All Things Newz
Law \ Legal

Wiley Consumer Protection Download (August 29, 2022) – Dodd-Frank, Consumer Protection Act

Welcome to Wiley’s update on recent developments and
what’s next in consumer protection at the Consumer Financial
Protection Bureau (CFPB) and Federal Trade Commission (FTC). In
this newsletter, we analyze recent regulatory announcements, recap
key enforcement actions, and preview upcoming deadlines and events.
We also include links to our articles, blogs, and webinars with
more analysis in these areas. We understand that keeping on top of
the rapidly evolving regulatory landscape is more important than
ever for businesses seeking to offer new and ground-breaking
technologies. Please reach out if there are other topics you’d
like to see us cover or for any additional information.

Regulatory Announcements

FTC Launches Long-Anticipated Trade Regulation
Rulemaking on ‘Commercial Surveillance’ and Data
On August 11, the FTC issued an
Advance Notice of Proposed Rulemaking (ANPR), titled “Trade Regulation Rule on Commercial
Surveillance and Data Security
” (which we summarized in
greater detail here). The wide-ranging ANPR seeks feedback on
dozens of questions regarding consumer privacy, data security, and
algorithmic uses, and discusses a number of potential regulatory
approaches to what the agency calls “commercial
surveillance.” The agency defines “commercial
surveillance” as the “collection, aggregation, analysis,
retention, transfer, or monetization of consumer data and the
direct derivatives of that information,” and “data
security” as “breach risk mitigation, data management and
retention, data minimization, and breach notification and
disclosure practices.” The FTC issued the ANPR under its
Section 5 FTC Act authority, which requires any eventual rule to be
grounded in “unfair or deceptive acts or practices” as
specified in the Act. Comments on the ANPR are due October

FTC Publishes Strategic Plan and Performance Report and
Performance Plan.
On August 26, the FTC
published its FY 2022-2026 Strategic Plan and its FY 2021-2023 Performance Report and
Performance Plan
pursuant to the GPRA Modernization Act of
2010. The FY 2022-2026 Strategic Plan sets the agency’s
priorities for the next five years, the FY 2021 Performance Report
documents the FTC’s performance during 2021 based on the
Strategic Plan for FY 2018-2022, and the FY 2022-2023 Annual
Performance Plan establishes both strategies and targets based on
the new FY 2022-2026 Strategic Plan. The FY 2022-2026 Strategic
Plan sets three goals: (1) to protect the public from unfair or
deceptive acts or practices in the marketplace; (2) to protect the
public from unfair methods of competition in the marketplace and
promote fair competition; and (3) to advance the agency’s
effectiveness and performance. The FTC voted 3-1-1 to publish the
documents, with Chair Khan issuing a statement joined by Commissioners Slaughter
and Bedoya. Commissioner Wilson dissented, and Commissioner Phillips did not

CFPB Releases Circular on Data Security Expectations for
Financial Institutions.
On August 11, the
CFPB published a Circular stating that the
failure of financial institutions, including non-bank financial
companies, to implement sufficient data security measures to
safeguard consumer financial data may constitute a violation of the
Consumer Financial Protection Act of 2010 (CFPA). The CFPA
prohibits financial institutions from engaging in unfair,
deceptive, and abusive acts or practices. The Circular specifically
focuses on a number of security measures, including (1)
multi-factor authentication (MFA); (2) password management; and (3)
timely software updates. For more on the CFPB’s recent data
security Circular, read our summary of the item here.

CFPB Issues Interpretive Rule Regarding the
Applicability of Consumer Financial Protection Law to Digital
Marketing Providers.
On August 10, the
CFPB issued an Interpretive Rule – Limited Applicability of Consumer
Financial Protection Act’s “Time or Space” Exception
with Respect to Digital Marketing Providers
– clarifying
when the exception applies to digital marketers. Section 1002 of
the CFPA defines the term “service provider,” and if a
digital marketing provider is deemed a “service
provider,” the provider is subject to the CFPB’s
supervisory and enforcement authority under the CFPA. However,
Section 1002 sets forth two exceptions to the “service
provider” definition under the CFPA. One of those exceptions
applies to companies that offer or provide covered entities under
the CFPA time or space for an advertisement for a consumer
financial product or service through print, newspaper, or
electronic media. The Interpretive Rule, however, states that where
a digital marketing company is providing “time or space”
for a covered person under the CFPA and is also providing targeted
advertising services – including algorithmic models or other
analytics – the digital marketer will generally not be able
to avail itself of the “time or space” exception and will
be subject to the CFPA as a service provider.

Significant Enforcement Actions

FTC and Department of Justice Bring and Settle Suit
Against COVID-19 PPE Marketer for Allegedly False ‘Made in
USA’ Claims.
On August 9, the FTC announced that the U.S. Department of Justice,
upon the FTC’s referral, filed suit against and reached a settlement
with Adam J. Harmon and his two companies – Axis LED Group,
LLC and ALG-Health LLC – under the COVID-19 Consumer
Protection Act, the Made in USA Labeling Rule, and the FTC Act. The
complaint alleges that the defendants falsely claimed that personal
protective equipment (PPE) that they sold at the onset of the
COVID-19 pandemic: (1) was made in the United States, even though
their products were imported or contained major imported
components; and (2) provided superior protection from COVID-19.
According to the complaint, the defendants’ claims –
including that the products were certified by the National
Institute for Occupational Safety – violated the COVID-19
Consumer Protection Act. The complaint further alleges that the
defendants similarly marketed light fixtures as being made in the
United States when that was not the case. Under the proposed order, Harmon and his companies would
be prohibited from making deceptive U.S.-origin labeling and
advertising claims, and would be required to substantiate all Made
in USA and COVID-19-related claims and pay a $157,683.37 civil
penalty. The defendants are also subject to a $2.8 million redress
judgment, which has been suspended due to the defendants’
inability to pay.

FTC Settles with Healthcare Company for Allegedly Making
False Claims and Charging Excess Fees.
On August
, the FTC announced that it reached a settlement with
Benefytt Technologies (Benefytt) and two of its subsidiaries under
the FTC Act, the Telemarketing Sales Rule (TSR), and the Restore
Online Shoppers Confidence Act (ROSCA). Benefytt is a Florida-based
company that sells association memberships and other
healthcare-related products, often using telemarketers and lead
generators. According to the FTC’s complaint – filed against two of
Benefytt’s former officers, in addition to Benefytt and its two
subsidiaries – Benefytt and its partners operated a series of
deceptive websites aimed at consumers who were looking for
comprehensive health insurance plans that qualified under the
Affordable Care Act (ACA). However, the complaint alleges that
Benefytt’s plans did not qualify under the ACA. The complaint
also alleges that consumers were often charged hundreds of dollars
per month for these products and services, and that Benefytt
bundled unwanted products like life or accident insurance with its
health plans and made it difficult for consumers to cancel. Under
the proposed order, Benefytt and its two
subsidiaries are required to pay a $100 million fine to the FTC and
implement certain injunctive relief.

CFPB Fines Fintech Company $2.7 million for Allegedly
Misleading Consumers About Its Savings Tool.
August 10, the CFPB announced that it issued a consent order against Hello Digit, LLC (Hello
Digit), a fintech company whose core service is an automated
savings tool. According to the CFPB, Hello Digit uses an algorithm
to automatically transfer funds from a consumer’s checking
account, called “auto-saves,” to an account in Hello
Digit’s name. The consent order alleges that Hello Digit
represented that its service “never transfers more than you
can afford,” made a “no overdraft guarantee,” and
represented that, if there were to be an overdraft, Hello Digit
would reimburse consumers, but that it “routinely caused
overdrafts” and the company sometimes failed to reimburse
these consumers. The CFPB further alleges that Hello Digit misled
consumers by claiming that it would not keep any interest earned on
consumer funds, when the company did keep a considerable amount of
interest earned. Under the order, Hello Digit is enjoined from
making misrepresentations about its savings tool and required to
pay $68,145 in redress to consumers and a $2.7 million penalty to
the CFPB.

Upcoming Comment Deadlines and Events

CFPB Solicits Comment on Employee Debt
Comments are due September 7 on the
CFPB’s RFI seeking input regarding debt obligations
incurred by consumers in the context of an employee or independent
contractor arrangement. The RFI seeks information in a number of
areas, including the prevalence of such debt obligations, “the
pricing and other terms of the obligations,” disclosures,
dispute resolution, and debt collection and servicing. The RFI
suggests that such debt obligations may take two forms: (1)
training repayment agreements, which require workers to pay
employers or third-party providers for previously undertaken
training if they terminate their employment within a certain time
period; and (2) debt owed to an employer or third party for the
purchase of equipment and supplies essential to their work or
required by their employer. CFPB Director Chopra signaled that the applicability of the CFPA to
training repayment agreements was a regulatory priority for the
agency at the FTC’s Enforcers Summit in April. The agency also
highlighted these kinds of agreements in a March blog post.

FTC Seeks Comment on Proposed Motor Vehicle Dealers
Trade Regulation Rule.
Comments are due September 12 on a NPRM seeking comment on a proposed trade
regulation rule that would: (1) prohibit automotive dealers from
making certain representations while selling, leasing, or arranging
for the financing of motor vehicles; (2) require pricing
disclosures in automotive dealers’ advertising and sale
discussions; (3) obligate automotive dealers to obtain consumer
express informed consent for charges; (4) prohibit the sale of
add-on products or services that confer no benefit to the consumer;
and (5) require automotive dealers to retain records of
advertisements and customer transactions. The Dodd-Frank Wall
Street Reform and Consumer Protection Act of 2010 authorizes the
FTC to promulgate certain rules related to automotive dealers.

FTC Seeks Comment on Revised Endorsement
Comments are due September 26 on the
FTC’s Request for Public Comment on Amendments to the
Guides Concerning the Use of Endorsements and Testimonials in
(Request for Comment) that proposes a number of
revisions to the FTC’s Endorsement Guides. Among other matters, the
Request for Comment seeks input on treating the deletion of
negative reviews or the decision not to publish negative reviews as
a deceptive act or practice under Section 5 of the FTC Act;
addresses endorsements made on social media posts; and solicits
feedback on adding a section to the Endorsement Guides focused on
advertising towards children. A summary of the Request for Comment
is available here.

FTC Holding Virtual Event on ‘Stealth
Advertising’ Toward Children.
On October
, the FTC will host a virtual event “to examine how best to
protect children from a growing array of manipulative marketing
practices that make it difficult or impossible for children to
distinguish ads from entertainment in digital media.” The
event will examine evolving practices, such as the “kid
influencer” marketplace, and the techniques being used to
advertise to children over the internet. In conjunction with the
virtual event, the FTC is seeking public comment on how children are
impacted by certain digital marketing and advertising messages.
Comments are due November 18.

FTC Seeking Research Presentations for PrivacyCon
Research presentations were due July
for PrivacyCon 2022, which will take place
virtually on November 1. As part of the event, the
FTC is seeking empirical research and presentations on topics
including: algorithmic bias; “commercial surveillance”
including workplace monitoring and “biometric
surveillance”; new remedies and approaches to improve privacy
and security practices; and the privacy risks posed by emerging
technologies for children and teens.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

Source link

Related posts

Updates On Outbound Data Transfers – Privacy Protection

Volunteer Or Employee? – Employee Benefits & Compensation

2021 Annual Report Shows Record CFIUS Activity – Inward/ Foreign Investment