FTC Business Blog

Reporting fraud helps everyone – including small businesses – and now it’s easier to do lfair October 22, 2020 | 11:01AM Reporting fraud helps everyone – including small businesses – and now it’s easier to do By Monica Vaca, Associate Director, FTC Division of Consumer Response and Operations Whether it’s a bogus message claiming your trademarks are about to expire unless you transfer money immediately or threats to ruin your credit if you don’t pay for unordered office supplies, scammers have small businesses in their sights. You can help the FTC and its partners fight fraud and you don’t even need to wear a superhero cape (unless you want to). Your story is your superpower. When you tell the FTC about frauds, scams, and other kinds of bad B2B practices, you’re helping the FTC and our law enforcement partners spot and stop scams. To make it easier, the FTC just launched ReportFraud.ftc.gov – a new version of the FTC’s consumer reporting website. But don’t let that description fool you. It’s for small businesses, too. By following a few short steps on ReportFraud.ftc.gov, your report is instantly available to more than 3,000 federal, state, and local law enforcers across the country. After you tell us what happened, you’ll get advice from ReportFraud.ftc.gov on what you can do next to recover and protect yourself and your small business against fraud. Want to see how it works? Watch this “How To” video. Why report fraud? Because your report can make a difference. We use reports like yours to investigate, bring law enforcement cases, and alert companies and consumers about what frauds to be on the lookout for so they can protect themselves, their businesses, their friends, and family. The FTC also uses reports to share data about what is happening in your community. You can check out what is going on in your state or metro area by visiting ftc.gov/exploredata. In addition, when customers approach you about suspected fraud – including when a scammer has falsely used your company’s name – suggest they visit ReportFraud.ftc.gov (or ReporteFraude.ftc.gov for Spanish speakers).  Help us spread the word. By encouraging people to tell the FTC about their experience at ReportFraud.ftc.gov, you’re helping fight fraud in your community. Thank you — and keep up the good work, superheroes!

PrivacyCon 2020: This time it’s virtual lfair July 20, 2020 | 3:33PM PrivacyCon 2020: This time it’s virtual By Lesley Fair “Curtain up. Light the lights.” The FTC’s fifth PrivacyCon begins tomorrow, July 21, 2020, at 9:00 AM Eastern Time. Set a reminder now to join in from wherever you are. The virtual event will bring together global experts to share their latest research on consumer privacy and security, including topics like health apps, bias in AI algorithms, the Internet of Things, international privacy, and so much more. Minutes before the kick-off, visit the PrivacyCon 2020 page and click the LIVE WEBCAST link to watch. FTC staff will be tweeting from @FTC using the hashtag #PrivacyCon20.

The risk that “no risk” offers pose to your business lfair May 13, 2020 | 12:08PM The risk that “no risk” offers pose to your business By Lesley Fair Small businesses and nonprofits should never be on the receiving end of another company’s deceptive practices. An FTC action challenges the methods of companies that allegedly pitch offers for “no risk” business publications and then follow up with hefty bills for unauthorized orders. But it doesn’t stop there. The FTC says if a business refuses to knuckle under to payment demands, the defendants turn the account over to a debt collector, whom the FTC also has sued. Notably, the defendants have received warnings about their practices for years. The pitch begins with a call to a business or nonprofit group – including schools, fire departments, and even police stations – placed by telemarketers calling on behalf of American Future Systems, which uses names like Progressive Business Publications or the Center for Education & Employment Law. The caller claims to have a question or wants to share information with the office go-to person on a certain topic – say HR, employment law, or environmental compliance. Even if the receptionist asks “Are you selling something?” they’re scripted to answer no. Once they get the employee on the line, the telemarketer offers to send samples of a newsletter or book at “no risk” so “you can see if it is a good fit with what you’re already doing there.” The telemarketer may mention the cost of a subscription, but says they’ll follow up to see if the employee likes the sample. The telemarketer also asks the employee for their birthdate “just to verify that I spoke to you.” According to the FTC, the employee is left with the impression they’re getting a free, no-obligation sample to review. So it’s a shock when an invoice shows up claiming a balance due of hundreds of dollars. The complaint alleges the invoice doesn’t include information about how to cancel and doesn’t give a telephone number or email address. What’s more, the FTC says the defendants send those invoices without asking if the employee is authorized to incur financial obligations on their employer’s behalf. And even if businesses find a way to tell the defendants to stop, the complaint alleges those requests are often ignored. So more newsletters arrive followed by more invoices, some of which give the employee’s birthdate as purported proof of the order. If the business refuses to pay, they’re eventually threatened that the account will be referred to a collection agency. According to the FTC, that’s one promise the defendants often keep – and that’s when defendant International Credit Recovery, also known as ICR, enters the picture. The FTC alleges ICR makes misrepresentations to get people to pay, including that the purported debts are valid, that they have a legal obligation to pay, and that failing to pay will result in legal action or have a negative impact on their credit rating. You’ll want to read the complaint for allegations about other illegal practices, but the FTC says the Progressive Business Publications defendants misrepresented trial offers, failed to clearly disclose negative option terms, and violated the Unordered Merchandise Statute. The lawsuit charges that the ICR defendants used misrepresentations to induce payment from consumers. There’s another reason to read the complaint in this case. It alleges a long history of consumer complaints against Progressive Business Publications, including a settlement with the U.S. Postal Service, two alerts placed by the Better Business Bureau on the company’s public BBB profile, and a defamation action the company filed against the BBB that resulted in a jury verdict in the BBB’s favor. The FTC says ICR, too, has been the subject of substantial consumer discontent, including the unenviable “honor” of being the top generator of BBB complaints in its region. In addition, ICR was the subject of a U.S. Department of Agriculture alert regarding their collection practices for publications businesses and other entities claim they didn’t order. The case is pending in federal court in Pennsylvania. But here are steps you can take any time to help protect your business. Alert your staff.  Take a minute to talk to your employees about how operations like this work. The FTC has a brochure, Scams and Your Small Business, that can clue you in on common B2B scams. Even if you don’t have a purchasing department, tell your team to funnel cold calls through one person. We suggest a skeptical sort who insists on looking every possible gift horse in the mouth. Spread the word.  Nonprofit groups are targeted, too, but it can be difficult to educate volunteers who work at different times. If you’re active in organizations in your community, discuss B2B deception in a newsletter or email that goes to volunteers and place a warning on every desk where a phone rings. Too busy to draft something on your own? You’re welcome to get language from the FTC brochure. Report questionable practices to the FTC.  When you smell a scam, contact us with any information you have.    

FTC takes on unproven health claims and “own-dorsements” lfair March 19, 2020 | 4:38PM FTC takes on unproven health claims and “own-dorsements” By Lesley Fair It’s a disturbing trend. Companies are targeting older consumers, claiming to have easy answers for serious diseases for which there may not be a proven cure. That’s one allegation in the FTC’s action against Nevada-based telemarketer Health Center, Inc.  Another count challenges what we call “own-dorsements.” According to Health Center’s telemarketing scripts, websites, social media, and testimonials from supposedly satisfied customers, the company’s Rejuvi-Cell oral spray and Rejuvi-Sea and Rejuvi-Stem pills could treat a broad range of medical conditions: everything from cancer, Alzheimer’s disease, and Parkinson’s disease to hepatitis, heart attacks, and high cholesterol. In promoting the products, which sold in packages priced between $350 and $800, the company checked the buzzword boxes with science-y sounding terms like homeopathic, adult stem cell enhancement, and marine phytoplankton. The company claimed that diseases like diabetes, rheumatoid arthritis, and dementia “could be greatly reduced if not eliminated” through the use of its products. According to the complaint, Health Center’s telemarketers – who were instructed to follow the scripts word-for-word – told consumers the main ingredient of Rejuvi-Sea “alkalizes your body . . . so you can’t grow cancer cells.” Then there were heartfelt testimonials from purported customers who described themselves as “walking on air” and “amazed and redeemed,” thanks to the products. But the FTC says the company hasn’t conducted any studies demonstrating the products cure or treat any diseases or health conditions and there are no human clinical studies in the scientific literature to that effect. What’s more, the lawsuit alleges that some of those glowing endorsements that appeared to come from satisfied customers across the country were actually “own-dorsements” – testimonials from Health Center’s own employees. To settle the case, the defendants have agreed to injunctive provisions, including a requirement that a broad range of health claims must have the support of randomized, double-blind, and placebo-controlled human clinical testing. Almost all of the $8.6 million judgment will be suspended, based on their financial condition. Aside from the obvious points that the FTC continues to take a close look at cures targeting older consumers and that companies shouldn’t palm off endorsements from employees as independent opinions, the case illustrates two other important principles. First, the defendants’ unlawful practices were the subject of an earlier enforcement action by the Iowa Attorney General. Companies shouldn’t have to be told once of the need to substantiate their health claims – and they certainly shouldn’t have to be told twice. Second, the complaint includes a count for violating the Telemarketing Sales Rule, which prohibits misrepresentations about “any material aspect of the performance, efficacy, nature, or central characteristics of goods or services that are the subject of a sales offer.” That’s yet another reason to keep your telemarketing efforts above board.  

Start with security – and stick with it lfair July 28, 2017 | 11:30AM Start with security – and stick with it By Thomas B. Pahl, Acting Director, FTC Bureau of Consumer Protection When it comes to data security, what’s reasonable will depend on the size and nature of your business and the kind of data you deal with. But certain principles apply across the board: Don’t collect sensitive information you don’t need. Protect the information you maintain. And train your staff to carry out your policies. The FTC’s Start with Security initiative was built on those fundamentals. As we mentioned in last week’s introductory post, we’re calling this series Stick with Security because each blog post will offer a deeper dive into one of the ten principles discussed in Start with Security. Although the principles remain unchanged, we’ll use these posts – one every Friday for the next several months – to explore the lessons of law enforcement actions announced since Start with Security, to reflect on what businesses can learn from investigations that FTC staff ultimately closed, and to address experiences businesses have shared with us about how they implement Start with Security in their workplaces. Don’t collect personal information you don’t need. It’s a simple proposition: If you don’t ask for sensitive data in the first place, you won’t have to take steps to protect it. Of course, there will be data you must maintain, but the old habit of collecting confidential information “just because” doesn’t hold water in the cyber era. There’s another advantage of collecting only what you need. A lean subset of confidential data is easier to protect than massive amounts of sensitive information stockpiled on networks and in file cabinets throughout your company. Businesses that sensibly limit what they collect have already reduced their security risks and streamlined their compliance procedures. Example: A local garden center introduces a frequent buyer program. The application asks customers for a substantial amount of personal information, including Social Security numbers, and the garden center maintains the applications in its files. Because the store has no business reason to collect customers’ Social Security numbers, it’s taking an unnecessary risk by asking for that information in the first place and exacerbating that risk by keeping customers’ applications on file. Example: A bakery sends customers a coupon for a free birthday muffin. Rather than maintaining a record of all customers’ dates of birth – information that could be combined with other data and used for unauthorized purposes – the bakery directs its cashiers to add only the customer’s name, email address, and birth month to the database. Although there are legitimate reasons why other businesses might need to retain a customer’s date of birth, the exact day, month, and year isn’t necessary for the bakery’s birthday promotion. Example: A tire shop experiences a breach involving information about its 7000 customers. The data includes customers’ names, loyalty numbers for the shop, and the date of their last tire rotation. FTC staff decides not to pursue a law enforcement action because, among other factors, the company had made the sound decision not to collect sensitive information unnecessarily and had taken reasonable steps to secure its network in light of the limited information it maintained. Hold onto information only as long as you have a legitimate business need. Movie fans will remember the last scene of “Raiders of the Lost Ark” – a football field-sized warehouse stacked to the vaulted ceiling with everyday items piled alongside priceless treasures. That’s how data thieves view some businesses’ haphazard method for maintaining their networks and files. Security-conscious companies make it a practice to review the data in their possession periodically, assess what they should maintain, and securely dispose of what’s no longer needed. Example: A large company attends recruiting fairs in cities around the country to attract professional talent. After each candidate completes an initial interview, the human resources personnel who staff the company’s booth enter information about the person on an unencrypted company laptop. Data entered by the HR staff includes the candidate’s resume, information regarding security clearance status, and the candidate’s salary demand. The same unencrypted laptop is used at every recruiting fair and the data of previous candidates is never removed. The company has likely missed critical opportunities to dispose of candidates’ sensitive information it no longer needed, including data from people it decided to not hire. Don’t use personal information when it’s not necessary. Of course, there will be times when your business will need to use sensitive data, but don’t use it in contexts that create unnecessary risks. Example: A company sells pet supplies through hundreds of sales representatives across the country. The company wants to hire a developer to design an app that sales representatives can use to access customer accounts. Those account files contain names, addresses, and financial information. To explain the scope of the project, the company sends interested app developers sample account files of actual customers. The more secure choice would have been to create mock files that don’t include sensitive customer information. Train your staff on your standards – and make sure they’re following through. What poses the greatest risk to the security of sensitive information in your company’s possession? And what’s your #1 defense against unauthorized access? The answer to both questions is your staff. Train new employees – including seasonal workers and temps – on the standards you expect them to uphold. Devise sensible monitoring procedures to make sure they’re complying with your rules. Because the nature of your business may change and threats will evolve, conduct “all hands on deck” refreshers to explain new policies and reinforce your company’s rules of the road. Once you’ve educated your staff about the standards, deputize them to come forward with suggestions about improving your procedures. Encourage a collaborative process that takes advantage of everyone’s expertise. A C-suite executive may have great big-picture ideas, but if you’re looking for practical advice about protecting sensitive paperwork that people send to your company, consult the man in the mailroom, too. Example: Before new employees are given network access, a company requires them to participate in in-house training. To encourage their attention, the presentation features brief interactive quizzes. In addition, the company includes security-related tips in its weekly email updates to all employees and periodically requires them to take refresher courses. By training its staff on how to handle sensitive data and reinforcing its policies with regular reminders and supplemental security education, the company has taken steps to encourage a culture of security. Example: A company provides payroll services for small businesses. Once a month, a member of the IT staff is tasked with deactivating the network access and passwords of employees who have left the company within the past 30 days. The more secure practice would be to train the IT staff to block former employees’ access immediately upon their departure. When feasible, offer consumers more secure choices. Think through your data collection practices both in the day-to-day operation of your business and in the products, services, apps, etc., you offer consumers. Design your products to collect sensitive information only if it’s necessary for functionality and clearly explain your practices to consumers up front. Consider how you can use default settings, set-up wizards, or toolbars to make it easier for users to make more secure choices. For example, if your product offers a range of privacy choices – from secure settings for less experienced users to advanced options for “black diamond” pros – set the out-of-the-box defaults at the more protective levels. Example: A company manufactures a router that allows consumers to access documents on their home computers while they’re away from home. By default, the router gives anyone on the internet unauthenticated access to all the files on the connected storage devices attached to consumers’ routers, which may include financial data, health records, and other highly sensitive information. The product manual and set-up wizard don’t explain these defaults and don’t make it clear to users what’s going on. The company could have reduced the possibility of unauthorized access by configuring its default settings in a more secure fashion. Next in the series: Control access to data sensibly.  

Billions back to consumers for VW’s false “clean diesel” claims lfair June 28, 2016 | 9:33AM Billions back to consumers for VW’s false “clean diesel” claims By Lesley Fair The FTC just announced a partial settlement with Volkswagen Group of America that will return as much as $10 billion to owners and lessees of VW and Audi 2.0 liter diesel cars. As the largest false advertising case in FTC history, it’s a record-breaking win for consumers – and it’s in keeping with the law-breaking nature of the deception the FTC alleged in its lawsuit against VW.“Clean diesel” was the focus of Volkswagen’s massive marketing campaign pitching its vehicles as an attractive option for environmentally-conscious car buyers. But according to the FTC, VW scored those emissions numbers by installing in each car a “defeat device” that cheated on testing.In a related partial settlement with the U.S. Department of Justice and California Attorney General, Volkswagen will spend an another $4.7 billion to mitigate pollution and invest in the increased use of zero-emissions cars. That portion of the case stems from charges by the U.S. Environmental Protection Agency and the California Air Resources Board (CARB) that Volkswagen violated the Clean Air Act and the California Health and Safety Code.What will owners and lessees of affected VWs and Audis get under the settlement? They’ll have their choice of:a buyback or early lease termination that factors in an additional cash payment; orif approved by the EPA and CARB, a modification to their car to improve emissions and a cash payment. (Some former owners and lessees may be eligible for a cash payment, too.) Right now, consumers can use these charts to estimate how much they’ll get:Options for OwnersOptions for LesseesThese factors also affect compensation:Passat and A3 Mileage AdjustmentsBeetle and Jetta Mileage AdjustmentsGolf Mileage AdjustmentsRegional ChartOwners and lessees should visit VWCourtSettlement.com, enter their Vehicle Identification Number (VIN) to see if their car qualifies, and bookmark the site for updates.After the settlements are approved by the Court, Volkswagen and the attorneys representing owners and lessees will mail eligible consumers an information packet. The exact dollar amount of each buyback will depend on things like the model, year, style, mileage, and options – but consumers will be offered more than the current value of the car to compensate them for VW’s false advertising. Those who opt for a modification will also get a compensation payment.If you have clients who own affected cars, they don’t have to make a decision now. But they should watch their mail for a large envelope and visit VWCourtSettlement.com regularly for updates. Consumers also can call 844-98-CLAIM.With settlements totaling in the multi-billions, it’s hard to imagine that a case could convey a more important big-picture message for advertisers, but we think there is one: Companies owe consumers the truth. The FTC will use the legal tools at its disposal – and will work cooperatively with federal and state agencies and those representing individual consumers – to see that advertisers live up to that obligation. 

Shining a light on misleading claims in auto ads lfair November 24, 2015 | 1:15PM Shining a light on misleading claims in auto ads By Lesley Fair People usually think of beacons as radiant lights that attract attention. But the FTC has charged that two Ohio auto dealers (among other things) used the word in a way that kept consumers in the dark. Ads for Progressive Chevrolet Company and Progressive Motors prominently claimed “Sign & Drive Leases ZERO DOWN!!!!!!” and “ALL LEASES ARE Zip, Zero, Zilch – Nothing Down!” By our count, the companies featured one of those “z” words a total of 31 times in the ad. In addition, each picture of a vehicle was accompanied by an eye-catching cost per month. Now to shed some light on the lawsuit’s “beacon” concern. In small print at the very bottom of the ad, it said “Subject to 800 beacon score or higher.” In that context, the “beacon” in question was actually “BEACON,” one type of industry-specific credit score upon which auto financers rely. But do consumers know their BEACON score? Do they even know what a BEACON score is? We can tell you this much. Fewer than 20% of consumers have a BEACON score of 800 or higher, the minimum required to qualify for those advertised payments and “zero” deals. The complaint alleges that Progressive Chevrolet and Progressive Motors violated the FTC Act by representing expressly or by implication that consumers could lease the advertised autos for the down payment and monthly payment prominently featured in the ad. According to the FTC, the companies didn’t adequately disclose that few people would qualify. The FTC also charged that the dealers violated the Consumer Leasing Act and Reg M by stating a monthly payment amount – a term that triggers certain disclosures – without providing the additional information required by law.  To settle the case, the companies have agreed not to misrepresent the cost of leasing or financing. In addition to mandating Consumer Leasing Act and Reg M compliance, the proposed order prohibits any material misrepresentation about the price, sale, financing or leasing of a vehicle. The companies are also barred from advertising a payment amount, or that any or no initial payment is required, without clearly disclosing that the transaction is a lease, the total amount due at consummation or delivery, the number of payments and their amounts and timing, whether a security deposit is required, and that there may be an extra charge at the end of the lease where the consumer’s liability (if any) is based on the difference between the vehicle’s residual value and its value at the end of the lease. What about those sweet deals that only a select few can actually get? In the future, if the companies choose to advertise a monthly payment, periodic payment, down payment, or length of any payment term, they also have to clearly disclose all restrictions or qualifications on a person’s ability to get the advertised deal. If the ad states that consumers must meet a certain credit score to qualify for the offer and a majority of consumers aren’t likely to meet that score, the ad must clearly and conspicuously disclose that fact. What’s the takeaway for other dealers? Clearly and conspicuously disclose material qualifications or limitations on an advertised deal. (Fineprint footnotes aren’t likely to meet that standard.) Furthermore, you’re probably safe with “zebra” and “zombie,” but exercise caution before using “zero” or one of those other “z” words without clearly explaining up front the strings that may be attached. Refer to the Business Center’s Automobiles page for compliance resources.  

Where HireRight Solutions went wrong wfg-adm109 August 8, 2012 | 11:02AM Where HireRight Solutions went wrong By Lesley Fair Most job seekers are familiar with the basics:  Wear a clean shirt, extend a firm handshake, and don’t ask about vacations in the first 10 minutes of the interview.  But these days more businesses are digging deeper.  Tulsa-based HireRight Solutions is a background screening company that thousands of employers use to check out current employees and people applying for jobs.  When it comes to Fair Credit Reporting Act compliance, the FTC says HireRight Solutions got it wrong by not using reasonable procedures to ensure the accuracy of the information it was selling. The upshot: a $2.6 million civil penalty, the second-largest ever in an FTC FCRA case.The background screening reports that HireRight Solutions sells are “consumer reports” under the FCRA.  How so?  We’re leaving out some of the legalese, but the short answer is that they include information “bearing on a consumer’s credit worthiness, credit standing, credit capacity, character, general reputation, personal characteristics, or mode of living which is used or expected to be used or collected in whole or in part for the purpose of serving as a factor in establishing the consumer’s eligibility” for credit, insurance, employment, or other purposes authorized under the FCRA. (Yes, that’s the short answer.)Companies that sell or provide those reports are “consumer reporting agencies” under the statute.  (Just as an aside, the law uses the word “agency,” but these are private companies we’re talking about — not agencies like government agencies.)  Under the FCRA, consumer reporting agencies have a legal obligation to follow reasonable procedures to assure the maximum possible accuracy of the information the reports contain.  That’s where the FTC says HireRight Solutions didn’t get it right.According to the complaint, the company didn’t take reasonable steps to make sure the info in the reports was current and reflected updates, like the expungement of criminal records.  The FTC says that sometimes the reports included multiple entries for the same offense.  What’s more, some reports listed convictions for people other than the applicant or employee — even though the person with the criminal record had a different middle name or date of birth.  If a tomato soup stain on a tie can torpedo a job applicant’s chances, imagine the effect of a wrongly reported rap sheet.But the violations didn’t end there.  The FCRA gives people the right to know about information reported to potential employers and sets up mandatory procedures people can use to challenge information they believe is inaccurate.  According to the complaint, the company failed to live up to the FCRA’s requirements that it turn over files to people who ask for them, didn’t conduct a reasonable investigation when people disputed the accuracy of information, and didn’t give people written notice of the results of investigations.  For example, the FTC alleges that HireRight Solutions had a big backlog because it didn’t hire enough staff to respond to people’s concerns about inaccuracies.  The complaint also charges that the company set up unreasonable hoops people had to jump through to exercise their rights under the FCRA.In addition, the FCRA has special requirements for consumer reporting agencies when their reports contain public record information that’s used for employment purposes.  If that info is likely to have an adverse effect on a person’s ability to get a job, the law gives companies like HireRight Solutions two choices: 1) notify the person anytime public record information is being reported; or 2) maintain “strict procedures” designed to ensure that reported public record data is complete and up to date.  The complaint charges that HireRight Solutions had a system in place for notifying people, but it was too clunky to be of much practical use.  The FTC also charged that the company didn’t maintain the strict procedures the law requires.  In addition to the $2.6 million penalty, the stipulated order puts provisions in place to change how HireRight Solutions does business going forward.Interested in a refresher on the dos and don’ts of using reports in the hiring process?  Read Using Consumer Reports: What Employers Need to Know, available on the BCP Business Center’s Credit Reporting page.  We also have information especially for your HR team.If you’re looking for a job, learn more about your rights under the FCRA by reading Employment Background Checks and Credit Reports and watching a new video from the FTC:

Science, reliance, and compliance wfg-adm109 December 15, 2011 | 8:52PM Science, reliance, and compliance By Lesley Fair The FTC v. Lane Labs story started with shark cartilage and the latest chapter involves a contempt ruling from a federal judge. If the FTC’s advertising substantiation doctrine is relevant to your company or your clients — and it should be — you’ll want to keep tabs on the case. The FTC’s original action challenged allegedly deceptive anti-cancer claims for two products: BeneFin, a shark cartilage supplement, and SkinAnswer, a skin cream. In addition to a $1 million redress order, Section III of the settlement required the defendants to have competent and reliable scientific evidence to substantiate future health claims. Section IV barred misrepresentations about “the existence, contents, validity, results, conclusions, or interpretations of any test, study or research.” In 2007, the FTC filed civil contempt charges, alleging that the defendants had violated the order. The complaint challenged claims for AdvaCal, a calcium supplement touted as vastly superior to competing calcium products and prescription drugs used to treat osteoporosis, and Fertil Male, a plant derivative advertised to improve fertility. The trial court denied the FTC’s contempt motion, ruling that Lane Labs had “acted in accordance with the spirit” of the order by consulting experts “who opined that the research supporting the product and the product itself were good.” But even if Lane Labs had violated the order, the trial court held that the company was entitled to a defense of substantial compliance, noting that it had undertaken “considerable effort” to comply. On appeal, the United States Court of Appeals for the Third Circuit vacated the trial court’s ruling that the defendants had substantially complied and remanded the case for additional findings. The Court’s discussion of Lane Labs’ superiority claim should be of particular interest to marketers. According to the Court, the company president had sent a pitch letter to the editor of a newsletter describing AdvaCal as “a revolutionary calcium supplement . . . that has been clinically shown to actually build postmenopausal bone density, without the side effects of hormonal drugs or supplements.” The newsletter published an article praising AdvaCal, saying that it “works as well or better than [leading prescription drugs], and without the substantial side effects and risks.” However, as the Third Circuit observed, AdvaCal “has never undergone scientific testing for comparison with any prescription drug.” At trial, the defendants argued that the representation wasn’t theirs and they had no control over the content in the newsletter. The Third Circuit was unconvinced, stating “This assertion was, quite simply, more than a stretch.” It noted that the company had paid for the right to distribute the article and did so “extensively” in direct mail packets and in-store displays. “In short,” the Court held, “the Lane defendants adopted [the newsletter’s] characterization by aggressively promoting the newsletter’s content. They cannot run from the representation now that its veracity has been subjected to the spotlight.” Because the trial court didn’t expressly address the superiority claim or Lane Labs’ use of the article to promote AdvaCal, it was unclear to the Third Circuit “whether the Court found substantiation for the claim or whether it accepted Lane Labs’ attempt to absolve itself from propagating the representation.” In either event, ruled the appellate court, “there is no dispute that the comparability/superiority claim was unsupported by competent or reliable scientific evidence and, by their own admission, the Lane defendants used this claim to market AdvaCal,” in violation of Section III of the order. As to other ad claims, the Third Circuit remanded the case for additional findings. The Third Circuit held that the trial court’s characterization of AdvaCal as a “good product” did not “relieve it of the duty to make particularized findings of fact germane to the purported misrepresentations challenged by the FTC. Rather, it was incumbent upon the Court to examine the alleged misrepresentations in detail and to explicitly find whether each transgressed the proscriptions” of the order. On remand, the trial court ruled in a November 18th opinion that the defendants had violated Section III of the 2000 order by deceptively claiming that AdvaCal is three-to-four times more absorbable than other calcium supplements. In addition, the court held they had violated Section IV “by misrepresenting research, tests, and studies in graphs and charts prominently featured in AdvaCal’s advertisements.” The court also rejected the defendants’ claim that they had substantially complied with the order, concluding that the violations weren’t merely technical or inadvertent. Rather they went to the “core substance” of the order and “were not the result of oversight or neglect.” While noting what the court described as the defendants’ “good faith,” it concluded, “Good faith alone, however, does not bar a conclusion that Defendants acted in contempt.” The court granted the FTC’s contempt motion, but will rule later on the remedy.

The Fair Credit Reporting Act & social media: What businesses should know wfg-adm109 June 23, 2011 | 10:23AM The Fair Credit Reporting Act & social media: What businesses should know By Lesley Fair You have some job openings at your company or maybe you’re thinking of promoting people to new positions. You’ve winnowed that stack of resumes down to some promising candidates. Now it’s nitty gritty time: background checks. Employment background checks can include information from a variety of sources: credit reports, employment and salary history, criminal records — and these days, even social media.  But regardless of the type of information in a report you use when making hiring decisions, the rules are the same. Companies providing reports to employers and employers using reports must comply with the Fair Credit Reporting Act. The FTC staff recently looked at a company selling background reports that include information from social media to see if they were complying with FCRA.  Staff’s letter to the company emphasized that when reports include information derived from social media, the same rules apply.  For example, companies selling background reports must take reasonable steps to ensure the maximum possible accuracy of what’s reported from social networks and that it relates to the correct person.  They have to comply with other FCRA sections, too — like providing copies of reports to people and having a process in place if people dispute what’s said about them in a report.  In addition, companies must give employers who use their reports information about employers’ responsibilities under FCRA — like their obligation to provide employees or applicants with advance notice of any adverse action taken on the basis of the reports. Another key requirement:  Companies selling background reports for employment must require that employers certify the report won’t be used in a way that would violate federal or state equal employment opportunity laws or regulations. Of course, given the sensitive nature of the information in reports, everyone — companies selling the reports and employers using them — has a legal obligation to keep them secure and dispose of them properly. Read Employment Background Checks and Credit Reports to find out more about what the law says about using credit reports in the workplace.