Legal Library: Cases and Proceedings

The Federal Trade Commission has issued a proposed order to settle charges that online counseling service BetterHelp revealed consumers’ sensitive data with third parties such as Facebook and Snapchat for advertising after promising to keep such data private.

InMarket Media will be prohibited from selling or licensing any precise location data to settle Federal Trade Commission charges that the company did not fully inform consumers and obtain their consent before collecting and using their location data for advertising and marketing.

A Federal Trade Commission action against household water treatment funding company Aqua Finance, Inc. (AFI) has led to a settlement that will provide $20 million in refunds and an additional $23.6 million in debt forgiveness for consumers harmed by its dealers’ deceptive sales tactics.

The FTC’s complaint against AFI charges that the company’s nationwide network of dealers went door-to-door, deceiving consumers about the financing terms for water filtering and softening products. According to the complaint, the bogus claims left consumers with thousands of dollars in unexpected debt and huge interest payments, while its financing terms impaired some consumers’ ability to sell their homes. 

The FTC  charged Ring with compromising its customers’ privacy by allowing any employee or contractor to access consumers’ private videos and by failing to implement basic privacy and security protections, enabling hackers to take control of consumers’ accounts, cameras, and videos.

X-Mode Social and its successor Outlogic will be prohibited from sharing or selling any sensitive location data to settle FTC allegations that the company sold precise location data that could be used to track people’s visits to sensitive locations such as medical and reproductive health clinics, places of religious worship and domestic abuse shelters.

Rite Aid is prohibited from using facial recognition technology for security or surveillance purposes for five years to settle Federal Trade Commission charges that the retailer failed to implement reasonable procedures and prevent harm to consumers in its use of facial recognition technology in hundreds of stores.

The proposed order requires Rite Aid to implement comprehensive safeguards to prevent these types of harm to consumers when deploying automated systems that use biometric information to track them or flag them as security risks. It also requires Rite Aid to discontinue using any such technology if it cannot control potential risks to consumers. To settle charges it violated a 2010 Commission data security order by failing to adequately oversee its service providers, Rite Aid is also required to implement a robust information security program, which must be overseen by the company’s top executives.

The FTC alleged that Global Tel*Link Corp. and two of its subsidiaries failed to secure sensitive data of hundreds of thousands of users stored in a cloud environment and failed to alert all those affected by the incident.

The FTC alleged that CafePress failed to implement reasonable security measures to protect sensitive information stored on its network, including plain text Social Security numbers, inadequately encrypted passwords, and answers to password reset questions. The Commission’s proposed order requires the company to bolster its data security and requires its former owner to pay a half million dollars to compensate small businesses.

The FTC is sending payments totaling more than $370,000 to consumers who were harmed by the data security failures of online merchandise platform CafePress.

The FTC will require background report providers TruthFinder and Instant Checkmate to pay $5.8 million to settle charges that they deceived consumers about whether consumers had criminal records and that the companies violated the Fair Credit Reporting Act (FCRA) by operating as consumer reporting agencies.