Photo of Jessica Rich

Email
(202) 342-8580
Bio   LinkedIn

By now, most of our readers have likely heard about the FTC’s proposed rule to ban noncompete clauses in employment contracts, including from Kelley Drye’s other posts on the topic discussing the sheer breadth of the proposal and the potential implications for employers.  In this post, we zero in on an issue that merits a lot more attention than it’s getting – namely, the serious legal and practical questions that the FTC’s proposal raises.  

Brief recap of how we got here and what the rule would require

This is the first of many rulemakings that the FTC has said it will launch based on its supposed authority to issue rules banning “unfair methods of competition” (“UMCs”) under the FTC Act. Notably, starting with a statement of regulatory priorities submitted to OMB in December 2021, the FTC has said repeatedly that it may launch multiple competition rulemakings based on this authority (as well as multiple consumer protection rulemakings based on its Magnuson-Moss authority, which it has done). More recently, the FTC issued a policy statement taking an expansive view of what’s an UMC, so the scope of the FTC’s intended reach here could be very broad indeed.   

Continue Reading The FTC’s Proposal to Ban Noncompetes is on Shaky Legal Ground

Just in time for the holidays, the FTC has released two companion settlements resolving allegations that Epic Games (maker of the popular video game Fortnite) violated the Children’s Online Protection Act (COPPA) and the FTC Act, with Epic to pay $520 million in penalties and consumer redress. The cases build on existing FTC law and precedent but add new dimensions that should interest a wide array of companies subject to FTC jurisdiction.    

Notably, the first case alleges COPPA violations (compromising the privacy and safety of users under 13) but adds allegations that Epic violated teens’ privacy and safety, too. And the second case alleges unauthorized in-app purchases – not just by kids, which was the focus of earlier FTC cases, but by users of all ages. Both cases rely on unfairness theories in extending their reach. Both incorporate the (now ever-present) concept of dark patterns (generally defined as practices that subvert or impair user choice). And both got a 4-0 Commission vote, with a strong concurrence from Republican Commissioner Wilson explaining her support for the FTC’s use of unfairness here. Neither case names any individuals.  

The privacy case

The FTC’s privacy case alleges that, for over two years following Fortnite’s launch in 2017, Epic allowed kids to register with no parental involvement, and for kids and teens to play the game with features enabling them to communicate in real time with anyone on the platform. According to the FTC, these practices subjected kids and teens to bullying, harassment, threats, and “toxic” content, including “predators blackmailing extorting, or coercing children and teens…into sharing explicit image or meeting offline for sexual activity.” Further, says the FTC, Epic knew about these problems, resisted fixing them and, when it finally took action, added controls that were hard to find and use, and failed to cure the violations.     

Continue Reading Two Epic Cases from the FTC: Spotlight on COPPA, Unfairness, Teens, Dark Patterns, In-App Purchases, Cancellations, and More

Since Lina Khan took the reins of the FTC, the agency has launched five new rulemakings under its Section 18 (“Mag-Moss”) authority – specifically, rules to combat government and business impersonation scams, deceptive earnings claims, “commercial surveillance,” deceptive endorsements, and “junk fees.” (I’m excluding here revisions to existing Mag-Moss rules, as well

In a case that will likely resonate with many readers, the FTC’s recent settlement with Vonage describes in excruciating detail the obstacles and costs that Vonage allegedly imposed on consumers when they tried to cancel their phone service.  In many ways, it’s a typical FTC case involving deception, unauthorized charges, and misuse of a “negative option” that makes it simple to sign up and almost impossible to cancel.  However, the FTC’s characterization of the practices as “dark patterns,” coupled with some other features, make this case stand out.  Indeed, any company with a “customer retention strategy” (which is apparently what this was) would be wise to pay attention.

The FTC’s Complaint  

According to the FTC’s complaint, Vonage provides internet based phone service (known as Voice Over Internet Protocol or VOIP) to consumers and small businesses. Monthly charges range from $5-50 for individual customers and can be as high as thousands of dollars for small businesses.  In many cases, Vonage signs up consumers using a negative option plan that requires them to cancel by certain date before being charged.

The complaint alleges that, between 2017 and 2022, Vonage provided several ways to sign up for its plans (including online and via toll free number) but made cancellation much more difficult through numerous hurdles.  It also alleges that, in some cases, monthly fees continued after cancellation; consumers were charged (or threatened with) undisclosed early termination fees (ETFs); and Vonage provided only partial refunds or no refunds at all.  The complaint says that this was all part of a “customer retention strategy” that Vonage pursued despite hundreds of consumer complaints, knowledge among employees, and an earlier settlement with 32 states over similar allegations.

According to the complaint, these practices violated the Restore Online Shoppers’ Confidence Act (ROSCA) (failure to disclose material terms, obtain informed consent before imposing charges, and provide a simple mechanism to stop recurring charges) and Section 5 (charging consumers without their express informed consent).
Continue Reading The FTC’s case against Vonage – Customer Service Nightmare as “Dark Patterns”

As we recently blogged here, the FTC’s review of the COPPA rule has been pending for over three years, prompting one group of Senators, in early October, to ask the agency to “Please Update the COPPA Rule Now.” The FTC has not yet responded to that request (at least not publicly) or made any official moves towards resuming its COPPA review. However, the agency is focusing on children’s privacy and safety in other ways, including by hosting a virtual event on October 19 on “Protecting Kids from Stealth Advertising in Digital Media.”

The FTC’s day-long event examined how advertising that is “blurred” with other content online (“stealth advertising”) affects children. Among other things, the event addressed concerns that some advertising in the digital space – such as the use of influencers on social media, product placement in the metaverse, or “advergames” – can be deceptive or unfair because children don’t know that the content is an ad and/or can’t recognize the ad’s impact.

The event focused in particular on: (1) children’s capacity at different ages to recognize advertising content and distinguish it from other content; (2) harms resulting from the inability of children to recognize advertising; (3) what measures can be taken to protect children from blurred advertising content; and (4) the need for, and efficacy of, disclosures as a solution for children of different ages, including the format, timing, placement, wording, and frequency of disclosures. The FTC has also sought public comment on these topics (until November 18).

The event dove deeply into these issues, with help from a range of legal, policy, behavioral, and communications experts. (See here for the agenda and list of panelists.) The discussion was interesting and substantive, and built on actions already undertaken in Europe and California to develop Age-Appropriate Codes governing child-directed content. However, the event left open the question of whether and how the FTC intends to address the issues discussed. Will it proceed via guidance or rulemaking?  If rulemaking, does it plan to use COPPA, the pending Mag-Moss rulemaking on “commercial surveillance,” or some other regulatory vehicle?

All of these options present challenges: COPPA gives parents the tools to control the content that their children see, but generally doesn’t regulate the content itself. Mag-Moss is a long process, which the FTC has made especially complex with its sprawling ANPR. Finally, any rulemaking restricting kids’ advertising could run into the specific Mag-Moss provision (discussed here) limiting the FTC’s regulatory authority in this area. (On the other hand, protecting kids’ privacy and safety tends to be a bipartisan issue, which will assist the agency as it seeks to address these issues.)

Here’s more detail on what happened at the workshop:
Continue Reading Blurred Lines: A Rundown on the FTC Workshop “Protecting Kids from Stealth Advertising in Digital Media”

In late September, we blogged about a lawsuit that the Chamber of Commerce and other business groups filed against the CFPB, challenging the CFPB’s update to its Supervision and Examinations Manual. As updated, the manual now states that discrimination is an “unfair” practice under the Dodd-Frank Act, and that the agency plans to scrutinize it

Amidst all of the recent news and developments about the privacy of kids and teens (including multiple Congressional hearings; Frances Haugen’s testimony; enactment of the UK’s and California’s Age Appropriate Design Codes; the Irish DPC’s GDPR decision against Instagram; numerous bills in Congress; and the FTC’s ongoing focus on kids’ privacy in policy statements, workshops, and its “commercial surveillance” rulemaking), the FTC still has a powerful tool that seems to be sitting on the back-burner: the Children’s Online Privacy Protection Act (COPPA) and its implementing rule.

But some members of Congress just wrote a letter to the FTC, asking it to make COPPA a priority.

Background on COPPA 

As most of our readers know, COPPA protects the privacy of kids under 13, mostly by requiring kid-directed web sites or apps, or sites/apps that have actual knowledge they’re dealing with kids, to get parental permission before collecting, using, or sharing kids’ data.  Enacted in 1998, COPPA is now nearly 25 years old, a dinosaur in today’s fast-moving world of privacy.  However, using the APA rulemaking authority granted in COPPA, the FTC has amended its COPPA rule to ensure that it keeps pace with developments – for example, extending the rule to ad networks and plug-ins; adding geolocation, persistent identifiers, photos, and videos to the definition of “personal information”; and strengthening the rule’s requirements governing data security, retention, and deletion.

However, those updates to COPPA became final in 2013 – almost ten years ago – and the FTC hasn’t amended the rule since then.  Although the FTC initiated a rule review in July 2019, that review is still pending more than three years later. According to Regulations.gov, the Commission received over 176,000 public comments in the rule review.  That’s a lot of comments, but it surely can’t explain such a lengthy delay.
Continue Reading Congress to FTC: “Please Update the COPPA Rule Now”

Most people would generally agree that discriminating on the basis of race, color, religion, disability, or similar factors is a bad thing to do – indeed, that it’s “unfair” within the common meaning of the word.  It’s also illegal in various circumstances – e.g., the Equal Credit Opportunity Act prohibits certain forms of discrimination in