

Antimicrobial Claims Give Rise to EPA Enforcement

Samsung allegedly made advertising claims stating that its keyboards were antimicrobial and inhibited germs and bacteria. Because these were essentially pesticide claims, they fell under the jurisdiction of the EPA, which enforces the Federal Insecticide, Fungicide, and Rodenticide Act (FIFRA). Under FIFRA, before a pesticide can be sold or distributed in the United States, the manufacturer must register with the EPA. Samsung didn't do that, and EPA brought an enforcement action. Under the resulting order, Samsung will pay a $205,000 fine, and will provide a certification that it has complied with FIFRA by removing all pesticidal claims made in connection with the sales and distributions of these products. Additionally, Samsung agreed to notify its retailers and distributors to remove any pesticidal claims from labels, promotional brochures and Internet/Web-based content for the subject products.

Why This Matters

Advertising for certain products and services is regulated by agencies other than the FTC. Moreover, there are situations, as here, where a product whose advertising otherwise would be regulated by FTC suddenly becomes subject to another regulatory regime because of the type of claim being made.

FTC Releases Updated Guidance on Endorsements and Testimonials

An important and relevant topic that has been addressed through several articles on Adlaw by Request in the past is the FTC’s position and guidance on endorsements and testimonials in advertising. Moreover, in a digital, social media age where blogs, social networking sites and other real time digital tools have become commonplace for user and advertiser alike, the line between them can and often has become awfully blurred. This, and many other examples, are addressed in the FTC’s long-awaited revised "Guides Concerning the Use of Endorsements and Testimonials in Advertising," issued yesterday. As reported previously on Adlaw by Request, the final revisions are intended to update the FTC’s guidance, last revised in 1980, and provide advice to advertisers and agencies regarding compliance with the FTC Act.

The principle espoused and defended by the FTC that a consumer should be informed of any material connection between the advertiser and the maker of the statements is expressly set forth in the FTC Guides, even though these cases were always fact-sensitive and subject to review on a case-by-case basis.  The analysis will, as always, turn on facts that may or may not support the existence of a “material connection,” but if a company, for example, sponsors research about its products or services (or potentially about the products or services of a competitor, if the results will be used in a comparative ad), that same company must disclose its sponsorship in the ad. Similarly, although consumers may expect celebrities to be paid for appearing in commercials, if an endorsement is made outside that context – for example, on a talk show, at a book signing, at a motion picture premiere, or on Facebook, Twitter or other social media – any material relationships and connection must be disclosed.

For more information on this topic, our esteemed colleague Joe Rosenbaum presented a seminar entitled, "Trust Me, I'm a Satisfied Customer: Testimonials & Endorsements in the United States" at the University of Limerick this past July. You can go to the previous Legal Bytes blog post and download a copy of Joe’s presentation at any time.

Want to know more about the FTC Guides, or the implications to social media advertising and marketing, or traditional advertising?  Feel free to contact me or the Reed Smith attorney with whom you regularly work.

Are self-regulatory ad guidelines sufficient to satisfy federal regulators?

Reprinted with permission from Mobile Marketer at

Earlier last month the leading media, advertising and marketing trade associations, including the American Association of Advertising Agencies, Association of National Advertisers, Interactive Advertising Bureau, Direct Marketing Association and the Better Business Bureau, representing an overwhelming majority of industry participants, released their Self-Regulatory Principles for Online Behavioral Advertising (the “principles”), with the objective of protecting consumer privacy in ad-supported interactive media.

These generally follow the advisory principles that were released in February 2009 by the Federal Trade Commission. In fact, upon the FTC’s release, then-commissioner Jon Leibowitz remarked that anything industry can do to adopt, promulgate and enforce the principles represents “the last clear chance to show that self-regulation can – and will – effectively protect consumers’ privacy in a dynamic online marketplace.”

The principles were aimed at the following categories: education, transparency, consumer control, data security, material changes, sensitive data and accountability. Each principle is well thought out and tailored to specific areas within the universe of online behavioral advertising.

These principles can be summarized, in part, as follows:

  1. Educate consumers and businesses about online behavior advertising.
  2. Disclose and inform consumers about data collection and use practices, including various forms of notice that may be required depending on the nature of the data collected and the party collecting it.
  3. Give consumers options regarding the collection, use and sharing of information to non-affiliates.
  4. Require service providers and carrier networks – for example, non-first or third parties – to obtain consent before a user’s data may be used for behavioral advertising.

    Thereafter, the data may only be obtained for as long as necessary to fulfill a legitimate business need, or as required by law.
  5. Special treatment afforded to sensitive information, such as medical and financial information, as well as information from users under the age of 13.

    Moreover, service providers engaged in online behavioral advertising should undertake steps to help preserve the de-identified status of data collected and used if and when that data is shared with non-affiliates.
  6. Entities should maintain appropriate physical, electronic and administrative safeguards to protect the data collected and used for online behavioral advertising purposes.
  7. A user’s consent must be obtained before either a Web site or some other third party uses the previously collected data for materially different behavioral advertising purposes. Typically, a material change would be a more expansive collection or use of data than previously disclosed to the user.
  8. Establish accountability processes that should consist of monitoring programs, complaint procedures, reporting and compliance requirements, enforcement and public disclosures of offenders.

Does any of this sound familiar?

As early as 2007, many leading agencies, aggregators and publishers throughout the mobile marketing industry have stood behind most of these same principles and incorporated them into various codes of conduct and best practices.

Less talk, more teeth

Albeit in a somewhat different medium, the commonalities between data collected via the Web and that which is collected by mobile marketers are substantial.

Appreciating the sensitivity of a person’s confidential and/or personally identifiable information and the harm that can result from misuse, the mobile marketing industry instituted similar policies, including:

  1. Notice: Mobile marketers are required to inform consumers of the marketer’s identity and products/services offered, as well as the key terms and conditions that will govern the interaction between a marketer and the user.
  2. Consent: Mobile marketers must ask for and obtain explicit opt-in consent by a user for each mobile marketing program. Consent may not be carried into other marketing programs unless the user has consented to such communications.
  3. Constraint: Mobile marketers must limit and target the mobile messages to that which the user requested.
  4. Security: Mobile marketers must implement reasonable technical, administrative and physical procedures to protect the user information that is collected in connection with mobile marketing programs.

The one area in which the principles clearly extend beyond the codes of conduct and best practice documents born out of mobile marketing is in the area of enforcement and accountability.

For example, the Mobile Marketing Association has seemingly acknowledged its limited enforcement capabilities by stating in its Code of Conduct that “… until the Code can be enforced effectively by a third-party enforcement organization, mobile marketers are expected to use evaluations of their practices to certify compliance with the Code.”

In contrast, the Web principles expressly state in one place that “… any actions taken with respect to instances of non-compliance with be publicly reported by the programs” and in another, “When an entity engaged in [O]nline [B]ehavior [A]dvertising is informed by a program regarding its non-compliance with the Principles … The programs will send the public reports of uncorrected violations to the appropriate government agencies.”

Moreover, the Council of Better Business Bureaus, along with the Direct Marketing Association, has agreed to implement accountability programs to promote widespread adoption of the Web principles.

The one question that many industry experts are still asking themselves is whether the self-regulatory principles instituted by both Web and mobile industry players is sufficient to keep the federal government on the sidelines.

There still appears to be strong indications to suggest that Congress will be taking its turn by enacting general consumer privacy legislation, which may provide some absolute protections, and give both the FTC and Federal Communications Commission greater authority to regulate in this area.

Interestingly, Chairman Boucher of the FCC keyed in on this theme when he was asked during some recent hearings in Washington how statutory and regulatory regimes could exist on top of a self-regulatory one and how would consumers know where to turn in such a maze?

While the similarities between the Web principles and the mobile industry’s primary code of conduct are striking though not all that surprising, the uniform message that is being conveyed by all concerned participants in the digital advertising industry is clear – a new day has arrived in which transparency, education and reasonable choice for consumers must be part of the online advertising industry’s best practices.

The successful marketers going forward will be those that understand and appreciate this message, and build cultures which foster – rather than circumvent – respect for the consumer while continuing to market, advertise and promote the goods and services which are so intertwined in our daily lives.

Reprinted with permission from Mobile Marketer at

Companies Big and Small Get Higher Education about Red Flag Rules

As an update, the FTC has just announced that the enforcement date of the Red Flags Rule is being extended again, this time until November 1, 2009. Here is the agency press release.

You can find more information about Red Flag Regulations at Reed Smith's Life Sciences Legal Update blog. 

Banking on the Banks

As the Federal Trade Commission continues to step up its efforts to police deceptive advertising across industries and product categories alike, other governmental divisions are following suit. The FDIC, for example, has turned its attention to financial institutions alleged to be engaging in deceptive practices related to credit card solicitations and credit card rate increases—the first such actions of this nature for the FDIC since its action against CompuCredit in 2008.

The FDIC recently announced the issuance of two cease-and-desist orders—one against American Express Centurion Bank and the other against Advanta Bank Corp, both for deceptive credit card practices. 

The order issued against American Express Centurion Bank (“AMEX”) alleged that the bank failed to provide timely notices to cardholders that their credit lines were being reduced, at the same time that the bank sent them convenience checks. Consequently, when cardholders tried to use the checks—believing they had credit limit room—the checks were dishonored, resulting in the consumers incurring bounced check fees, which the FDIC alleged was an unfair practice under Section 5 of the FTC Act. AMEX agreed to make restitution of $160 per dishonored check, or an aggregate of approximately $3 million, as well as to implement new procedures for reviewing credit limits and notifying consumers of changes to their limit. The institution also agreed to establish procedures that would allow customers to obtain pre-authorization to use a convenience check, before using the same to make purchases. 

The order issued against Advanta Bank Corp. (“Advanta”) (which ceased issuing cards in May 2009) alleged that Advanta marketed and advertised a cash-back reward feature on certain of its business credit card accounts that was rarely attainable, if at all. For example, the advertised percentage cash-back was only available for certain purchases, and indeed, the FDIC alleged that it was effectively impossible to earn the stated percentage of cash-back reward payments, thereby rendering Advanta’s marketing materials as deceptive. As a result, the FDIC concluded that Advanta’s solicitations were likely to mislead a reasonable customer, and therefore, Advanta engaged in a pattern of deceptive acts or practices in violation of Section 5 of the FTC Act.

The FDIC also alleged that Advanta had substantially increased annual percentage rates (APRs) on cardholders that had neither exceeded their credit limits nor were delinquent in making payments on their accounts. The FDIC alleged that these rate increases had been implemented in an unfair manner, and without adequate notice as to (i) the amount or the reason for the increase, or (ii) the procedures to opt-out of the rate increase.

These questionable practices have also led to the recent decision of both the American Arbitration Association (“AAA”) and the National Arbitration Forum (“NAF”) to cease providing a forum for disputes between customers and their credit card companies (as well as cellphone companies). The AAA has stated that it will stop participating in consumer-debt collection disputes until new guidelines are established. Among the problems cited by both groups, provisions such as mandatory arbitration hearings in credit card agreements require customers to unknowingly waive important rights. According to the Minnesota Attorney General, Lori Swanson, who recently settled with the NAF over arbitration / debt-collection practices, “This is an issue beyond any one problem company. It is a systemic industry wide problem. Consumers are giving away rights without evening knowing it.” The practice of arbitrating consumer-debt collection matters has also caught the attention of Congress, where a congressional sub-committee is scheduled to hold a meeting on this various issue this week. 

Maintaining this momentum of heightened regulations in the financial industry, on June 17, 2009, the Obama administration unveiled its plan for Congress and several regulatory agencies to adopt a comprehensive series of changes that would increase the role of the federal government in almost every aspect of the financial services industry, including the marketing and advertising of financial products. For example, if adopted as proposed by the President, the proposal would create several new federal agencies, offices, and councils, including a new Consumer Financial Protection Agency (CFPA), dedicated to policing consumer financial products and services. 

The CFPA has been designed to regulate the offering of consumer financial products and services in their entirety, save those instruments that will continue to be regulated by the SEC or the CFTC. Its proposed authority is very broad, with a mandate to promulgate, interpret and enforce rules implementing all existing federal consumer financial services and fair lending laws. More importantly, its authority would extend not only to banks, thrifts and credit unions, but also to mortgage lenders, title insurers, money service businesses, advertising and marketing agencies, issuers of prepaid or stored value cards, consumer reporting agencies, debt collectors, certain lessors, certain investment advisors, and those that engage in financial data processing. To do that, the proposed legislation transfers all of the authority over these products and services from the federal bank regulatory agencies and the FTC to the CFPA. While the FTC would retain some back-up authority (as would the bank regulators), this will be a substantial change in the regulatory landscape.

For financial institutions, this all spells trouble. There are already myriad regulations that govern their activities. Adding yet another bureaucratic agency and the resulting collision of jurisdiction and inconsistent principles will only confuse an already difficult situation. But whether the CFPA comes to be or not, the horizon for banking regulation is certainly clouded with the likelihood of more oversight than ever before.

Vladeck's First Public Address Includes Priorities and Staff Changes

On June 18, 2009, 77 hours into his tenure as Bureau Chief for Consumer Protection, David Vladeck gave his first public address at the ABA Consumer Protection Conference, held at Georgetown University Law Center. He described himself as being "not part of the fraternity" of the FTC. He said that Commission Chairman Jon Leibowitz reached out to him and expressed a desire for "fresh eyes." In his address, Vladeck suggested a set of agenda items that may be a hint of what his enforcement priorities will be.

  • Economic fraud will be a top priority – mortgage fraud, debt collection/debt consolidation, and other financial services scams.
  • Privacy – He stated that it is time to "take another look at privacy regulation." Vladeck said that the FTC has taken a "notice and consent" approach, and then moved to a "harm" approach. He said that these two approaches do not seem to address the issue comprehensively. He did not give much detail, but it is clear that there will be new ideas and approaches, reexamining assumptions about harm that is "unquantifiable."
  • Advertising, including behavioral marketing – Vladeck stressed a focus on how advertising affects those who are particularly vulnerable, including children. He also mentioned advertising of alcohol to teens. He made approving reference to the "disparate impact theory" that has been used in connection with some recent enforcement matters that have dealt with advertising targeted at Hispanic markets.
  • Legislative action – Vladeck said he expected that the Commission will be focused on its reauthorization, and with regard to President Obama's proposal concerning a new consumer protection body that will deal with financial products, Vladeck stressed that the FTC should be on "equal footing." Also, Vladeck stated that the FTC should have civil penalty authority as well as independent civil litigation authority. Thus, these may be additional agenda items.

In addition to these agenda items, on which he said he would keep "an aggressive pace," Vladeck announced some key personnel moves.

First, he announced that Chuck Harwood, Northwest Regional Director in Seattle, will be his Deputy Bureau Head. Harwood has been the regional director for 20 years. Prior to that he was a staff counsel to the U.S. Senate Committee on Commerce, Science, and Transportation. According to our partner Anthony DiResta, formerly Harwood's counterpart in the Southeast Region, Harwood is an excellent choice, tough and fair.

Second, Peggy Twohig, Assistant Director for Financial Practices, will be leaving the Commission for a post at the U.S. Treasury Department. This appears to be a loss for the Commission and a huge pick-up for Treasury. Twohig has been a leading force against predatory lending practices, and it seemed from Vladeck's announcement that he was genuinely disappointed that he was losing her and her experience, especially in light of his top agenda concern.

Third, replacing Twohig will be long-time FTC lawyer Joel Winston, who currently is Associate Director for Privacy and Identity Protection. Extremely well regarded, Winston received the 2008 Presidential Rank Award of Meritorious Executive last fall, and was widely rumored to be under consideration for the Bureau Chief position.

Fourth, Jessica Rich, Assistant Director for Privacy and Identity Protection, will assume the role as Acting Associate Director.

Why This Matters: The Bureau Chief for Consumer Protection at the FTC sets policy and tone for the consumer protection side of the Commission. The Vladeck era has begun, and we can see that he will bring a fresh perspective. He has never served at the FTC. He has sued the FTC ("successfully," he added). His agenda seems to have two central substantive interests: financial fraud and privacy. Although this was somewhat expected given his background, one gets the sense that he is going to pursue mortgage fraud and other types of financial services fraud very aggressively, and will be particularly interested in any sort of practice that targets those who have been disparately impacted by the economic downturn. The changes in the personnel in both the financial and privacy divisions are interesting in light of the importance both of these divisions are likely to have for the foreseeable future. Finally, by all accounts, the selection of Harwood is a positive move that may have the side benefit of giving Vladeck insight into the activities and utility of the regional offices.

The FTC Takes on Environmental Marketing Claims Through Green Guides and More

On June 9, 2009, the Federal Trade Commission (“FTC” or “Commission”) testified on its efforts to ensure truthfulness of environmental or “green” marketing claims before the U.S. House Subcommittee on Commerce, Trade, and Consumer Protection of the Committee on Energy and Commerce. Noting the “virtual tsunami” of environmental marketing, the FTC announced it will continue its efforts to ensure that green advertisements are “truthful, substantiated, and not confusing to consumers.” 

In order to protect consumers from unfair or deceptive practices, the FTC explained its multi-tiered approach of (1) issuing rules and guides for businesses, (2) challenging fraudulent and deceptive ads through enforcement actions, and (3) publishing materials to help consumers make informed purchasing decisions. 

The FTC’s Guides for the Use of Environmental Marketing Claims (“Green Guides” or “Guides”), 16 C.F.R. Part 260, are the centerpiece of the agency’s environmental marketing program, according to the testimony. The Green Guides, first issued in 1992 and most recently revised in 1998, help advertisers avoid making “unfair or deceptive” claims in violation of the Federal Trade Commission Act (“FTC Act”) by describing the basic elements needed to substantiate specific environmental claims. While the Guides “provide the basis for voluntary compliance” with section 5 of the FTC Act, “[c]onduct inconsistent with the positions articulated . . . may result in corrective action by the Commission under Section 5 if, after investigation, the Commission has reason to believe that the behavior falls within the scope of the conduct declared unlawful by the statute.” § 260.1.

The Green Guides currently include general principles, applicable to all environmental marketing claims, as well as guidance on specific claims, such as “biodegradable,” “compostable,” “recyclable,” “recycled,” “refillable,” and “ozone safe.” For example, the Guides provide that “[a] product or package should not be marketed as recyclable unless it can be collected, separated or otherwise recovered from the solid waste stream for reuse, or in the manufacture or assembly or another package or product, through an established recycling program.” § 260.7(d). The Guides likewise state that “[a] recycled content claim may be made only for materials that have been recovered or otherwise diverted from the solid waste stream, either during the manufacturing process (pre-consumer), or after consumer use (post-consumer).” § 260.7(e).   Numerous hypotheticals, demonstrating how to qualify specific claims to avoid deception, are also provided. 

In response to the increase in green marketing, the FTC announced that it is currently reviewing the Guides “to ensure they are responsive to today’s marketplace.” Specifically, the FTC is reviewing public comments, and it plans to conduct its own research on consumer understanding of additional green marketing claims, such as “eco-friendly,” “sustainable,” and “carbon neutral.” Insight on such consumer perceptions is crucial in ultimately determining what constitutes a deceptive claim.

In addition to the Guides, the FTC testified that it actively targets misleading green claims through civil prosecutions. In this regard, the Commission announced new actions against Kmart Corp., Tender Corp., and Dyna-E International, alleging that each company made false and unsubstantiated claims that their products – disposable plates, wipes, and towels, respectively – were biodegradable. The administrative complaints alleged that the companies could not substantiate that their products would “decompose into elements found in nature within a reasonably short period of time after customary disposal,” as advised by the Guides, because “the substantial majority of solid waste is disposed in landfills, incinerators, and recycling facilities.”

At this time, Kmart and Tender have agreed to settle their cases, while the case against Dyna-E will be litigated. Under the settlements, Kmart and Tender have agreed to orders that bar them from making deceptive “degradable” product claims, and that require them to have competent and reliable evidence to support green product claims. In addition, both settlements include record-keeping and reporting provisions.

To emphasize its law enforcement efforts, the FTC also noted recent actions against marketers of home insulation and “miracle” devices advertised to dramatically increase gas mileage in cars. In one insulation action, the agency alleged that the insulation’s R-value (measure of resistance to heat flow) was only one-quarter of what the advertiser claimed. There, a court order required the defendants to pay a $155,000 civil penalty, revise its claims, and substantiate any future energy-related claims.

A final approach taken by the FTC, according to the testimony, involves the creation and distribution of materials “to help consumers make informed, green purchasing decisions and avoid energy savings scams.” This effort to educate consumers includes interactive websites that provide information on energy conservation and how to avoid phony gas-saving devices. 

Why This Matters: The FTC, through its testimony before the House and latest enforcement actions, has clearly demonstrated that it will continue to ensure that green advertisements are “truthful, substantiated, and not confusing to consumers.” The principles articulated in the Green Guides remain important and conduct inconsistent with the Guides may result in legal action by the FTC. Recent actions based on “biodegradable” and “energy efficient” claims may indicate the beginning of a green marketing enforcement trend. Therefore, advertisers should consult the Green Guides and/or legal specialists in this area to avoid making environmental claims that risk being considered “unfair or deceptive” by the FTC. In addition, advertisers should exercise caution before using terms such as “eco-friendly,” “sustainable,” “carbon neutral” and others that are not included in the Green Guides, and that are currently being studied and followed by the FTC.

Bloggers Beware

As we’ve discussed previously on Adlaw by Request, the Federal Trade Commission ("FTC") is in the process of revising its Endorsement and Testimonial Policies and Guidelines – the first set of revisions since 1980. In addition to compelling greater disclosure and substantiation on advertisers that wish to employ endorsements and testimonials in their advertising, the FTC has cast its net to include blogs, message boards and street teams among those parties that would be subject to these new enactments. The purpose of this article is to address the effect such guidelines will have on blogs.

By way of introduction, endorsements refers to any advertising message (including verbal statements, demonstrations or depictions of the name, signature, likeness, or any other identifying personal characteristic of an individual or the name/seal of an organization) that consumers are likely to believe reflects the opinions, findings or experience of an independent party other than the advertiser about a particular product. The FTC has expressed its intention to treat endorsements and testimonials identically in the context of its review and enforcement activities.

Generally speaking, endorsements: (i) must reflect the honest opinions, findings, beliefs or experiences of the endorser, (ii) may not convey an express or implied representation that would be deceptive if made by the actual advertiser, (iii) may not be presented out of context or worded so as to distort in any way the endorser’s opinion or experience with the advertised product, and (iv) may only be communicated by endorsers who are bona fide users of the product at the time of the endorsement, and the endorsement may continue to run so long as the advertiser has good reason to believe that the endorser remains a bona fide user of the product. From a liability perspective, both advertisers and endorsers alike can be held liable on the basis of false or unsubstantiated statements made through endorsements.

Although liability from false endorsements can arise from several different scenarios within the context of blogs, the two most common developments are likely the following: (i) blogger reviews, and (ii) undisclosed payments made by advertisers to bloggers. In the first scenario, bloggers are continually on a mission to find new content about which to write, and advertisers are constantly seeking innovative and organic means by which to disseminate their messages. For a blogger to write a review about a particular product on his/her blog, the blogger will be deemed an "endorser" by the FTC. Therefore, should the blogger fail to verify (or request verification of) an advertiser’s substantiation with respect to any product claims, the advertiser can be subject to liability for false and unsubstantiated statements made through the blogger’s endorsement, and the blogger may also be subject to liability for the same unsubstantiated representations (intentional or unintentional) made in the course of his/her review (aka endorsement).

The second potential pitfall involves a blogger’s failure to clearly and conspicuously disclose any payments (in cash or in goods) that he/she receives from an advertiser. Especially in those situations in which a blogger is neither an expert, nor is known to a significant portion of the viewing public/ readership but receives some form of payment from the advertiser, this fact must be disclosed to the public. The FTC’s reasoning behind this disclosure requirement should be fairly obvious – receipt of consideration by the blogger will likely have a material effect on the credibility that the public ascribes to the endorsement. As mentioned above, the payment/consideration can take the form of cash, free or discounted goods (even for testing purposes), gift certificates, or even advertising revenues on the blog, itself.

So, what is an advertiser to do that wants to enlist the services of bloggers? The answer involves training and monitoring. Advertisers must provide their bloggers with training on the do’s and don’ts of endorsements and claims, making sure that each claim is truthful and substantiated. For those bloggers who regularly receive consideration in some form or another, advertisers must closely monitor their blogs and have clearly defined policies in place that set forth the steps by which deceptive advertising must be halted and immediately taken down, when discovered. Lastly, and particularly for bloggers who are receiving payment in some form or another, advertisers should consider developing a reasonably simple but focused set of terms and conditions and/or an actual agreement/insertion order that lays out the obligations of the blogger, and the risk allocations should a problem arise.

… as for the bloggers, one approach to address the payment disclosure requirement is to bifurcate sections of their blog between a paid advertising area and an editorial (i.e., non-paid advertising) area. So long as a user knows at all times in which of the two "areas" he/she is situated, bloggers (and advertisers, by extension) can get some level of comfort that their disclosure requirements have been satisfied. The objective, simply put, is to convey transparency to the consumer. This point was recently encapsulated by Jory Des Jardins, Co-Founder of BlogHer: "It's time to look at the finer distinctions between compensated programs that have emerged as social media enters awkward adolescence. To us, the question is not whether anyone should ever compensate bloggers, it's under what circumstances should you compensate them? And if you do compensate them, what are your obligations, and theirs?"

While the FTC isn’t expected to roll out its new Endorsement and Testimonial Policies until later this summer, advertisers and bloggers must start to think about these issues and put policies and documents into effect that address them. Consult your local advertising and marketing attorney for further assistance.

WOMM-U 2009

Again this year, May 13-14, in Miami Beach, the Word of Mouth Marketing Association will host WOMM-U, a comprehensive and interactive educational experience designed to provide the real-world knowledge required to execute impactful word of mouth marketing (WOM) programs in today’s challenging marketing environment. The agenda features a wide variety of timely WOM topics presented by prominent experts in the field.

“WOMM-U is different from any other conference of its kind because of its powerful mix of theoretical and practical opportunities that offer real-world knowledge and tools to begin or strengthen WOM programs for brands and nonprofits,” said WOMMA Executive Director Kristen Smith, CAE.

The agenda for the two-day event includes social media-based WOM presentations and workshops with representatives from Google, YouTube, MySpace, Facebook, Bebo, Eons, Twitter, as well as noted bloggers and industry consultants. Participants also will engage in roundtable sessions with WOM experts.

Among featured plenary-session presentations are:

YouTube and Google: Maximizing Online Video for Marketing Success: Jeben Berg, creative director of Cross Platform Solutions for YouTube & Google, will cover the sometimes complicated process of using YouTube and Google to better connect with customers.

Marketers Dilemma: MySpace, Facebook or Both?: The world’s two largest social networks have more than 130 million users every month. Today the issue isn’t IF you should use MySpace or Facebook to reach your customers, it’s HOW. Panelists will share insights on how to utilize these social media platforms to enhance favorable brand awareness.

FTC Guidelines: Ethics, Endorsements, etc.: The Federal Trade Commission (FTC) recently proposed new guidelines to address endorsements and testimonials used in traditional media and emerging media such as blogs, Twitter, and Facebook. They are intended to prevent misleading and untruthful endorsements from advertisers and bloggers. Paul Rand, WOMMA’s Vice President and Ethics Chair, and Anthony DiResta, attorney and former regional FTC Director, will lead discussion on how the proposed guidelines affect offline and online WOM programs.

Online registration for WOMM-U is available at The conference will be held at the Ritz Carlton South Beach and begins May 13 at 8:00 am. The cost is $995 for WOMMA members and $1,495 for nonmembers.

FTC Releases Mobile Marketplace Report

On April 22, the FTC issued a Report concerning consumer protection issues arising in the mobile commerce marketplace, entitled “Beyond Voice: Mapping the Mobile Marketplace.”  The Report followed several public meetings involving the FTC since 2000, including those held on May 6-7, 2008 and in November of 2006. In concluding that “the FTC staff is committed to policing the wireless space to ensure consumer protections are in place,” several key findings included:

  • Cost disclosures about mobile services continue to generate consumer complaints. The FTC staff will monitor cost disclosures, bring law enforcement actions as appropriate, and work with industry on improving its self-regulatory enforcement.
  • The FTC and its law enforcement partners should continue to monitor the impact on consumers of unwanted mobile text messages, malware, and spyware, and take law enforcement action as needed.
  • Although spyware and malware have not yet emerged as a significant problem on mobile devices, that situation can change as consumers increasingly use mobile devices for a wide variety of applications, including Internet access. The FTC staff encourages stakeholders to continue developing strategies that prevent or minimize the spread of spam, spyware, and malware on consumers’ mobile devices.
  • The increasing use of smartphones to access the mobile Web presents unique privacy challenges, especially regarding children. The FTC will expedite the regulatory review of the Children’s Online Privacy Protection Rule to determine whether the rule should be modified to address changes in the mobile marketplace. This review, originally set for 2015, instead will begin in 2010. An opportunity for public comment will be provided.

Given the numbers of wireless and mobile devices in the hands of individuals under the age of 18 (and 13), and the increasing proliferation of mobile devices, this will become a hotter topic in the months and years ahead. As if this point needed to be emphasized, it has been reported that as of January 2007—two years ago—there were approximately 800 million cars, 850 million personal computers, 1.5 billion television sets, but already 2.7 billion (yes, billion) wireless and mobile devices in use around the globe, with more than 800 million e-mail and 1.8 billion SMS text-messaging users.

For more information on this topic, also check out the Legal Bytes blog.

ANA and WOMMA File Comments with FTC Regarding Proposed Revisions to FTC Endorsement & Testimonial Guidelines

Reed Smith Advertising, Technology & Media partners John P. Feldman and Anthony E. DiResta filed comments on March 2nd with the Federal Trade Commission on behalf of the firm's clients, Association of National Advertisers (.PDF) and Word of Mouth Marketing Association (.PDF), in response to the FTC's request for comments regarding proposed revisions to its Guides Concerning the Use of Endorsements and Testimonials in Advertising.

FTC Releases Revised Behavioral Advertising Guidelines - Staff Report May Trigger New Marketing Practices for Your Organization

On February 12, 2009, the Federal Trade Commission (FTC) staff issued a supplemental report of its December 2007 draft “Self-Regulatory Principles for Online Behavioral Advertising.” The report further develops the FTC’s voluntary best practices for the behavioral advertising industry and supports continued self-regulatory treatment. However, the document is not an endorsement of the status quo. The revised principles are likely to spur the following changes to your company’s treatment of behavioral advertisements, including: (1) the development of more consumer education content regarding behavioral advertising, (2) the development of internal privacy protections for anonymous data profiles, (3) the creation of opt-in customer notice mechanisms for use and collection of information perceived as sensitive (such as, information related to health, finance, or children), and (4) the creation of opt-in customer notice mechanisms for retroactive changes to your company’s privacy practices.

Further, you may think that existing website billboard privacy polices are sufficient for conformance with the FTC’s revised guidelines. This is unlikely. The staff report clearly indicates that static privacy policies may not be sufficient notice for behavioral advertising purposes, and disclaimers in proximity to the targeted advertisements may be needed. Notwithstanding the additional disclaimers outside the privacy policy, traditional billboard privacy policies may need revision to conform to the new guidelines, as well. Specifically, the staff report adopted a very broad and open-ended definition of PII1 for these purposes, and indicated that the sharing of information inside a corporate family could fall outside the “first party” sharing of data exemption.

While it is tempting to ignore a cumbersome (and voluntary) examination of information policy, the staff report also comes with a fair warning to take these guidelines seriously. The concurrences of Commissioners Jones Harbour and Liebowitz indicate that if companies do not engage in these voluntary regulatory efforts, mandatory behavioral advertising regulation could lie ahead. As stated by Commissioner Leibowitz, “[p]ut simply, this could be the last clear chance to show that self-regulation can—and will—effectively protect consumers’ privacy in a dynamic online marketplace.”

Click here to read the full white paper written by Amy S. Mushahwar and John P. Feldman.

Stop Being So Negative! FTC Announces Principles for Negative Options Online

In January 2009, the FTC published the results of a workshop it held two years earlier on negative options, particularly those that sprout near and around many Internet sales. How many times have you discovered a charge on your credit card that looks suspicious, and you call the reference telephone number and learn that you actually signed up for a membership to some club when you purchased that shirt, that flash drive, or that book online? These are the sort of negative options that the FTC is most concerned about.

Negative options such as these are sometimes referred to as “free-to-pay” conversion plans. Under these plans, a consumer receives goods or services for free (or for a nominal fee) for a trial period. After the trial period, the seller automatically begins to charge a fee (or a higher fee) unless the consumer affirmatively cancels or returns the goods or services. Often, these sorts of “free-to-pay” plans are placed in conjunction with another purchase. An upsell occurs when a consumer completes a transaction and then receives a solicitation for an additional product or service.

The FTC outlined five principles that should be kept in mind when structuring a negative option plan. First, marketers should disclose the material terms of the offer in an understandable manner. Second, marketers should make the appearance of the disclosures clear and conspicuous. In the Internet context, this second point means that a marketer should place the disclosures in a location on the webpage where consumers are likely to see them, and in a form that is easy to read. Third, marketers should disclose the offer’s material terms before the consumers pay or incur a financial obligation. Making these disclosures more than once is favored by the Commission. Fourth, marketers should obtain consumers’ affirmative consent to the offer. [WHOA! Wait a minute. I thought this blog entry was about negative options! What’s up with “affirmative consent”?] Basically, to demonstrate their consent, the FTC wants marketers to make consumers click a button that says “I accept” or “I agree.” Really, it’s still a negative option because you are simply agreeing to the fact that if you do nothing, you’ll be charged. Finally, marketers should not impede the effective operation of promised cancellation procedures. This is the big one. You can disclose as much as you want, but if the phone number or URL used for cancellation is ineffective, or if the wait on the phone in interminable, the FTC will consider this a frustration of the cancellation procedure, and could determine that it is a violation of § 5 of the FTC Act.

Why this matters. There has been an explosion of free-to-buy conversion negative option offers on the Internet, and the FTC believes that there may be a significant amount of abuse out there with regard to such offers. States such as Washington have also actively sought to beef up their negative option statutes to take into account these more modern methods that tend to produce significant regulatory concern. Where there is a workshop report, FTC enforcement is never far away. So Internet marketers: proceed with caution and keep these five principles in mind.

So, How Do You, Like, Communicate With, Like, Kids?

The Federal Trade Commission staff will host a forum March 12, 2009 to gather input for its upcoming education program on advertising literacy for “tweens,” or kids who are 8 to 12 years old. At the forum, experts on advertising and marketing to kids will discuss a range of issues, including:

  • What kids experience in the commercial world
  • What kids understand about their experience
  • Which consumer education efforts will help kids to navigate better in the commercial world

The goal of the campaign is to educate kids on how to be better-informed consumers of information.

Why this matters: We’re not sure yet who is speaking at the event, but our hope is that we’ll hear from those who can actually shed some light on this important marketing segment. CARU has long lumped kids under 12 into one basket, with some very strange results. For instance, not so long ago, CARU was bringing actions against movie studios for advertising “Harry Potter” and “Star Wars” during shows that were attractive to “tweens” on the grounds that they were meant for children 13 and over. Luckily, Wayne Keeley’s CARU has taken a turn toward reality and has involved the MPAA in making better determinations as to which movies are appropriate for kids advertising. 

Thus, our hope is that this workshop will help demonstrate that older kids (in the 8-12 range) are very savvy both in terms of their emotional development and their maturity for purposes of distinguishing between advertising and editorial content. It would be a shame if the Commission puts up a series of paternalistic, anti-ad activists who think most kids should not be exposed to any commercial messages. We also hope that the workshop will focus on the key issue of “blurring” that impacts video game manufacturers, and anyone who uses advergames as a form of marketing to kids.

Putting Consent To Telephone Contact in the Fine Print of Sweepstakes Rule Results in Fine

Florida-based travel promoter All in One Vacation Club, and its principals, agreed to pay civil penalties to the FTC of $275,000 for allegedly violating the Do-Not-Call list and other Telemarketing Sales Rule (TSR) provisions. The company used a direct mail sweepstakes entry to entice consumers to obtain a chance to win a vacation. The official rules purported to constitute consent by the entrant to be removed from any no-call registry for the specific purpose of allowing the sponsor to contact the entrant for marketing purposes. All in One took the position that the fine print of the official rules constituted a “written agreement” for purposes of compliance with the TSR, but the Commission disagreed. The FTC stated that any such written agreement must be “clear and conspicuous,” and must include the customer’s signature demonstrating the consumer’s assent. Stuffing the consent provision in the official rules of a sweepstakes wasn’t going to cut it.

Why this matters: This is not the first time a regulator has expressed concern about hiding in the official rules of a sweepstakes, language that would purport to give the sponsor the right to override the consumer’s decision to be placed on the Do-Not-Call list. Back in 2005, then New York Attorney General Eliot Spitzer challenged A&P grocery stores and Kitchen Magic, Inc. for virtually the same marketing practice. Promoters put all sorts of goodies in their official rules. Most of the time, these terms are construed as valid provisions in a contract between the consumer and the sponsor. But, when you seek to undermine a consumer’s statutory or regulatory right by virtue of the consumer’s entry into a promotional offer, watch out. Not only might the provision be unenforceable, but it could also be a violation of federal or state law. (See also Michigan’s Consumer Protection Act, §445.903(t).)

FTC Endorsement & Testimonial Guidelines

This post was written by Dan Jaffe.

Last November, the Federal Trade Commission released a Federal Register notice detailing the changes that it plans to make to its guidelines for the use of endorsements and testimonials in advertising.  These are the first changes to the guidelines in decades and will dramatically change how marketers can use endorsements and testimonials in advertising. 

The deadline for comments was originally January 31, 2009, but the FTC recently extended the comment period to March 2, 2009.  We are planning to file comments and need our members’ assistance to effectively respond.  If you can offer specific guidance on how the proposed rule will affect your use of endorsements and testimonials, please let us know as this will help us formulate our detailed comments.


The guidelines currently allow marketers to use truthful testimonials that are not generally representative of what consumers can expect from the advertised product so long as the marketers clearly and conspicuously disclose either (1) what the generally expected performance would be in the depicted circumstances, or (2) the limited applicability of the depicted results to what consumers can generally expect to receive; i.e., that the depicted results are not representative or typical.  The revised guidelines would require substantiation of results that consumers would generally achieve (“generally expected results”) through use of the product.  The FTC states that this change eliminates the existing “safe harbor” which allows advertisers to include non-representative testimonial claims in their ads if they clearly and conspicuously state that the depicted results are “not typical.”  The Commission now argues that non-typicality disclaimers alone generally are not sufficient to overcome the false or deceptive impressions of typicality generated by testimonials.  The FTC, therefore, is demanding additional substantiation delineating “generally expected results.”  

In taking this action, the Commission largely discounted the constitutional arguments made in comments filed in 2007 by both ANA and other groups in response to the FTC’s review of the guidelines.  We argued in our comments that the Commission already has sufficient power to penalize false or deceptive claims.  We also argued that requiring pre-publication proof of claims is more extensive than necessary to advance the government’s interest.  Therefore, it would impose an unconstitutional burden on truthful, nondeceptive speech while providing little benefit to consumers. 

In response, the Commission, while making multiple references to our comments, argued that its new guidelines would withstand scrutiny under the U.S. Supreme Court’s Central Hudson test for commercial speech.  It argued that its interest in requiring further disclosure is to prevent deception.  By requiring pre-publication substantiation, the guidelines would materially advance this interest, and since they would require information to prevent a misleading impression, they are reasonably tailored to meet that objective. 

The Commission relied on two consumer surveys in formulating the new guidelines.  In our original comments, we argued that these studies had numerous serious methodological and technical flaws.  These concerns were dismissed by the FTC, claiming that the studies provided “useful empirical evidence” regarding testimonial messages.

The FTC’s position in regard to this rulemaking could have significant precedential impact on advertising beyond the testimonial and endorsements area.  The FTC’s point of view in this rulemaking is that truthful statements, even limited by clear and conspicuous disclaimer information, can prove insufficient to protect reasonable consumers.  Clearly, this type of analysis can affect broad categories of advertising.  

You may also wish to examine a detailed memorandum put together by Reed Smith which provides further information in regard to this issue.  Reed Smith provides representation for the ANA through our general counsel, Doug Wood.

If you have any questions, you can reach me at 202-296-2359 or at

What Do We Have to Look Forward to in 2009

It’s a new year, and change is in the air. Although the holidays are over, some groups in Washington are hanging on to their wish lists with the hopes that President Obama will grant their desires.

Over the past few months, Obama has sent agency review teams into dozens of government offices, ranging from the Pentagon to the EPA to the FTC. These teams are dissecting agency initiatives, poring over budgets and reviewing functionality. Many lobbying groups see this time of transition as a prime opportunity to achieve desired changes by gaining the ear of the new administration.

In fact, in December, leading privacy and consumer groups met with leaders of the FTC review team to spread the message that the FTC has allowed industries to self-regulate online privacy practices – to the detriment of consumers – for far too long. Privacy groups are not alone in their concern. Obama himself said during his campaign that “[d]ramatic increases in computing power, decreases in storage costs and huge flows of information that characterize the digital age bring enormous benefits, but also create risk of abuse. We need sensible safeguards that protect privacy in this dynamic new world.” He committed to “strengthen the privacy protections for the digital age and to harness the power of technology to hold government and business accountable for violations of personal privacy.”

During their meeting with the FTC agency review team, privacy groups stressed a need for better (more?) regulation of targeted online marketing, oversight in the data broker industry, and privacy policies for medical information, just to name a few. Susan Grant, director of consumer protection at the Consumer Federation, called the Network Advertising Initiative’s behavioral advertising self-regulatory code of conduct “deceptive on its face,” and called for the FTC to establish a “Do Not Track” registry, similar to the popular “Do Not Call” registry for telemarketing. In support of increased oversight of data brokers, Beth Givens of the Privacy Rights Clearinghouse cited numerous complaints from consumers about use of their personally identifiable information by companies in violation of stated privacy policies.

In addition to Obama taking office, a Democratic shift in Congress has the potential to lead to increased regulation. In fact, two senators (Markey (D-Mass.) and Dorgan (D-N.D.)) have already expressed an interest in introducing Internet privacy legislation that would likely outlaw behavioral targeting, cookies and “deep packet inspection.” In addition, a bill currently pending in Congress would expand and enhance the authority of the FTC, possibly increasing the number of FTC litigations.

What does this mean?

Online privacy issues are just the tip of the iceberg. The combination of the financial crisis (which many blame on self-regulation), and a new Democratic administration and Congress in Washington, will likely lead to both increased regulatory action and legislation in several areas affecting advertising and marketing, including:

  • Increased scrutiny on mergers (note the recent demise of the Google and Yahoo merger)
  • Stronger antitrust enforcement
  • Sweeping Internet privacy legislation and an end to self-regulation
  • A ban on advertising food to children: This is a hot topic and politicians will likely look to regulations of tobacco advertising as a basis for such a ban
  • An end to drug companies’ direct-to-consumer advertising: The United States is one of two countries left around the globe that allows prescription consumer drug advertising. Many politicians feel that it adds to the cost of medicine and health care
  • An end to the corporate tax deduction for advertising: You can expect the government to be looking at any and every way possible to generate tax dollars without raising the income tax

Advertising Ban Would Reduce Obesity, Study Says

A ban on fast-food advertising in the United States could reduce the number of overweight children by as much as 18 percent, according to a study conducted for the National Bureau of Economic Research.

The study, funded by the National Institutes of Health, is being published in the University of Chicago's Journal of Law and Economics. Led by a professor from Lehigh University, researchers measured the number of hours of fast-food television advertising messages viewed by children on a weekly basis.

Lehigh University Professor Shin-Yi-Chou and her colleagues found that a ban on fast food advertisements during children's programming would reduce the number of overweight children aged 3-11 by 18 percent, and lower the number of overweight adolescents aged 12-18 by 14 percent.

Though the researchers concluded an advertising ban would be an effective method of reducing the number of overweight children, they also questioned whether such onerous government involvement and the costs of implementing such policies made an advertising ban a practical option in the United States.

Access information regarding the study at and

Child Obesity a Sign of Heart Disease

Children who are obese or who have high cholesterol also show early signs of heart disease, according to a new study. Results of the study were unveiled at a recent American Heart Association conference. The study, conducted by researchers from the University of Missouri Kansas City School of Medicine, has not yet been published.

The study was small, involving 70 children ages 6 to 19, and experts said the results would need to be replicated to be considered conclusive. But the researchers' method of measuring artery wall thickness, using ultrasound technology, is considered to be a reliable indicator of heart disease risk.

"I think this is a red flag," said the study's lead author, Dr. Geetha Raghuveer, a cardiologist and associate professor of pediatrics at the University of Missouri Kansas City School of Medicine. "These kids are more similar to middle-aged adults."

The study is considered by many to be part of a growing body of research that childhood obesity in the United States likely will result in increased incidents of heart disease as children age.
Read more about the study and surrounding issues at

FTC Brings Action Against Online Payday Lenders

The U.S. Federal Trade Commission has brought a joint action with the state of Nevada charging 10 related Internet payday lenders and their participants with failing to disclose key loan terms, and using abusive and deceptive collection tactics.

The lenders, based primarily in the United Kingdom, used a series of websites such as, to promise consumers loans of as much as $500 within 24 hours, the FTC said. The loans were offered without requiring a credit check, proof of income or documentation, the agency said. However, consumers were required to provide their bank account information and social security numbers.

Applicants were told their loan had to be repaid by their next payday, along with fees that ranged from $35 to $80. If the loan was not repaid, it automatically would be extended and an extra fee would be debited from the consumer’s bank account. Consumers were required to provide access to their bank accounts for payment of the fees.

In a complaint filed in the U.S. District Court for the District of Nevada, the FTC alleged that the defendants did not disclose key terms in writing, including the annual percentage rate, the payment schedule, the amount financed, the total number of payments, and late payment fees. Consumers who asked to see the loan terms in writing either were told the transaction was oral, or were told the terms would be sent to them but they never received the requested information.

The FTC said many consumers paid hundreds of dollars above their loan amounts before cutting off access to their bank accounts. The defendants threatened consumers with arrest, lawsuits, property seizure and wage garnishment, the agency said. They called consumers, as well as their coworkers and employers at their workplace; used abusive language; and disclosed the consumers’ purported debts.

The loans extended did not comply with the payday lending laws in many consumer states, and the defendants were not licensed to make consumer loans in those states, the FTC said. The defendants are charged with violating the Truth in Lending Act, using unfair and deceptive tactics under the FTC Act, and other charges.

Why This Matters:  Amid the current economic crisis, regulators are likely to scrutinize lending practices and the marketing practices used by lenders.

Testimonials and Endorsements: Complying with the FTC Guides in Light of Proposed Changes

This post was written by John P. Feldman and Anthony E. DiResta.

One of the most frequent strategies employed by advertisers is to let the consumer hear about the advertised product or service from a third party, someone other than the advertiser itself. At its root, an endorsement or testimonial when used in advertising is the advertiser’s way of saying, “Don’t just take my word for how wonderful my product or service is, listen to this unbiased person whose opinion you should rely upon to make a purchasing decision.” The Federal Trade Commission (FTC or Commission) originally published Guides Concerning the Use of Endorsement and Testimonials in Advertising (The Guides) in 1972. The Guides have not been updated since 1980. In January, 2007, the FTC sought comments on proposed modifications and updates to the Guides. In particular, the Commission sought comments on whether so-called “disclaimers of typicality,” statements like “Results not typical” or “Your results may vary,” should continue to be a valid way to communicate that a testimonial does not represent experiences consumers will generally achieve with the advertised product or service.

Click here to view the alert.

CARU Refers Advertisers to FTC

The Children's Advertising Review Unit (CARU) has referred two cases to the Federal Trade Commission because the advertisers failed to substantively respond to its inquiries.

CARU examined advertising for the "Spray Racer," a toy vehicle powered by water and air that is compressed when a child manually pumps a holding tank. CARU questioned whether a TV commercial showing a child pumping once to launch the car at a speed of 272 scale miles per hour was an accurate reflection of the product's performance.

The self-regulatory group asked the advertiser, Summit Products, whether substantial pumping was in fact required to maintain the speed depicted. When the advertiser did not respond, CARU referred the matter to the FTC.

CARU also referred to the FTC a case involving the website after the company that operates the site allegedly did not respond to CARU's inquiry regarding apparent failures to comply with the Children's Online Privacy Protection Act of 1998 (COPPA).

Upon reviewing the site, CARU noted that it had an option whereby personal information could be collected from children without first obtaining parental permission, and that the site failed to include offline contact information, as required by COPPA. In addition, the posted privacy policy did not conform to actual practices on the site, CARU claimed.

View a summary of the "Spray Racer" case and of the Virtual Family Kingdom case at

CARU Makes More Movie Ad Referrals to MPAA

The Children's Advertising Review Unit (CARU) has referred ads for yet another PG-13 movie to the Motion Picture Association of America (MPAA) for being advertised during children's programming. The move is the latest in what appears to be an increasingly tense stand-off between CARU, the advertising industry's self-regulatory arm, and the motion picture industry.

CARU said it referred TV advertising for the Warner Bros. film, "Sisterhood of the Traveling Pants 2" to the MPAA for being shown on Nick 1 during children's programming. The movie was rated PG-13 by the MPAA for "Mature material and sensuality," noted CARU. Similarly, CARU has referred ads to the MPAA for PG-13 rated movies such as "The Incredible Hulk," "Indiana Jones," "Get Smart," "The Mummy: Tomb of the Dragon Emperor" and "The Rocker" for being shown during kids' shows.

CARU's Self-Regulatory Program for Children's Advertising states that advertisers "should take care to assure that only age appropriate videos, films and interactive software are advertised to children, and if an industry rating system applies to the product, the rating label is prominently displayed."

The referrals fall under an agreement struck by CARU and the MPAA, which cover ads for films rated PG-13, R or NC-17 that run in any medium primarily directed to children under 12. CARU agreed to first attempt to determine whether an ad placement was intentional, and if it was found to have been unintentional, to ask the advertiser to pull its ad and ensure the placement did not reoccur.

If an ad placement in children's media was deemed to have been intentional, CARU agreed to refer the matter to the MPAA Advertising Administration, which pledged to determine whether the film at issue "is appropriate to be advertised to children."

Read previous KidAdLaw coverage of the issue:  "CARU Rulings: Movie Referrals", "CARU Rulings: Movie Referrals" and "CARU Strikes Agreement With MPAA".

Cold Supplement Seller Agrees to $30 Million Settlement

The makers of the Airborne dietary supplement have agreed to pay as much as $30 million to consumers to settle Federal Trade Commission charges that its makers made false and unsubstantiated cold prevention claims.

“There is no credible evidence that Airborne products, taken as directed, will reduce the severity or duration of colds, or provide any tangible benefit for people who are exposed to germs in crowded places,” said Lydia Parnes, Director of the FTC’s Bureau of Consumer Protection in a release.

In its complaint, the FTC cites Airborne advertisements in which speakers claimed the supplement cured their cold in an hour, was a “miracle cold buster,” and was created by a teacher who “was sick of catching colds in class.”

The supplement, which contains 17 herbs and nutrients, was widely sold by major retailers such as Wal-Mart, CVS, Walgreens and Costco; and was marketed on daytime television programming, and through magazines and celebrity endorsements.

Airborne’s label urges users to take the supplement at the first sign of a cold and before entering crowded situations. The label depicts a picture of someone sneezing into their handkerchief.

The FTC charged that the makers of Airborne, former teacher Victoria Knight-McDowell and her husband, made express or implied unsubstantiated claims that the product could reduce the risk of or prevent colds, protect against or help fight germs, reduce the severity or duration of a cold, and protect against colds, sickness and infection in crowded places.

The FTC’s complaint and agreed-upon settlement follows a class-action lawsuit, pending in the U.S. District Court for the Central District of California. The defendants already agreed in that case to pay $23.5 million for consumer refunds. To settle the follow-on FTC action, the defendants agreed to pay an additional $6.5 million in funds for consumer redress if needed to settle consumer claims.

Nonetheless, Airborne is hardly in retreat.

In a feisty release, the company vigorously denied any wrongdoing or illegal conduct in both the class and FTC actions. The settlement involves older advertising, the company noted, but it stood behind its product’s efficacy.

“Consumers can feel confident that the advertising and labeling going into the marketplace accurately reflects what Airborne products do,” said Airborne CEO Elise Donahue. “Our products help support the immune system. In fact the key ingredients in Airborne have been studied in scientific research and reported in medical journals. Airborne is the same product that millions of consumers swear by. Airborne, meanwhile, continues to be the #1-selling immune support dietary supplement, and we’re very proud of this fact.”

Why This Matters:  There is no known cure for the common cold, and any claims to the contrary are likely to catch the attention of regulators—or plaintiffs’ attorneys.