FTC, Bloggers, and Disclosure

The Federal Trade Commission is continuing to pursue bloggers who fail to disclose that they received incentives to discuss a company’s products. Back in December, the Federal Trade Commission released new guidelines that specifically required bloggers to disclose any material connections to a product or company they are writing about. The FTC is focusing its efforts on the company.

The latest company snared in the failure to disclose is Hyundai. The FTC took a close look at a promotion in which bloggers were given gift certificates as an incentive to include links to Hyundai videos in their posts or to comment on Hyundai’s Super Bowl ads. One focus was whether the bloggers were told to disclose or were told not to disclose that they had received compensation.

It seems Hyundai’s first defense was that it wasn’t their fault, but he fault of their advertising agency. The FTC won’t take that defense and pointed out that advertisers are legally responsible for the actions working directly or indirectly for them.

What saved Hyundai is that their established social media policy calls for bloggers to disclose the receipt of compensation. What saved Hyundai’s advertising agency was that their established social media policy calls for bloggers to disclose the receipt of compensation.

By having the policies in place, Hyundai and the advertising agency were able to establish that the bad actions were those of rogue employee operating outside the established policies of the firms. That’s compliance in action.

Sources:

Is Your Copier in Compliance?

I remember the days of the mimeograph. In class people would inevitably sniff the newly printed pages. For a teacher, the danger was that the latent copy would fall into the wrong hands. Animal House highlighted that danger.

Current day copiers are much more advanced than the mimeograph, but the dangers of the latent copy still exist. Most modern copy machines are just special purpose computers. Like all computer they have a hard drive. On that hard drive, they store the images of the documents they copy and scan.

That’s not a problem until you give back the copier. Then you should be concerned that the next person who gets it could just pull up some of your documents from the hard drive. Last year, CBS highlighted this problem in an investigative piece by Armen Keteyian: Digital Photocopiers Loaded With Secrets.

Now the Federal Trade Commission has decided to take a stance. Not a definitive stance, but guidance. The FTC points out that companies must maintain reasonable procedures to protect sensitive information. That may include your copy machine.

When you finish using the copier:

Check with the manufacturer, dealer, or servicing company for options on securing the hard drive. The company may offer services that will remove the hard drive and return it to you, so you can keep it, dispose of it, or destroy it yourself. Others may overwrite the hard drive for you. Typically, these services involve an additional fee, though you may be able to negotiate for a lower cost if you are leasing or buying a new machine.

Sources:

The Second FTC Action for Online Endorsements

Back in December, the Federal Trade Commission released new guidelines that specifically required bloggers to disclose any material connections to a product or company they are writing about. In May, they brought their first action under those guidelines against Ann Taylor. The FTC declined to bring an enforcement action.

Last week, they brought their second action. A public relations agency hired by video game developers had employees pose as ordinary consumers posting game reviews at the online iTunes store, and did not disclose that the reviews came from paid employees working on behalf of the developers.

This time they decided to enforce. Reverb Communications, Inc. and its sole owner, Tracie Snitker, are required to remove any posted endorsements that misrepresent the authors and fail to disclose the connection between Reverb and Snitker and the seller of a product or service. Reverb would get paid to promote the games and would often get paid a percentage of sales.

The posted reviews were published between November 2008 and May 2009. The endorsed products by giving them 4 and 5 star ratings in iTunes. They also submitted positive written comments like these:

  • “Amazing new game”
  • “ONE of the BEST”
  • “One of the best apps just got better”

I’m sure you noticed that the publication dates of the reviews predate the new guidelines were finally adopted. That means the FTC is willing to go back retroactively and enforce these guidelines.

Sources:

FTC and Bloggers

Back in December, the Federal Trade Commission released new guidelines that specifically required bloggers to disclose any material connections to a product or company they are writing about.

The FTC had opened an investigation against Ann Taylor Stores for providing gifts to bloggers who the company expected would post blog content about Ann Taylor’s LOFT stores.

Apparently Ann Taylor missed the memo from their law firm about these guidelines.  LOFT held a preview of their Summer 2010 collection and provided gifts to bloggers at January 26, 2010 event. Bloggers who attended failed to disclose that they received gifts for posting blog content about that event.

“Depending on the circumstances, an advertiser’s provision of a gift to a blogger for posting blog content about an event could constitute a material connection that is not reasonably expected by readers of the blog.”

The FTC decided not to bring an enforcement action and Ann Taylor escaped punishment. The FTC gave these reasons:

  1. The January 26,2010 preview was the first (and, to date, only) such preview event.
  2. Only a very small number of bloggers posted content about the preview, and several of those bloggers disclosed that LOFT had provided them gifts at the preview.
  3. LOFT adopted a written policy in February 2010 stating that LOFT will not issue any gift to any blogger without first telling the blogger that the blogger must disclose the gift in his or her blog.

Apparently, LOFT posted a sign at the event stating that bloggers should disclose that they received gifts. It seems clear that companies should get a signed agreement from their endorsers about their requirement to disclose before handing out gifts.

As the FTC had stated when the released the Guidelines, they went after the company not the bloggers. Although the FTC may go after the bloggers also.

Sources:

Feds Release Usable Model Consumer Privacy Notice

There was much cheering when federal regulators finally released their Final Model Privacy Notice Form back in November.

That was quickly followed by a gnashing of teeth when it turns out the regulators did not understand the concept of a form or how to use Adobe Acrobat. They merely created a static document that you would have to spend hours trying to recreate.

They finally released version of the model privacy notice that is a fillable form using adobe acrobat.

To obtain a legal “safe harbor” and so satisfy the Gramm-Leach-Bliley Act’s disclosure requirements, institutions must follow the instructions in the model form regulation when using the Online Form Builder.

Sources:

You Are Here: From the FTC for Your Kids

You Are Here

We’re from the government. We’re here to help.

The Federal Trade Commission has launched a new site designed to help kids learn to protect their privacy, spot frauds and scams, and avoid identity theft.

You Are Here is set up as a virtual mall.

  • Visit the West Terrace to learn about advertising techniques, target marketing, and suspicious claims.
  • Visit the Food Court to learn about business competition, supply and demand, the history of the FTC, and mergers and monopolies.
  • Visit the Security Plaza to learn about protecting your privacy (online and off), and protect the citizens of Earth against identity-stealing invaders.
  • Visit the East Terrace to learn about bogus modeling offers, “free” vacations, “miracle” products, and tip-offs to rip-offs.

You can read more about You Are Here in a story on GeekDad: You Are Here: From the FTC for Your Kids.

FTC Guidelines Are In Effect

Today is a the day. The FTC’s recent updates to its Guides Concerning the Use of Endorsements and Testimonials in Advertising are now in affect.

To comply with the Guides, individuals (bloggers, users of social media) must disclose every “material connection” or relationship they have with an advertiser.

How to comply with the changes?

  • Disclose whenever you have a relationship with an advertiser, product or company.
  • Disclose when you are discussing a product or anything of value that you received for free or at a special discount. You can be a fan but as soon as you’ve received something of value, you need to disclose what you’ve received when writing about it.
  • Disclose where you work when you mention your employer, its competitors, or its industry in a blog post, tweet or comment online.

How do you make a disclosure? It’s very simple.

  • “I work for Company A.”
  • If Company B sends you Item B hoping that you review, disclose in the review that you got Item B for free.
  • If Company C pays the way for to participate in a customer event you might write: “I’m a Company C customer and they paid for my travel to attend this event.”

It’s no big deal. It’s the honest and ethical thing to do.

It may even work in your favor. Others will realize that you’re cheap advertising and send you more free stuff.

By the way, I don’t receive any advertising dollars or endorsements in connection with ComplianceBuilding.com. I generate a few dollars of affiliate income from links to products on Amazon. Much of that goes to the PTO affiliate account for my kid’s elementary school.

I occasionally get some free stuff to review. When I do, I’ll let you know when I write about it. [See this morning’s review of Enterprise 2.0.]

Feel free to send that new BMW for me to review. I will happily post an honest review.

Federal Regulators Issue Final Model Privacy Notice Form

Eight federal regulatory agencies today released the final model privacy notice form. It’s supposed to make it easier for consumers to understand how financial institutions collect and share information about consumers. Under the Gramm-Leach-Bliley Act, institutions must notify consumers of their information-sharing practices and inform consumers of their right to opt out of certain sharing practices. The two model form issued today can be used by financial institutions to comply with these requirements. One form allows consumers to opt out of sharing of personal information. The other form has no opt-out.

Back in April, the Securities and Exchange Commission reopened the period for public comment because they tested the model notices and found weaknesses with the current form.

The final model privacy form was developed jointly by the Board of Governors of the Federal Reserve System, Commodity Futures Trading Commission, Federal Deposit Insurance Corporation, Federal Trade Commission, National Credit Union Administration, Office of the Comptroller of the Currency, Office of Thrift Supervision, and Securities and Exchange Commission. There is also a joint release of the rule that goes along with the Final Model Privacy Form under the Gramm-Leach-Bliley Act

References:

National Data Privacy Laws Move Forward

I'm just a bill from Schoolhouse Rock

With last week’s further revisions to the Massachusetts Data Privacy Law [Massachusetts Amends Its Strict Data Privacy Law (Yet, Again)], people are wondering if the federal government is going to step into the space and create a national standard. Most states have enacted some form of data breach or data privacy law, crating patchwork of laws across the country.

I found three separate bills moving through the legislative process: Data Accountability and Trust Act (H.R. 2221), Personal Data Privacy and Security Act of 2009 (S.1490), and The Data Breach Notification Act (S. 139)

Data Accountability and Trust Act (H.R. 2221)

This bill was in the House Committee on Energy and Commerce and referred to the Subcommittee on Commerce, Trade and Consumer Protection. They recommended it be considered by the House as a whole on September 30.

This act would requires the Federal Trade Commission to promulgate regulations requiring each person engaged in interstate commerce that owns or possesses electronic data containing personal information to establish security policies and procedures.

Personal Data Privacy and Security Act of 2009 (S.1490)

Last week, the Senate Judiciary Committee approved the Personal Data Privacy and Security Act of 2009 by a vote of 14-5, sending the bill to the full Senate for consideration.

This act would amends the federal criminal code to: (1) make fraud in connection with the unauthorized access of sensitive personally identifiable information (in electronic or digital form) a predicate for racketeering charges; and (2) prohibit concealment of security breaches involving such information.

This law would preempt state regulation in this area.

The Data Breach Notification Act (S. 139)

Last week, the Senate Judiciary Committee approved the Data Breach Notification Act by a vote of 14-2, sending the bill to the full Senate for consideration.

This act would requires any federal agency or business entity engaged in interstate commerce that uses, accesses, or collects sensitive personally identifiable information, following the discovery of a security breach, to notify: (1) any U.S. resident whose information may have been accessed or acquired; and (2) the owner or licensee of any such information that the agency or business does not own or license.  The notice must be given “without unreasonable delay” following discovery of the breach.

It also authorizes civil actions by state attorneys general to enforce the act. This act would supersede any other provision of federal law or any provision of law of any state law relating to notification by a business entity engaged in interstate commerce or an agency of a security breach.

These are just bills, so it’s hard to tell what may happen to them. The clock is ticking. The Massachusetts data security law goes into effect on March 1, 2010.

Updated FTC Guidelines Affect Testimonial Advertisements, Bloggers, Celebrity Endorsements

On October 5, the FTC released their updated guidelines to advertisers on how to keep their endorsement and testimonial ads in line with the Federal Trade Commission Act.

The guidelines were last updated in 1980. Clearly technology and publishing has changed significantly in the past 30 years.

The revised Guides also add new examples to illustrate the long standing principle that “material connections” (sometimes payments or free products) between advertisers and endorsers – connections that consumers would not expect – must be disclosed. These examples address what constitutes an endorsement when the message is conveyed by bloggers or other “word-of-mouth” marketers. The revised Guides specify that while decisions will be reached on a case-by-case basis, the post of a blogger who receives cash or in-kind payment to review a product is considered an endorsement. Thus, bloggers who make an endorsement must disclose the material connections they share with the seller of the product or service. Likewise, if a company refers in an advertisement to the findings of a research organization that conducted research sponsored by the company, the advertisement must disclose the connection between the advertiser and the research organization. And a paid endorsement – like any other advertisement – is deceptive if it makes false or misleading claims.

By the way, I don’t receive any income, advertising dollars or free product in connection with ComplianceBuilding.com. If do, I’ll let you know when I write about it. (Feel free to send that new BMW for me to review.)

The other interesting aspect of the Guidelines is how they treat celebrity endorsers. The revised Guidelines make it clear that celebrities must disclose their relationships with advertisers when making endorsements outside the context of traditional ads, such as on talk shows or in social media. I am waiting to hear the first disclaimer on Regis and Kelly.

Text of the Federal Register Noticepdf-2