The Federal Trade Commission recognizes that many people benefit from companies’ online tracking by getting advertising that is more targeted to their preferences. However, as the technologies and techniques used by companies and advertisers to uniquely identify and track individuals’ online behavior advances, the FTC warns that companies’ privacy disclosures and practices must be updated. Failure to do so could be considered deceptive under the FTC Act.
We’ve written previously on the rise in FTC scrutiny and enforcement regarding the use by companies of paid digital influencers without the proper disclosures. Recently, retailer Lord & Taylor found itself in the FTC’s crosshairs when it employed bloggers and Nylon magazine as part of a very successful campaign to promote a clothing collection online and on social media. Unfortunately, the campaign was less successful in its compliance with the FTC Act.
Along with colleagues Lori Levine and Lauren Lynch Flick, we’ve taken a closer look at the case in Lord & Taylor Case Shows the Importance of Transparency in Advertising, itself just the latest example of how companies can run into trouble when they fail to fully disclose a promotion or advertisement.
As we saw in a prior post regarding Kim Kardashian and Instagram, the FDA pays attention to how brand companies use paid celebrities to endorse their products. Likewise, the FTC closely scrutinizes how brand companies use paid or sponsored endorsers. Be it digital influencers or bloggers, brand companies must be mindful of the disclosures required to be made in connection with any advertisement or promotion disseminated by an endorser for the brand company. If the brand company provides compensation of any kind to the endorser in exchange for the promotion, FTC regulations require disclosure of this fact. Per the FTC’s 2013 .com Disclosures guidelines, the disclosure must be “clear and conspicuous.” If the brand company uses an advertising agency, the company must ensure that the agency is complying with the FTC’s regulations. Ultimately, the brand company can be held liable for FTC violations by its advertising agency.
Cyberattacks are on the rise—so much that we seem to hear about a high-profile hack more often than it probably rains in most parts of California. Although reputational damage from a cyberattack can be scarring, a recent U.S. Third Circuit Court decision provides a reminder that the pain can come in many forms. In Federal Trade Commission v. Wyndham Worldwide Corp, the Court confirmed that the FTC can levy expensive fines on a business for failing to adequately protect consumer information. If there wasn’t sufficient reason before, the Third Circuit opinion should convince many who ignored cybersecurity to take a more proactive approach.
Following an 18-month investigation into the practices and operations of data brokers,
the Federal Trade Commission has issued a voluminous report calling for legislation to regulate the industry in the interests of consumer privacy. The report, called Data Brokers: A Call for Transparency and Accountability, identifies “data brokers” as “companies that collect consumer’s personal information and resell or share that information with others,” and notes that in today’s economy, “Big Data is big business.” The report recounts that the privacy issues that data brokers present today were first addressed back to the 1970’s when Congress enacted the Fair Credit Report Act (FCRA) to regulate the collection and use of consumer data in connection with credit, housing, employment and similar decisions. The FTC has been active in enforcing the provisions of the FCRA, but has also argued for similar types of protections even where the FCRA does not apply, such as where data is collected for marketing purposes, fraud prevention purposes, and people search products. In its March 2012 report “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers”, the FTC noted that prior self-regulatory efforts by the industry had not addressed its concerns with transparency and called for the industry to create a web portal to provide consumers with more information about and access to information that data brokers hold about them. In addition, an FTC Commissioner has spearheaded a “Reclaim Your Name” campaign urging the industry to adopt self-regulatory reforms to educate consumers as to how information is collected and used and to allow consumers access to the data that brokers hold,
correct any errors in it, and opt out of its use for marketing purposes.
Noting that the industry has not moved on past suggestions such as these, the report calls for legislation that would require data brokers to provide the consumer with access to the data they hold regarding the consumer and to permit consumers to opt-out of the sharing of that information for marketing purposes. The FTC reiterates its suggestion that a central web portal be created where data brokers identify themselves and their information collection and use practices and allow consumers access to their data and to opt out of certain uses. The report also calls for legislation that would require data brokers to disclose to consumers that they not only use raw data that they collect, but whether they combine that data with other information and draw conclusions based on it such as determining a consumer’s interests based on magazine subscriptions, previous purchases, or website visits. To facilitate consumer education, the report suggests that all consumer-facing entities be required to disclose if they sell consumer information to data brokers, provide opt out options concerning this sharing, and to provide the names of the specific data brokers with which the information is shared and a link to the web portal where consumers can learn more about the data brokers and their data access and opt out rights. With respect to risk mitigation products, the report recommends extending FCRA-like notices to the consumer where, for example, the consumer is denied a cellular phone contract not because he or she is a credit risk, but because risk mitigation information indicates that he or she is an identity thief. The notice would identify the data broker from which the information was obtained and the data broker in turn would provide the consumer with access to the data and a right to correct it if it is inaccurate. In connection with people search products, the report recommends not only that consumers have the ability to access their data and opt out of certain uses, but that limits on those opt outs be clearly identified and that the data broker’s sources of information be identified.
The report concludes with a recommendation that all data brokers adopt the principles in the Commission’s 2012 report that they adopt “privacy by design”
and incorporate consumer privacy into all aspects of their operations.
On March 12th, the Federal Trade Commission issued a report updating its mobile and online advertising guidelines. The recently issued report was a follow-up to the year 2000 “Dot Com Disclosures” to address the marked technical and legal changes that have occurred in the past 13 years. The FTC guidelines emphasize that no matter how technology changes the delivery of content, consumer protection laws continue to apply equally “across all mediums, whether delivered on a desktop computer, a mobile device, or more traditional media such as television, radio, or print.” The intent of the report is to assist advertisers to better identify when a disclosure is needed in connection with social media ads and how best to ensure that any disclosures are conspicuous and not deceptive. In order to maximize its usefulness, the report used more than 20 mock ads to illustrate the updated principles.
The FTC report advises that advertisers should ensure that clear and conspicuous disclosures are made on all devices and platforms that an advertisement can be accessed on and if the disclosure cannot be made clearly and conspicuously on a particular device or platform, then that device or platform should not be used. Not only does the new report take into account the space limitations inherent in certain social media sites, like Twitter, but also the growing user viewing habits of content make available on small screen smartphones. “The new guidance points out that advertisers using space-constrained ads, such as on some social media platforms, must still provide disclosures necessary to prevent an ad from being deceptive, and it advises marketers to avoid conveying such disclosures through pop-ups, because they are often blocked,” the FTC said. In order to accomplish this in a better form the report suggests that an advertiser can include “Ad” or “Sponsored” before the message itself. Additionally, the report admonished advertisers to consider whether a consumer will be able to view any disclaimers if it is required to “zoom-in” to read any part of the ad. However, the new report is slightly more flexible when dealing with smaller screens by, allowing advertisers to make sure disclosures are “as close as possible” to the ad claim instead of the original guidelines which discussed having disclaimers “near or on the same page” as the advertisement.
If you have any questions about the new FTC guidelines and how they may affect your business Pillsbury would be happy to speak with you about them.
Thank you to everyone who joined us in both New York and Washington, DC for our Social Media Week events – Game On!
Special thank you to all of our panelists: Randy Leibowitz, Mike Scafidi, Tim Ettus, Lou Kerner, Peter Corbett, Jim Gatto, Sean Kane, Lauren Lynch Flick and Tina Kearns (many featured in the picture and video below).
User endorsements are becoming a more and more popular form of “advertising” as the use of social media and user-generated content continues to increase. These endorsements often take the form of reviews via blogs or Yelp, but can also include other less conspicuous communications. These endorsements can be quite powerful. As a result some companies will compensate users for giving them. In some cases, the compensation can bias the endorsement. While this is not illegal, it creates issues that need to be considered.
In some cases, user endorsements leverage social media features. For example, a company’s website may include a button that, when clicked by a user, causes a positive message about the company to be posted via the user’s Facebook, LinkedIn, Twitter, or other social media account. When there is compensation for that endorsement–even soft compensation such as through loyalty program points or virtual goods–federal laws may come into play.
The Federal Trade Commission’s endorsement guidelines impose requirements on both the endorser and the advertiser if there is a “material connection” between the two parties. A material connection exists when there is a commercial link that consumers would not expect. A commercial link may arise when an endorser is compensated for the endorsement, for example, by payment, free samples, coupons, or other benefits. Several factors must be considered when determining whether there is such a consumer expectation to trigger the FTC requirements.
One of the requirements identified by the FTC is that any material connection must be “clearly and conspicuously” disclosed. The advertiser has affirmative duties to advise the endorser regarding the disclosure requirement and to have procedures in place to monitor compliance by the endorser. While both the endorser and the advertiser are subject to liability, the FTC has indicated that its enforcement activities will generally focus on advertisers.
Contact us for more information on compliance with the FTC guidelines.
Due to “legal and regulatory pressure” Dublin-based Intrade will no longer accept bets from US customers and all existing US customers must exit their trades and close their accounts. Intrade operates a real-money based prediction market. This announcement from Intrade came just hours after U.S. regulators filed a civil complaint against it.
This action is another example of how gambling and gambling related activities are being subject to regulatory scrutiny. This trend is important for companies to note, particularly as a broader range of companies get involved in on line gambling. This is also important for companies involved in “gamblification.” Gamblification is the use of gambling mechanics for non-gambling purposes, i.e, leveraging the fun of gambling without real money at stake. Gamblification raises a whole host of legal issues, of which companies leveraging this phenomena must be aware.
The lawsuit was filed by the Commodity Futures Trading Commission, which accused Intrade and its parent company of violating its ban on off-exchange options trading, by enabling users to bet on predictions relating to commodities prices. But commodity trading is just one aspect of Intrade’s business. Intrade’s prediction market also enables users to bet on “predictions,” ranging from who will win presidential elections or Academy Awards or whether a dictator will be toppled by a certain date.
“It is against the law to solicit U.S. persons to buy and sell commodity options, even if they are called “prediction” contracts, unless they are listed for trading and traded on a CFTC-registered exchange or unless legally exempt,” Enforcement Director David Meister said in a statement. However, the CFTC has previously rejected exchange applications from companies that wanted to sell options on political outcomes, because they involve gaming and are contrary to the public interest.
A number of US-based companies operate prediction market platforms that enable users to make predictions on a range of activities, but sports-related predictions are among the most popular. However, most of these platforms do not enable users to wager and/or win real-money. Some use virtual currency that users “wager” in connection with a prediction, but usually the virtual currency cannot be cashed out. The “win” that keeps users coming back is the bragging rights for those who are most accurate in their predictions.
While many of these models steer clear of the gambling laws, they must be done right to avoid crossing the line. Getting it right is especially tricky when virtual goods and/or currency are involved. Pillsbury’s social media team has prepared a client advisory on gamblification and the use of virtual goods/currency in these gamblification models. For a copy email us.
On Thursday the Federal Trade Commission released a staff report titled, “Mobile Apps for Kids: Current Privacy Disclosures Are Disappointing,” in which the FTC criticized companies for failing to properly disclose to parents how the companies are collecting personal data through mobile applications (“apps”) aimed at young children.
The results of the FTC’s study follow the FTC’s August 2011 settlement with W3 Innovations, which was the FTC’s first enforcement action against a mobile app developer.
The FTC surveyed approximately 1,000 apps designed for children and available through iTunes and the Android Marketplace by searching for the word “kid.” According to the FTC, despite the warning provided by the W3 Innovations settlement, they found that the operators of those apps could be collecting location (via GPS), phone numbers, contact lists, call logs and other “unique identifiers,” but that the apps do not make it easy for parents to figure out what’s being collected, how the data is being used or to give consent to such collection and use.
“Companies that operate in the mobile marketplace provide great benefits, but they must step up to the plate and provide easily accessible, basic information so that parents can make informed decisions about the apps their kids use,” FTC Chairman Jon Leibowitz said in a statement.
The FTC noted that the various app stores create their own age ratings and that these guidelines are often not consistent. The Staff Report recommends that app developers provide simple and short disclosures on how they collect and share information about users, including whether their apps connect to social media sites like Facebook. Connection to Facebook (or other social media sites) for some of these apps could be problematic, since the Facebook terms (and the terms of most other social media sites) specifically prohibit access if the user is under 13 precisely to avoid having to deal with the COPPA Rule.
The FTC also wants app developers to inform parents if apps targeted towards children contain ads. In some apps, ads and/or content that is inconsistent with the age rating is buried deep within the app and can be found only when a player reaches an advanced stage of the game.
The FTC Staff Report is particularly interesting in light of a report from the Wall Street Journal today asserting that “Google Inc. and other advertising companies have been bypassing the privacy settings of millions of people using Apple Inc.’s Web browser on their iPhones and computers–tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked.”
The FTC’s evaluation of app privacy disclosures comes as the agency is evaluating the comments it received and finalizing updates to COPPA that were revealed in September 2011.
According to the Staff Report, the FTC is planning to conduct an additional review in the next six months to determine whether some of these mobile apps were violating the COPPA Rule. As currently drafted, the COPPA Rule creates the potential for violators to be fined up to $1,000 per violation (i.e., per child) – an amount that can add up very quickly for even a moderately popular app.