TCPA Trouble Continues: FCC Slams Lyft and First National Bank for Terms of Service Requiring Consent
Most of the attention involving the Telephone Consumer Protection Act (“TCPA”) has centered on the stream of class actions around the country. It is important to remember that the Federal Communications Commission (“FCC”) and state attorney generals can, and do, enforce the TCPA. In fact, the FCC recently issued citations to Lyft, the ride-sharing service, and First National Bank (“FNB”). Under the Communications Act, before the FCC may issue monetary penalties against a company or person that does not hold an FCC license or authorization, it must first issue a citation warning the company or person.
The TCPA requires prior express written consent for telemarketing calls/texts to mobile phones utilizing an autodialer or prerecorded call and for prerecorded telemarketing calls to residential lines. FCC rules mandate that the “prior written consent” contain certain key features. Among these requirements is the disclosure informing the consenting person that “the person is not required to sign the agreement – directly or indirectly – or agree to enter into an agreement as a condition of purchasing any property, goods, or services.”
For years, the FCC focused on actual consumer complaints of having received telemarketing calls/texts without the required prior express written consent. Interestingly, here, the FCC did not allege that either Lyft or FNB sent texts/robocalls without the required consent. The FCC’s accompanying press release indicates that its Enforcement Bureau initiated the two investigations after becoming aware of “violative provisions in those companies’ service agreements.” The citations issued to Lyft and FNB, along with recent correspondence by the FCC to Paypal concerning similar issues, represent new FCC attention on terms/conditions of service in the TCPA context, particularly on “blanket take it or leave it” agreements. The FCC Enforcement Bureau Chief, Travis LeBlanc, put all companies on notice, urging “any company that unlawfully conditions its service on consent to unwanted marketing calls and texts to act swiftly to change its policies.” The FCC directed Lyft and FNB to take “immediate steps” to comply with FCC rules and the TCPA – presumably meaning that the companies should immediately revise their terms and practices.
According to the FCC, Lyft’s terms require customers to expressly consent to receive communications from Lyft to customer’s mobile numbers, including text messages, calls, and push notifications. The messages could include Lyft-provided promotions and those of third party partners. The terms advise customers that they can opt-out by following the “unsubscribe” option, and that customers are not required to consent to receive promotional messages as a condition of using the Lyft platform or the services.
However, the FCC found that contrary to Lyft’s terms of service, Lyft does not actually provide “unsubscribe options” for consumers. If a consumer independently searches and gets to Lyft’s “help center,” the only option to opt-out subsequently prevents consumers from using Lyft’s service. Thus, per the FCC, “Lyft effectively requires all consumers to agree to receive marketing text messages and calls on their mobile phones in order to use services.”
The FCC concluded that while Lyft’s terms of service stated that consumers were not required to consent as a condition to using Lyft, in actuality, consumers could not refuse consent and remain Lyft users. Thus, the FCC cited Lyft, warning that it would be liable for any advertising text messages for which it did not collect proper, prior express written consent. The agency further stated that it would continue to monitor Lyft’s practices.
In FNB’s investigation, the FCC noted that consumers wishing to use FNB’s online banking services are required to agree to receive text messages and emails for marketing purposes at consumer-provided phone numbers. FNB customers wishing to enroll in the Apply Pay service are similarly required to consent to receive marketing-related text messages and emails. The FCC objected to FNB requiring consumers to agree to receive marketing text messages in order to use the online banking and Apple Pay services, and failing to inform consumers that they have the option to refuse consent. The agency reiterated that under FCC rules, prior express written consent to receive telemarketing messages requires that, among other things, consumers receive a clear and conspicuous disclosure informing the consumer of his or her right to refuse to provide consent.
When it comes to autodialed/prerecorded telemarketing calls and texts to mobile phones and prerecorded telemarketing calls to residential lines, companies need to be diligent in ensuring they have proper, defensible prior express written consent. The FCC’s citations to Lyft and FNB make clear that organizations may not rely on blanket mandatory opt-in agreements. While it may be acceptable to seek consent in terms of service, consumers must be informed of their opt-out abilities, and must be able to access the opt-out and still use the service or make the purchase.
Companies should review their service agreements and the operational mechanisms to make sure consumers have information on opting-out. Further, any opt-out mechanisms must work as promised. A user’s opt-out should not block services/purchases. Of course, the best way to obtain consent is to seek a separate, prior express written consent in an agreement that contains all the required elements, as follows:
- Is in writing (can be electronic);
- Has the signature (can be electronic) of the person who will receive the advertisement/telemarketing calls or texts;
- Authorizes the caller to deliver advertisements or telemarketing messages via autodialed calls, texts, or robocalls;
- Includes the telephone number to which the person signing authorizes advertisements or telemarketing messages to be delivered;
- Contains a clear and conspicuous disclosure informing the person signing that:
- By executing the agreement, the person signing authorizes the caller to deliver ads or telemarketing messages via autodialed calls, texts or robocalls; and
- The person signing the agreement is not required to sign the agreement (directly or indirectly) or agree to enter into such an agreement as a condition of purchasing any property, goods, or services.
As a reminder, the FCC repeatedly takes the position that the company claiming prior express written consent will bear the burden of providing that consent.
While Google is already subject to commitments it made to the FTC regarding the requirement to afford advertisers non-discriminatory access to its search engine, the FTC’s latest guidance makes clear that Google and other search engines must also maintain clear disclosures to the public about sponsored content in search results.
On June 24, 2013, in a series of letters to general search engines such as Google, Yahoo, and Ask.com, as well as to specialized search engines, the FTC issued updated guidance concerning disclosures regarding paid advertisements in search results.
This latest FTC action follows on the heels of the Commission’s recent updates to the Dot Com Disclosures and the updated Endorsements and Testimonials Guides. The FTC’s letters came in response to industry and consumer organizations’ requests to the Commission to update its policies on search engine results, last released in 2002. The FTC also noted that it has observed a decline in search engines’ compliance since 2002.
The FTC’s central concern, first articulated in 2002, remains the problem that consumers may be deceived in violation of Section 5 of the FTC Act unless search engines clearly and prominently distinguish advertising from natural search results.
Consumers assume that search results reflect the most relevant results. When results appear because the advertiser has paid a search engine for, say, prominent placement, that placement could be deceptive to consumers if they are unaware of the commercial relationship between the advertiser and the search engine.
The growth of mobile commerce in particular has spurred the FTC to issue new guidelines. Search results on a mobile phone screens are, by their nature, small, and consumers could be easily confused by paid search results if the “paid” nature of those results is not clear.
In the new guidance, the FTC states that if search engines continue to distinguish advertising results by giving a different background color or shading combined with a text label (such as “sponsored” or “ad”), the search engines should consider multiple factors to ensure that any labels and visual cues are sufficiently “noticeable and understandable” to consumers. The agency clarified that there is no “one size fits all” and that search engines may use various methods, provided the disclosures are noticeable and understandable.
Proper disclosures, according to the FTC, include the following:
• Visual Cues – Search engines must select hues of sufficient luminosity to account for varying monitor types, technology settings, and lighting conditions. The FTC notes that search engines should consider using web pages of different luminosities for mobile devices and desktop computers. Further, the FTC recommends that search engines should use:
o more prominent shading that has a clear outline;
o a prominent border that distinctly sets off advertising from the natural search results; or
o both prominent shading and a border
• Text Labels – The FTC asserts that text labels must be used in addition to the visual cues a search engine may use to distinguish advertising. Text labels must:
o use language that explicitly and unambiguously conveys that a search result is advertising;
o be large and visible enough for consumers to notice it;
o be located near the search results (or group of search results) that it qualifies and where consumers will see it; and
o be placed immediately in front of an advertising result, or in the upper-left hand corner of an ad block, including any grouping of paid specialized results in adequately sized and colored font.
The new guidance also recognizes that technology will continue to evolve, such as voice assistants on mobile devices (e.g., the iPhone’s “Siri”). While technology may change, the new guidance makes clear that the FTC Act’s Section 5 prohibition on deceptive practices remains. Therefore, businesses must make sure that they differentiate advertising from other information. For instance, if a voice interface is used to deliver search results (for example, “find me a Mexican restaurant”) the search engine should disclose audibly any paid advertisements in adequate volume and cadence for ordinary listeners to hear and comprehend.
The FTC continues to be vigilant in monitoring the online marketplace. Search engines and advertisers need to review their practices, keeping in mind that disclosures that may be readily apparent on a desktop may be hidden on a mobile screen. As with the “Dot Com Disclosures,” the agency is providing guidance to businesses; however, FTC enforcement remains vigilant and companies that do not clearly disclose paid advertising in search results could face an FTC investigation.
This week, the FTC released updated guidance to its 2000 “Dot Com Disclosures,” a guide covering disclosures in online advertising. The online world has certainly changed in 13 years, and the new guidelines, available here, cover advances in online advertising, including mobile advertising.
One central theme still prevails: existing consumer protection laws and rules apply no matter where you offer products and services: newspapers, magazines, TV and radio commercials, websites, direct marketing, and mobile marketing. Thus, the basic principle applies that companies must ensure that their advertisements are truthful and accurate, including providing disclosures necessary to ensure that an advertisement is not misleading. Further, the disclosures should be clear and conspicuous – irrespective of the medium of the message.
In determining whether a disclosure is “clear and conspicuous” as the FTC requires, advertisers should consider the disclosure’s placement in the ad. Importantly, the 2000 guidelines defined proximity of disclosures to ads as “near, and when possible, on the same screen.” The new guidelines state that disclosures should be “as close as possible” to the relevant claim. The closer the disclosure is to the claim, the better it is for FTC compliance purposes.
Advertisers should also consider: the prominence of the disclosure; whether it is unavoidable (e.g., consumers must scroll past the disclosure before they can make a purchase); whether other parts of the ad distract attention from the disclosure; whether the disclosure should be repeated at different places on the website; whether audio message disclosures are of sufficient volume and cadence (e.g., too fast); whether visual disclosures appear long enough; and, whether the language of the disclosure is appropriate for the intended audience. The FTC suggests avoiding “legalese” or technical jargon.
Mobile marketers should take note that the FTC provided some additional guidance regarding disclosure issues particular to mobile marketing. In particular, the FTC stated that the various devices and platforms upon which an advertisement appears or a claim is made should be considered. For example, if the advertiser cannot make necessary disclosures because of the limit of the space (e.g., in a mobile app), then the claim should not be made on the platform.
The FTC does permit hyperlinks for disclosures in certain circumstances. However, hyperlinks must:
– be obvious
– be labeled appropriately to convey the importance, nature and relevance of the information they lead to (such as “Service plan required. Get service plan prices here”)
– be used consistently
– be placed as close as possible to the relevant information the hyperlink qualifies and made noticeable
– take consumers directly to the disclosure after clicking
Companies should assess the effectiveness of the hyperlink by monitoring click-through rates and make changes accordingly. The agency also suggests that advertisers design ads so that scrolling is not necessary to find a disclosure. The FTC discourages hyperlinks for disclosures involving product costs or certain health and safety issues (similar to its 2000 guidelines).
Probably the most helpful part of the new guidelines are the 22 different examples of proper/improper disclosures the FTC provides at the end of the guidelines. As companies move forward in promoting products and services online, particularly on mobile platforms, reviewing these examples along with the general principles of truthful and complete statements in advertising may save a company from an FTC enforcement action.
Organizations are increasingly marketing their products and services on mobile platforms. Advertisers should take note that special considerations apply in the mobile marketplace, especially the space and text size limitations. If a disclosure is necessary to prevent an advertisement from being deceptive, unfair, or otherwise violative of an FTC rule, it must be clear and placed next to the offer. If that can’t be done, the safest course would be to move the offer to another platform, such as a traditional website. The FTC and the states have demonstrated that they take a keen interest in mobile marketing and they will be watching claims and disclosures in the smartphone/tablet universe.
The Federal Trade Commission recently announced that it has approved a final order settling charges against Compete, Inc., a Boston-based web analytics company. Compete, Inc. sells reports on consumer browsing behavior to clients looking to drive more traffic to their websites and increase sales. Compete, Inc. obtained the information by getting consumers to install the company’s web-tracking software in their computers. The FTC alleged that the company’s business practices were unfair and deceptive because the company did not sufficiently describe the types of information it was collecting from its users.
With all the heightened concerns among consumers about internet privacy, one might wonder why consumers would be willing to install web-tracking software in their computers in the first place. Well, Compete, Inc. sweetened the pot by offering gift cards, cash rewards, and other incentives to entice consumers.
The fact that Compete, Inc. was using web-tracking software to track consumers’ visits to websites was not the problem for the FTC. The major issue was that the software was recording far more than just which websites a consumer was visiting. It was recording everything the user entered on the websites – usernames, passwords, detailed credit card information, Social Security numbers, etc. – all without the consumer’s knowledge or consent.
Reports indicate that the company may not have known that its software was collecting all of this user information. Compete, Inc. representatives stated that in January 2010, when they first learned that there was a potential security issue, they immediately disabled data collection from affected versions of the software and deleted inadvertently-collected information from their servers. The company also responded by implementing new data filters and security measures. The company took these steps even before the order was handed down and said that it would continue to develop and uphold new standards of transparency and security.
Perhaps the company’s commitment to correcting its behavior is part of the reason that the FTC settlement order didn’t include a monetary sanction. Instead, the order focuses on ensuring that such intrusive data is not collected in the future. Pursuant to the order, Compete, Inc. must implement a comprehensive information security program with biannual audits from an independent third party for the next 20 years (a fairly typical obligation in recent FTC settlements of this type); disclose the types of information that will be collected and obtain consumers’ express consent through their website before collecting any data from its web-tracking software; delete or anonymize the use of the consumer data it has already collected; and provide consumers with directions on how to uninstall the web-tracking software. The settlement also bars the company from misrepresenting its privacy and data security practices.
In the age of affiliate marketing, web analytics are extremely valuable for merchants seeking to increase web traffic to drive revenue. However, FTC investigations and resulting sanctions are costly, time-consuming, and quite simply bad for business. Companies interested in using this technology should make sure they know exactly what information they are collecting and should ensure that they are following FTC guidelines regarding data privacy. Clear disclosures to the public as to what software is being installed, what information is viewed or collected, and how that information is used, are all critical. Taking steps to get it right in the beginning will help them avoid costly investigations and bad press in the end.
On December 18, 2012, the Federal Trade Commission issued orders requiring nine data brokerage companies to provide the agency with information on how they collect data from consumers and use it. The nine companies asked to provide this data to the FTC include Acxiom, Datalogix, Intellius and Peekyou.
Data brokers are companies that collect personal information about consumers from a variety of sources, both public and non-public, and then package the information and sell it to companies. As the FTC noted in its announcement, in many ways this data can benefit consumers and the economy by enabling companies to prevent fraud or allowing customers to see ads that interest them.
However, the FTC seems concerned that much of the data brokerage industry operates unregulated. No current laws require data brokers to maintain the privacy of an individual’s data unless it is used for employment, credit, insurance, housing, or another similar purpose. Some estimates indicate that these data brokers have several thousand details on the majority of adults in the United States.
The FTC is specifically seeking details about:
1. The nature and sources of the consumer information that data brokers collect.
2. How data brokers use, maintain, and disseminate the information they collect.
3. The extent to which the data brokers allow consumers to access and correct their information or to opt out of having their personal information sold.
The FTC said that it will use the responses to prepare a study and to make recommendations on whether and how the industry could improve its privacy practices.
The FTC has already called on Congress to address data brokers’ practices through legislation. In March, the FTC advocated for legislation to “address the invisibility of, and consumers’ lack of control over, data brokers’ collection and use of consumer information.” The FTC has also urged Congress to pass a law that would require data brokers to let individuals examine the data contained in files on them, similar to the way that federal laws allow for consumers to get free credit reports every year.
In July, Rep. Edward Markey (D-MA) and Rep. Joe Barton (R-TX), co-chairs of the Bipartisan Congressional Privacy Caucus, opened an investigation into the practices of the industry. The Privacy Caucus has expressed concerns that many Americans do not know how the industry operates and that controls may be lacking for individuals over their own information.
In October, Sen. John D. Rockefeller IV (D-WV) opened his own investigation into the data broker industry. Rockefeller said he was struck by the amount of personal, medical, and financial information that could be collected and sold.
This week’s announcement provides further notice that the FTC has intensified its scrutiny of the data brokerage industry. Companies in the data compilation business should continue to monitor their practices to ensure that they are complying with all regulations and should stay abreast of any forthcoming changes in regulations and laws.
On May 30, 2012, the Federal Trade Commission held a workshop at its conference center in Washington, D.C., entitled “Advertising and Privacy Disclosures in the Digital World.” This workshop was intended both to provide guidance to the public concerning the FTC’s advertising requirements and to solicit input from the public for updates to the FTC’s existing online advertising guidelines, “Dot Com Disclosures” (DCD). The FTC hopes to update the DCD to take into consideration advancements in technology and advertising since the guidance document was initially introduced in 2000, including the discussion of platforms such as mobile devices and social networking.
Of particular interest to us was the panel entitled “Universal and Cross-Platform Advertising Disclosures.” This panel focused on how to make disclosures, rather than on the particular information that needs to be disclosed or who should be liable for failures to disclose. The panel hoped to explore and develop best practices for this purpose and discussed public comments for the FTC’s consideration in updating the guidelines. The panel, moderated by Michael Ostheimer, a staff attorney in the agency’s Division of Advertising Practices, was composed of consumer advocates, advertiser representatives, academics, corporate counsel, and an assistant state attorney general.
The panel emphasized that there are valid ways to allow merchants and advertisers flexibility in marketing on space-constrained forums while still making adequate disclosures to consumers. The panelists stated that it is impractical to try to put all relevant terms on one page, and that it may be counterproductive to do so since consumers will only read a fraction of the information. Therefore, clearly labeled hyperlinks may be used to draw attention to essential terms.
For example, a web page advertisement for coolers stating “satisfaction guaranteed” might be considered deceptive if a hyperlink lower on the page simply marked “Disclosures” led to a page disclosing that a material potential investment, such as a restocking fee for returned items, limits the guarantee. Therefore, the advertisement could be more compliant if the disclosure were closer to the relevant claim (“satisfaction guaranteed”) and if the hyperlink stated clearly the material term, such as “Disclosure – Restocking Fees Apply.”
The panel also agreed that the disclosures required to prevent deception are directly tied to the claims made in the advertisement. By limiting the dissemination of triggering claims, the advertiser also limits the necessary disclosures. Also, the complexity of the offer dictates the necessary disclosures. If an offer includes a continuity plan or other conditions or restrictions, the disclosures will necessarily also be more complex to prevent deception. It is important to note that a disclosure that contradicts an advertisement is not sufficient to make an advertisement non-deceptive.
The panel recommended that the FTC guidelines deal only with substantive issues and that the specific form of the disclosures, as opposed to their substance, be left to the discretion of the advertisers and merchants. For example, while disclosures must be prominent, there should not be a requirement that certain conditions be in bold, italics, or a certain font size. With text-based advertisements, such as tweets or sponsored search results, such a contrast is not possible. Therefore an upfront text disclosure, such as “Purchase Required,” should be sufficient to meet the standard.
The panelists were right to emphasize the need for advertisers to have flexibility and self-regulation without imposing FTC guidelines that do not comport with how business is done in the modern world.
We hope that the FTC will keep pace with evolving technology and business needs to allow advertisers flexibility to promote their products in ways that will best reach consumers.