Archives For consumer protection

The TCPA is an Antiquated Law

The TCPA is an Antiquated Law

The Telephone Consumer Protection Act (“TCPA”) is back in the news following a letter sent to PayPal from the Enforcement Bureau of the FCC.  At issue are amendments that PayPal intends to introduce into its end user agreement. Specifically, PayPal is planning on including an automated call and text message system with which it would reach out to its users to inform them of account updates, perform quality assurance checks, and provide promotional offers.

Enter the TCPA, which, as the Enforcement Bureau noted in its letter, has been used for over twenty years by the FCC to “protect consumers from harassing, intrusive, and unwanted calls and text messages.” The FCC has two primary concerns in its warning to PayPal. First, there was no formal agreement between PayPal and its users that would satisfy the FCC’s rules and allow PayPal to use an automated call system. And, perhaps most importantly, PayPal is not entitled to simply attach an “automated calls” clause to its user agreement as a condition of providing the PayPal service (as it clearly intends to do with its amendments).

There are a number of things wrong with the TCPA and the FCC’s decision to enforce its provisions against PayPal in the current instance. The FCC has the power to provide for some limited exemptions to the TCPA’s prohibition on automated dialing systems. Most applicable here, the FCC has the discretion to provide exemptions where calls to cell phone users won’t result in those users being billed for the calls. Although most consumers still buy plans that allot minutes for their monthly use, the practical reality for most cell phone users is that they no longer need to count minutes for every call. Users typically have a large number of minutes on their plans, and certainly many of those minutes can go unused. It seems that the progression of technology and the economics of cellphones over the last twenty-five years should warrant a Congressional revisit to the underlying justifications of at least this prohibition in the TCPA.

However, exceptions aside, there remains a much larger issue with the TCPA, one that is also rooted in the outdated technological assumptions underlying the law. The TCPA was meant to prevent dedicated telemarketing companies from using the latest in “automated dialing” technology circa 1991 from harassing people. It was not intended to stymie legitimate businesses from experimenting with more efficient methods of contacting their own customers.

The text of the law underscores its technological antiquity:  according to the TCPA, an “automatic telephone dialing system” means equipment which “has the capacity” to sequentially dial random numbers. This is to say, the equipment that was contemplated when the law was written was software-enabled phones that were purpose built to enable telemarketing firms to make blanket cold calls to every number in a given area code. The language clearly doesn’t contemplate phones connected to general purpose computing resources, as most phone systems are today.

The modern phone systems, connected to intelligent computer backends, are designed to flexibly reach out to hundreds or thousands of existing customers at a time, and in a way that efficiently enhances the customer’s experience with the company. Technically, yes, these systems are capable of auto-dialing a large number of random recipients; however, when a company like PayPal uses this technology, its purpose is clearly different than that employed by the equivalent of spammers on the phone system. Not having a nexus between an intent to random-dial and a particular harm experienced by an end user is a major hole in the TCPA. Particularly in this case, it seems fairly absurd that the TCPA could be used to prevent PayPal from interacting with its own customers.

Further, there is a lot at stake for those accused of violating the TCPA. In the PayPal warning letter, the FCC noted that it is empowered to levy a $16,000 fine per call or text message that it finds violates the terms of the TCPA. That’s bad, but it’s nowhere near as bad as it could get. The TCPA also contains a private right of action that was meant to encourage individual consumers to take telemarketers to small claims court in their local state.  Each individual consumer is entitled to receive provable damages or statutory damages of $500.00, whichever is greater. If willfulness can be proven, the damages are trebled, which in effect means that most individual plaintiffs in the know will plead willfulness, and wait for either a settlement conference or trial to sort the particulars out.

However, over the years a cottage industry has built up around class action lawyers aggregating “harmed” plaintiffs who had received unwanted automatic calls or texts, and forcing settlements in the tens of millions of dollars. The math is pretty simple. A large company with lots of customers may be tempted to use an automatic system to send out account information and offer alerts. If it sends out five hundred thousand auto calls or texts, that could result in “damages” in the amount of $250M in a class action suit. A settlement for five or ten million dollars is a deal by comparison. For instance, in 2013 Bank of America entered into a $32M settlement for texts and calls made between 2007 and 2013 to 7.7 million people.  If they had gone to trial and lost, the damages could have been as much as $3.8B!

The purpose of the TCPA was to prevent abusive telemarketers from harassing people, not to defeat the use of an entire technology that can be employed to increase efficiency for businesses and lower costs for consumers. The per call penalties associated with violating the TCPA, along with imprecise and antiquated language in the law, provide a major incentive to use the legal system to punish well-meaning companies that are just operating their non-telemarketing businesses in a reasonable manner. It’s time to seriously revise this law in light of the changes in technology over the past twenty-five years.

Last week, the FTC announced its complaint and consent decree with Nomi Technologies for failing to allow consumers to opt-out of cell phone tracking while shopping in retail stores. Whatever one thinks about Nomi itself, the FTC’s enforcement action represents another step in the dubious application of its enforcement authority against deceptive statements.

In response, Geoffrey Manne, Ben Sperry, and Berin Szoka have written a new ICLE White Paper, titled, In the Matter of Nomi, Technologies, Inc.: The Dark Side of the FTC’s Latest Feel-Good Case.

Nomi Technologies offers retailers an innovative way to observe how customers move through their stores, how often they return, what products they browse and for how long (among other things) by tracking the Wi-Fi addresses broadcast by customers’ mobile phones. This allows stores to do what websites do all the time: tweak their configuration, pricing, purchasing and the like in response to real-time analytics — instead of just eyeballing what works. Nomi anonymized the data it collected so that retailers couldn’t track specific individuals. Recognizing that some customers might still object, even to “anonymized” tracking, Nomi allowed anyone to opt-out of all Nomi tracking on its website.

The FTC, though, seized upon a promise made within Nomi’s privacy policy to provide an additional, in-store opt out and argued that Nomi’s failure to make good on this promise — and/or notify customers of which stores used the technology — made its privacy policy deceptive. Commissioner Wright dissented, noting that the majority failed to consider evidence that showed the promise was not material, arguing that the inaccurate statement was not important enough to actually affect consumers’ behavior because they could opt-out on the website anyway. Both Commissioners Wright’s and Commissioner Ohlhausen’s dissents argued that the FTC majority’s enforcement decision in Nomi amounted to prosecutorial overreach, imposing an overly stringent standard of review without any actual indication of consumer harm.

The FTC’s deception authority is supposed to provide the agency with the authority to remedy consumer harms not effectively handled by common law torts and contracts — but it’s not a blank check. The 1983 Deception Policy Statement requires the FTC to demonstrate:

  1. There is a representation, omission or practice that is likely to mislead the consumer;
  2. A consumer’s interpretation of the representation, omission, or practice is considered reasonable under the circumstances; and
  3. The misleading representation, omission, or practice is material (meaning the inaccurate statement was important enough to actually affect consumers’ behavior).

Under the DPS, certain types of claims are treated as presumptively material, although the FTC is always supposed to “consider relevant and competent evidence offered to rebut presumptions of materiality.” The Nomi majority failed to do exactly that in its analysis of the company’s claims, as Commissioner Wright noted in his dissent:

the Commission failed to discharge its commitment to duly consider relevant and competent evidence that squarely rebuts the presumption that Nomi’s failure to implement an additional, retail-level opt out was material to consumers. In other words, the Commission neglects to take into account evidence demonstrating consumers would not “have chosen differently” but for the allegedly deceptive representation.

As we discuss in detail in the white paper, we believe that the Commission committed several additional legal errors in its application of the Deception Policy Statement in Nomi, over and above its failure to adequately weigh exculpatory evidence. Exceeding the legal constraints of the DPS isn’t just a legal problem: in this case, it’s led the FTC to bring an enforcement action that will likely have the very opposite of its intended result, discouraging rather than encouraging further disclosure.

Moreover, as we write in the white paper:

Nomi is the latest in a long string of recent cases in which the FTC has pushed back against both legislative and self-imposed constraints on its discretion. By small increments (unadjudicated consent decrees), but consistently and with apparent purpose, the FTC seems to be reverting to the sweeping conception of its power to police deception and unfairness that led the FTC to a titanic clash with Congress back in 1980.

The Nomi case presents yet another example of the need for FTC process reforms. Those reforms could ensure the FTC focuses on cases that actually make consumers better off. But given the FTC majority’s unwavering dedication to maximizing its discretion, such reforms will likely have to come from Congress.

Find the full white paper here.

Recent years have seen an increasing interest in incorporating privacy into antitrust analysis. The FTC and regulators in Europe have rejected these calls so far, but certain scholars and activists continue their attempts to breathe life into this novel concept. Elsewhere we have written at length on the scholarship addressing the issue and found the case for incorporation wanting. Among the errors proponents make is a persistent (and woefully unsubstantiated) assertion that online data can amount to a barrier to entry, insulating incumbent services from competition and ensuring that only the largest providers thrive. This data barrier to entry, it is alleged, can then allow firms with monopoly power to harm consumers, either directly through “bad acts” like price discrimination, or indirectly by raising the costs of advertising, which then get passed on to consumers.

A case in point was on display at last week’s George Mason Law & Economics Center Briefing on Big Data, Privacy, and Antitrust. Building on their growing body of advocacy work, Nathan Newman and Allen Grunes argued that this hypothesized data barrier to entry actually exists, and that it prevents effective competition from search engines and social networks that are interested in offering services with heightened privacy protections.

According to Newman and Grunes, network effects and economies of scale ensure that dominant companies in search and social networking (they specifically named Google and Facebook — implying that they are in separate markets) operate without effective competition. This results in antitrust harm, they assert, because it precludes competition on the non-price factor of privacy protection.

In other words, according to Newman and Grunes, even though Google and Facebook offer their services for a price of $0 and constantly innovate and upgrade their products, consumers are nevertheless harmed because the business models of less-privacy-invasive alternatives are foreclosed by insufficient access to data (an almost self-contradicting and silly narrative for many reasons, including the big question of whether consumers prefer greater privacy protection to free stuff). Without access to, and use of, copious amounts of data, Newman and Grunes argue, the algorithms underlying search and targeted advertising are necessarily less effective and thus the search product without such access is less useful to consumers. And even more importantly to Newman, the value to advertisers of the resulting consumer profiles is diminished.

Newman has put forth a number of other possible antitrust harms that purportedly result from this alleged data barrier to entry, as well. Among these is the increased cost of advertising to those who wish to reach consumers. Presumably this would harm end users who have to pay more for goods and services because the costs of advertising are passed on to them. On top of that, Newman argues that ad networks inherently facilitate price discrimination, an outcome that he asserts amounts to antitrust harm.

FTC Commissioner Maureen Ohlhausen (who also spoke at the George Mason event) recently made the case that antitrust law is not well-suited to handling privacy problems. She argues — convincingly — that competition policy and consumer protection should be kept separate to preserve doctrinal stability. Antitrust law deals with harms to competition through the lens of economic analysis. Consumer protection law is tailored to deal with broader societal harms and aims at protecting the “sanctity” of consumer transactions. Antitrust law can, in theory, deal with privacy as a non-price factor of competition, but this is an uneasy fit because of the difficulties of balancing quality over two dimensions: Privacy may be something some consumers want, but others would prefer a better algorithm for search and social networks, and targeted ads with free content, for instance.

In fact, there is general agreement with Commissioner Ohlhausen on her basic points, even among critics like Newman and Grunes. But, as mentioned above, views diverge over whether there are some privacy harms that should nevertheless factor into competition analysis, and on whether there is in fact  a data barrier to entry that makes these harms possible.

As we explain below, however, the notion of data as an antitrust-relevant barrier to entry is simply a myth. And, because all of the theories of “privacy as an antitrust harm” are essentially predicated on this, they are meritless.

First, data is useful to all industries — this is not some new phenomenon particular to online companies

It bears repeating (because critics seem to forget it in their rush to embrace “online exceptionalism”) that offline retailers also receive substantial benefit from, and greatly benefit consumers by, knowing more about what consumers want and when they want it. Through devices like coupons and loyalty cards (to say nothing of targeted mailing lists and the age-old practice of data mining check-out receipts), brick-and-mortar retailers can track purchase data and better serve consumers. Not only do consumers receive better deals for using them, but retailers know what products to stock and advertise and when and on what products to run sales. For instance:

  • Macy’s analyzes tens of millions of terabytes of data every day to gain insights from social media and store transactions. Over the past three years, the use of big data analytics alone has helped Macy’s boost its revenue growth by 4 percent annually.
  • Following its acquisition of Kosmix in 2011, Walmart established @WalmartLabs, which created its own product search engine for online shoppers. In the first year of its use alone, the number of customers buying a product on Walmart.com after researching a purchase increased by 20 percent. According to Ron Bensen, the vice president of engineering at @WalmartLabs, the combination of in-store and online data could give brick-and-mortar retailers like Walmart an advantage over strictly online stores.
  • Panera and a whole host of restaurants, grocery stores, drug stores and retailers use loyalty cards to advertise and learn about consumer preferences.

And of course there is a host of others uses for data, as well, including security, fraud prevention, product optimization, risk reduction to the insured, knowing what content is most interesting to readers, etc. The importance of data stretches far beyond the online world, and far beyond mere retail uses more generally. To describe even online giants like Amazon, Apple, Microsoft, Facebook and Google as having a monopoly on data is silly.

Second, it’s not the amount of data that leads to success but building a better mousetrap

The value of knowing someone’s birthday, for example, is not in that tidbit itself, but in the fact that you know this is a good day to give that person a present. Most of the data that supports the advertising networks underlying the Internet ecosphere is of this sort: Information is important to companies because of the value that can be drawn from it, not for the inherent value of the data itself. Companies don’t collect information about you to stalk you, but to better provide goods and services to you.

Moreover, data itself is not only less important than what can be drawn from it, but data is also less important than the underlying product it informs. For instance, Snapchat created a challenger to  Facebook so successfully (and in such short time) that Facebook attempted to buy it for $3 billion (Google offered $4 billion). But Facebook’s interest in Snapchat wasn’t about its data. Instead, Snapchat was valuable — and a competitive challenge to Facebook — because it cleverly incorporated the (apparently novel) insight that many people wanted to share information in a more private way.

Relatedly, Twitter, Instagram, LinkedIn, Yelp, Pinterest (and Facebook itself) all started with little (or no) data and they have had a lot of success. Meanwhile, despite its supposed data advantages, Google’s attempts at social networking — Google+ — have never caught up to Facebook in terms of popularity to users (and thus not to advertisers either). And scrappy social network Ello is starting to build a significant base without data collection for advertising at all.

At the same time it’s simply not the case that the alleged data giants — the ones supposedly insulating themselves behind data barriers to entry — actually have the type of data most relevant to startups anyway. As Andres Lerner has argued, if you wanted to start a travel business, the data from Kayak or Priceline would be far more relevant. Or if you wanted to start a ride-sharing business, data from cab companies would be more useful than the broad, market-cross-cutting profiles Google and Facebook have. Consider companies like Uber, Lyft and Sidecar that had no customer data when they began to challenge established cab companies that did possess such data. If data were really so significant, they could never have competed successfully. But Uber, Lyft and Sidecar have been able to effectively compete because they built products that users wanted to use — they came up with an idea for a better mousetrap.The data they have accrued came after they innovated, entered the market and mounted their successful challenges — not before.

In reality, those who complain about data facilitating unassailable competitive advantages have it exactly backwards. Companies need to innovate to attract consumer data, otherwise consumers will switch to competitors (including both new entrants and established incumbents). As a result, the desire to make use of more and better data drives competitive innovation, with manifestly impressive results: The continued explosion of new products, services and other apps is evidence that data is not a bottleneck to competition but a spur to drive it.

Third, competition online is one click or thumb swipe away; that is, barriers to entry and switching costs are low

Somehow, in the face of alleged data barriers to entry, competition online continues to soar, with newcomers constantly emerging and triumphing. This suggests that the barriers to entry are not so high as to prevent robust competition.

Again, despite the supposed data-based monopolies of Facebook, Google, Amazon, Apple and others, there exist powerful competitors in the marketplaces they compete in:

  • If consumers want to make a purchase, they are more likely to do their research on Amazon than Google.
  • Google flight search has failed to seriously challenge — let alone displace —  its competitors, as critics feared. Kayak, Expedia and the like remain the most prominent travel search sites — despite Google having literally purchased ITA’s trove of flight data and data-processing acumen.
  • People looking for local reviews go to Yelp and TripAdvisor (and, increasingly, Facebook) as often as Google.
  • Pinterest, one of the most highly valued startups today, is now a serious challenger to traditional search engines when people want to discover new products.
  • With its recent acquisition of the shopping search engine, TheFind, and test-run of a “buy” button, Facebook is also gearing up to become a major competitor in the realm of e-commerce, challenging Amazon.
  • Likewise, Amazon recently launched its own ad network, “Amazon Sponsored Links,” to challenge other advertising players.

Even assuming for the sake of argument that data creates a barrier to entry, there is little evidence that consumers cannot easily switch to a competitor. While there are sometimes network effects online, like with social networking, history still shows that people will switch. MySpace was considered a dominant network until it made a series of bad business decisions and everyone ended up on Facebook instead. Similarly, Internet users can and do use Bing, DuckDuckGo, Yahoo, and a plethora of more specialized search engines on top of and instead of Google. And don’t forget that Google itself was once an upstart new entrant that replaced once-household names like Yahoo and AltaVista.

Fourth, access to data is not exclusive

Critics like Newman have compared Google to Standard Oil and argued that government authorities need to step in to limit Google’s control over data. But to say data is like oil is a complete misnomer. If Exxon drills and extracts oil from the ground, that oil is no longer available to BP. Data is not finite in the same way. To use an earlier example, Google knowing my birthday doesn’t limit the ability of Facebook to know my birthday, as well. While databases may be proprietary, the underlying data is not. And what matters more than the data itself is how well it is analyzed.

This is especially important when discussing data online, where multi-homing is ubiquitous, meaning many competitors end up voluntarily sharing access to data. For instance, I can use the friend-finder feature on WordPress to find Facebook friends, Google connections, and people I’m following on Twitter who also use the site for blogging. Using this feature allows WordPress to access your contact list on these major online players.

Friend-Finder

Further, it is not apparent that Google’s competitors have less data available to them. Microsoft, for instance, has admitted that it may actually have more data. And, importantly for this discussion, Microsoft may have actually garnered some of its data for Bing from Google.

If Google has a high cost per click, then perhaps it’s because it is worth it to advertisers: There are more eyes on Google because of its superior search product. Contra Newman and Grunes, Google may just be more popular for consumers and advertisers alike because the algorithm makes it more useful, not because it has more data than everyone else.

Fifth, the data barrier to entry argument does not have workable antitrust remedies

The misguided logic of data barrier to entry arguments leaves a lot of questions unanswered. Perhaps most important among these is the question of remedies. What remedy would apply to a company found guilty of leveraging its market power with data?

It’s actually quite difficult to conceive of a practical means for a competition authority to craft remedies that would address the stated concerns without imposing enormous social costs. In the unilateral conduct context, the most obvious remedy would involve the forced sharing of data.

On the one hand, as we’ve noted, it’s not clear this would actually accomplish much. If competitors can’t actually make good use of data, simply having more of it isn’t going to change things. At the same time, such a result would reduce the incentive to build data networks to begin with. In their startup stage, companies like Uber and Facebook required several months and hundreds of thousands, if not millions, of dollars to design and develop just the first iteration of the products consumers love. Would any of them have done it if they had to share their insights? In fact, it may well be that access to these free insights is what competitors actually want; it’s not the data they’re lacking, but the vision or engineering acumen to use it.

Other remedies limiting collection and use of data are not only outside of the normal scope of antitrust remedies, they would also involve extremely costly court supervision and may entail problematic “collisions between new technologies and privacy rights,” as the last year’s White House Report on Big Data and Privacy put it.

It is equally unclear what an antitrust enforcer could do in the merger context. As Commissioner Ohlhausen has argued, blocking specific transactions does not necessarily stop data transfer or promote privacy interests. Parties could simply house data in a standalone entity and enter into licensing arrangements. And conditioning transactions with forced data sharing requirements would lead to the same problems described above.

If antitrust doesn’t provide a remedy, then it is not clear why it should apply at all. The absence of workable remedies is in fact a strong indication that data and privacy issues are not suitable for antitrust. Instead, such concerns would be better dealt with under consumer protection law or by targeted legislation.

In short, all of this hand-wringing over privacy is largely a tempest in a teapot — especially when one considers the extent to which the White House and other government bodies have studiously ignored the real threat: government misuse of data à la the NSA. It’s almost as if the White House is deliberately shifting the public’s gaze from the reality of extensive government spying by directing it toward a fantasy world of nefarious corporations abusing private information….

The White House’s proposed bill is emblematic of many government “fixes” to largely non-existent privacy issues, and it exhibits the same core defects that undermine both its claims and its proposed solutions. As a result, the proposed bill vastly overemphasizes regulation to the dangerous detriment of the innovative benefits of Big Data for consumers and society at large.

Rate this:

Continue Reading...
On Wednesday, March 18, our fellow law-and-economics-focused brethren at George Mason’s Law and Economics Center will host a very interesting morning briefing on the intersection of privacy, big data, consumer protection, and antitrust. FTC Commissioner Maureen Ohlhausen will keynote and she will be followed by what looks like will be a lively panel discussion. If you are in DC you can join in person, but you can also watch online. More details below.
Please join the LEC in person or online for a morning of lively discussion on this topic. FTC Commissioner Maureen K. Ohlhausen will set the stage by discussing her Antitrust Law Journal article, “Competition, Consumer Protection and The Right [Approach] To Privacy“. A panel discussion on big data and antitrust, which includes some of the leading thinkers on the subject, will follow.
Other featured speakers include:

Allen P. Grunes
Founder, The Konkurrenz Group and Data Competition Institute

Andres Lerner
Executive Vice President, Compass Lexecon

Darren S. Tucker
Partner, Morgan Lewis

Nathan Newman
Director, Economic and Technology Strategies LLC

Moderator: James C. Cooper
Director, Research and Policy, Law & Economics Center

A full agenda is available click here.

Anybody who has spent much time with children knows how squishy a concept “unfairness” can be.  One can hear the exchange, “He’s not being fair!” “No, she’s not!,” only so many times before coming to understand that unfairness is largely in the eye of the beholder.

Perhaps it’s unfortunate, then, that Congress chose a century ago to cast the Federal Trade Commission’s authority in terms of preventing “unfair methods of competition.”  But that’s what it did, and the question now is whether there is some way to mitigate this “eye of the beholder” problem.

There is.

We know that any business practice that violates the substantive antitrust laws (the Sherman and Clayton Acts) is an unfair method of competition, so we can look to Sherman and Clayton Act precedents to assess the “unfairness” of business practices that those laws reach.  But what about the Commission’s so-called “standalone” UMC authority—its power to prevent business practices that seem to impact competition unfairly but are not technically violations of the substantive antitrust laws?

Almost two years ago, Commissioner Josh Wright recognized that if the FTC’s standalone UMC authority is to play a meaningful role in assuring market competition, the Commission should issue guidelines on what constitutes an unfair method of competition. He was right.  The Commission, you see, really has only four options with respect to standalone Section 5 claims:

  1. It could bring standalone actions based on current commissioners’ considered judgments about what constitutes unfairness. Such an approach, though, is really inconsistent with the rule of law. Past commissioners, for example, have gone so far as to suggest that practices causing “resource depletion, energy waste, environmental contamination, worker alienation, [and] the psychological and social consequences of producer-stimulated demands” could be unfair methods of competition. Maybe our current commissioners wouldn’t cast so wide a net, but they’re not always going to be in power. A government of laws and not of men simply can’t mete out state power on the basis of whim.
  2. It could bring standalone actions based on unfairness principles appearing in Section 5’s “common law.” The problem here is that there is no such common law. As Commissioner Wright has observed and I have previously explained, a common law doesn’t just happen. Development of a common law requires vigorously litigated disputes and reasoned, published opinions that resolve those disputes and serve as precedent. Section 5 “litigation,” such as it is, doesn’t involve any of that.
    • First, standalone Section 5 disputes tend not to be vigorously litigated. Because the FTC acts as both prosecutor and judge in such actions, their outcome is nearly a foregone conclusion. When FTC staff win before the administrative law judge, the ALJ’s decision is always affirmed by the full commission; when staff loses with the ALJ, the full Commission always reverses. Couple this stacked deck with the fact that unfairness exists in the eye of the beholder and will therefore change with the composition of the Commission, and we end up with a situation in which accused parties routinely settle. As Commissioner Wright observes, “parties will typically prefer to settle a Section 5 claim rather than go through lengthy and costly litigation in which they are both shooting at a moving target and have the chips stacked against them.”
    • The consent decrees that memorialize settlements, then, offer little prospective guidance. They usually don’t include any detailed explanation of why the practice at issue was an unfair method of competition. Even if they did, it wouldn’t matter much; the Commission doesn’t treat its own enforcement decisions as precedent. In light of the realities of Section 5 litigation, there really is no Section 5 common law.
  3. It could refrain from bringing standalone Section 5 actions and pursue only business practices that violate the substantive antitrust laws. Substantive antitrust violations constitute unfair methods of competition, and the federal courts have established fairly workable principles for determining when business practices violate the Sherman and Clayton Acts. The FTC could therefore avoid the “eye of the beholder” problem by limiting its UMC authority to business conduct that violates the antitrust laws. Such an approach, though, would prevent the FTC from policing conduct that, while not technically an antitrust violation, is anticompetitive and injurious to consumers.
  4. It could bring standalone Section 5 actions based on articulated guidelines establishing what constitutes an unfair method of competition. This is really the only way to use Section 5 to pursue business practices that are not otherwise antitrust violations, without offending the rule of law.

Now, if the FTC is to take this fourth approach—the only one that both allows for standalone Section 5 actions and honors rule of law commitments—it obviously has to settle on a set of guidelines.  Fortunately, it has almost done so!

Since Commissioner Wright called for Section 5 guidelines almost two years ago, much ink has been spilled outlining and critiquing proposed guidelines.  Commissioner Wright got the ball rolling by issuing his own proposal along with his call for the adoption of guidelines.  Commissioner Ohlhausen soon followed suit, proposing a slightly broader set of principles.  Numerous commentators then joined the conversation (a number doing so in a TOTM symposium), and each of the other commissioners has now stated her own views.

A good deal of consensus has emerged.  Each commissioner agrees that Section 5 should be used to prosecute only conduct that is actually anticompetitive (as defined by the federal courts).  There is also apparent consensus on the view that standalone Section 5 authority should not be used to challenge conduct governed by well-forged liability principles under the Sherman and Clayton Acts.  (For example, a practice routinely evaluated under Section 2 of the Sherman Act should not be pursued using standalone Section 5 authority.)  The commissioners, and the vast majority of commentators, also agree that there should be some efficiencies screen in prosecution decisions.  The remaining disagreement centers on the scope of the efficiencies screen—i.e., how much of an efficiency benefit must a business practice confer in order to be insulated from standalone Section 5 liability?

On that narrow issue—the only legitimate point of dispute remaining among the commissioners—three views have emerged:  Commissioner Wright would refrain from prosecuting if the conduct at issue creates any cognizable efficiencies; Commissioner Ohlhausen would do so as long as the efficiencies are not disproportionately outweighed by anticompetitive harms; Chairwoman Ramirez would engage in straightforward balancing (not a “disproportionality” inquiry) and would refrain from prosecution only where efficiencies outweigh anticompetitive harms.

That leaves three potential sets of guidelines.  In each, it would be necessary that a behavior subject to any standalone Section 5 action (1) create actual or likely anticompetitive harm, and (2) not be subject to well-forged case law under the traditional antitrust laws (so that pursuing the action might cause the distinction between lawful and unlawful commercial behavior to become blurred).  Each of the three sets of guidelines would also include an efficiencies screen—either (3a) the conduct lacks cognizable efficiencies, (3b) the harms created by the conduct are disproportionate to the conduct’s cognizable efficiencies, or (3c) the harms created by the conduct are not outweighed by cognizable efficiencies.

As Commissioner Wright has observed any one of these sets of guidelines would be superior to the status quo.  Accordingly, if the commissioners could agree on the acceptability of any of them, they could improve the state of U.S. competition law.

Recognizing as much, Commissioner Wright is wisely calling on the commissioners to vote on the acceptability of each set of guidelines.  If any set is deemed acceptable by a majority of commissioners, it should be promulgated as official FTC Guidance.  (Presumably, if more than one set commands majority support, the set that most restrains FTC enforcement authority would be the one promulgated as FTC Guidance.)

Of course, individual commissioners might just choose not to vote.  That would represent a sad abdication of authority.  Given that there isn’t (and under current practice, there can’t be) a common law of Section 5, failure to vote on a set of guidelines would effectively cast a vote for either option 1 stated above (ignore rule of law values) or option 3 (limit Section 5’s potential to enhance consumer welfare).  Let’s hope our commissioners don’t relegate us to those options.

The debate has occurred.  It’s time to vote.

In a previous Truth on the Market blog posting, I noted that the FTC recently revised its “advertising substantiation” policy in a highly problematic manner.  In particular, in a number of recent enforcement actions, an FTC majority has taken the position that it will deem advertising claims “deceptive” unless they are supported by two randomized controlled tests (RCTs), and (in the case of food and drug supplements) will require companies to obtain prior U.S. Food and Drug Administration (FDA) approval for future advertising claims.  As I explained in a Heritage Foundation Legal Memorandum, these and other new burdens “may deter firms from investing in new health-related product improvements, in which event consumers who are denied new and beneficial products (as well as useful information about the attributes of current products) will be the losers.  Competition will also suffer as businesses shy away from informational advertising that rewards the highest quality current products and encourages firms to compete on the basis of quality.  Furthermore, the broad scope of these requirements is in tension with the constitutional prohibition on restricting commercial speech no more than is necessary to satisfy legitimate statutory purposes.” (NOTABLY, Commissioner Maureen Ohlhausen has argued against categorically imposing a two RCTs requirement in all cases , explaining that “[i]f we demand too high a level of substantiation in pursuit of certainty, we risk losing the benefits to consumers of having access to information about emerging areas of science and the corresponding pressure on firms to compete on the health features of their products.”  Commissioner Joshua Wright has also opined “that a reflexive approach in requiring two RCTs as fencing-in relief might not always be in the best interest of consumers.”)

In a January 30, 2015 decision, POM Wonderful, LLC v. FTC, the D.C. Circuit took an initial step that may help rein in FTC enthusiasm for imposing a “two RCTs” requirement on future advertising by a firm.  The FTC ruled in 2013 that POM Wonderful, a producer and seller of pomegranate products, violated the FTC Act by making advertisements that suggested POM products could treat, prevent, or reduce heart disease, prostate cancer, and erectile dysfunction.  According to the FTC, the ads were false and misleading because POM lacked valid and adequate scientific evidence to substantiate its claims.  (The FTC determined that scientific findings cited by POM, based on over $35 million of pomegranate-related research, had not been supported by subsequent studies.)   The FTC entered a cease and desist order that barred POM from making future disease claims (claims that its products treat, prevent, or reduce a disease) about its products without “competent and reliable” scientific evidence.  Specifically, the FTC’s order required that such future claims be supported by at least two RCTs.  (NOTABLY, Commissioner Ohlhausen disagreed with the majority’s view that two RCTs were warranted and would have required only one RCT, regarding that study in light of other available scientific evidence.)

POM appealed to the D.C. Circuit, which unanimously held that there was no basis for setting aside the FTC’s finding that many of POM’s ads made false or misleading claims; that there was no First Amendment protection for deceptive advertising; and that requiring an RCT was not too onerous and did not violate the First Amendment.  The court concluded that “the [FTC] injunctive order’s requirement of some RCT substantiation for disease claims directly advances, and is not more extensive than necessary to serve, the interest in preventing misleading commercial speech”, consistent with the test for evaluating commercial speech enunciated by the Supreme Court in Central Hudson.  The court, however, also held that “a categorical floor of two RCTs for any and all disease claims . . . fails Central Hudson scrutiny”.  The court stressed that the FTC “fails to demonstrate how such a rigid remedial rule bears the requisite ‘reasonable fit’ with the interest in preventing deceptive speech.”  Significantly, the court also enunciated a strong policy justification, rooted in First Amendment commercial speech concerns, for precluding a categorical “two RCTs” rule:

“Requiring additional RCTs without adequate justification exacts considerable costs, and not just in terms of the substantial resources often necessary to design and conduct a properly randomized and controlled human clinical trial.  If there is a categorical bar against claims about the disease-related benefits of a food product or dietary supplement in the absence of two RCTs, consumers may be denied useful, truthful information about products with a demonstrated capacity to treat or prevent serious disease.  That would subvert rather than promote the objectives of the commercial speech doctrine.”

Accordingly, the court modified the FTC’s order to require that POM possess at least one RCT in support of future health-related advertising claims.  Assuming that the D.C. Circuit’s POM decision is not appealed and remains in force, future advertisers investigated by the FTC will have stronger grounds to resist FTC efforts to impose “two or more RCT” requirements as part of a decree.

This is just a small step in badly-needed reforms, however.  Even a single RCT is unnecessarily onerous in many market settings (and, in my view, ignores the teachings of Central Hudson).  More broadly, as I have previously argued, the FTC should rethink its entire approach and issue new advertising substantiation guidelines that state the FTC:  (1) will seek to restrict commercial speech to the smallest extent possible, consistent with fraud prevention; (2) will apply strict cost-benefit analysis in investigating advertising claims and framing remedies in advertising substantiation cases; (3) will apply a reasonableness standard in such cases, consistent with general guidance found in a 1983 FTC policy statement; (4) will not require clinical studies be conducted in order to substantiate advertising claims; (5) will not require that the FDA or any other agency be involved in approving or reviewing advertising claims; and (6) will avoid excessive “fencing in” relief that extends well beyond the ambit of the alleged harm associated with statements that the FTC deems misleading.  Enactment of such guidelines may be a long-term project, requiring a change in Commission thinking, but it is well worth pursuing, in order to advance both free commercial speech and consumer welfare.

Today the Federal Trade Commission (FTC) missed the mark in authorizing release of a staff report calling for legislation and regulation of the “Internet of Things.”

The Internet of Things is already affecting the daily lives of millions of Americans through the adoption of health and fitness monitors, home security devices, connected cars and household appliances, among other applications.  Such devices offer the potential for improved health-monitoring, safer highways, and more efficient home energy use, and a myriad of other potential benefits.  The rapidly increasing use of such devices, which transfer data electronically, also raises privacy and security concerns.  In November 2014 the FTC convened a one-day workshop to study the rapidly changing Internet of Things.

On January 27, 2015, the FTC staff released a report based on the record established by the workshop and follow-on comments from the public.  Unfortunately, the report went far beyond describing the state of play and setting forth the views of interested parties.  In particular, the FTC staff recommended detailed approaches businesses should follow to promote security and privacy in the Internet of Things, and repeated its prior call for strong data security and breach notification legislation.  The FTC voted 4-1 to issue the staff report, with Commissioner Joshua Wright dissenting and Commissioner Maureen Ohlhausen concurring but expressing opposition to two of the report’s recommendations (calling for privacy legislation and for companies to delete “excessive” but valuable data).

Commissioner Wright’s thoughtful dissent centers on the report’s failure to apply cost-benefit analysis to its recommendations, without which it is not possible to determine whether the recommendations are socially beneficial or harmful.  As Wright points out (footnotes omitted):

“Acknowledging in passing, as the Workshop Report does, that various courses of actions related to the Internet of Things may well have some potential costs and benefits does not come close to passing muster as cost-benefit analysis. The Workshop Report does not perform any actual analysis whatsoever to ensure that, or even to give a rough sense of the likelihood that the benefits of the staff’s various proposals exceed their attendant costs. Instead, the Workshop Report merely relies upon its own assertions and various surveys that are not necessarily representative and, in any event, do not shed much light on actual consumer preferences as revealed by conduct in the marketplace. This is simply not good enough; there is too much at stake for consumers as the Digital Revolution begins to transform their homes, vehicles, and other aspects of daily life.”

More specifically, Wright critiques the FTC’s proposal that companies limit the scope of data retention (“data minimization”) to protect consumers’ “reasonable expectations” and deter data thieves – as he explains, this proposal fails to discuss the magnitude of such costs to consumers and supplies no evidence demonstrating that the benefits of data minimization will outweigh its costs to consumers.  In a similar vein, Wright opposes the report’s proposal that companies adopt specific “security by design” measures, noting that:

“Relying upon the application of these concepts and the Fair Information Practice Principles to the Internet of Things can instead substitute for the sort of rigorous economic analysis required to understand the tradeoffs facing firms and consumers. An economic and evidence-based approach sensitive to those tradeoffs is much more likely to result in consumer-welfare enhancing consumer protection regulation. To the extent concepts such as security by design or data minimization are endorsed at any cost – or without regard to whether the marginal cost of a particular decision exceeds its marginal benefits – then application of these principles will result in greater compliance costs without countervailing benefit. Such costs will be passed on to consumers in the form of higher prices or less useful products, as well as potentially deter competition and innovation among firms participating in the Internet of Things.”

In sum, Wright concludes:

“Before setting forth industry best practices and recommendations for broad-based privacy legislation relating to the Internet of Things – proposals that could have a profound impact upon consumers – the Commission and its staff should, at a minimum, undertake the necessary work not only to identify the potential costs and benefits of implementing such best practices and recommendations, but also to perform analysis sufficient to establish with reasonable confidence that such benefits are not outweighed by their costs at the margin of policy intervention.”

The FTC does best when it rigorously evaluates the costs and benefits of its regulatory recommendations and proposed enforcement actions.  Unfortunately, in recent years it has lost sight of this common sense principle (particularly in the consumer protection area) in imposing highly burdensome advertising substantiation and data security enforcement requirements through litigation and consent decrees.  The detailed recommendations in the Internet of Things report suggest that the FTC may be eyeing public reports as a new source of “friendly persuasion.”  Because many firms may choose to adopt costly FTC business practice “suggestions” so as to avoid costly investigations and litigation, the actual harm in foregone business innovation and consumer welfare losses may not be readily apparent.  The competitive process and American consumers, however, are the losers – as are smaller companies that can less afford to absorb the costs of FTC micromanagement than their larger rivals.

In my just published Heritage Foundation Legal Memorandum, I argue that the U.S. Federal Trade Commission (FTC) should substantially scale back its overly aggressive “advertising substantiation” program, which disincentivizes firms from providing the public with valuable information about the products they sell.  As I explain:

“The . . . [FTC] has a long history of vigorously combating false and deceptive advertising under its statutory authorities, but recent efforts by the FTC to impose excessive ‘advertising substantiation’ requirements on companies go far beyond what is needed to combat false advertising. Such actions threaten to discourage companies from providing useful information that consumers value and that improves the workings of the marketplace. They also are in tension with constitutional protection for commercial speech. The FTC should reform its advertising substantiation policy and allow businesses greater flexibility to tailor their advertising practices, which would further the interests of both consumers and businesses. It should also decline to seek ‘disgorgement’ of allegedly ‘ill-gotten gains’ in cases involving advertising substantiation.”

In particular, I recommend that the FTC issue a revised policy statement explaining that it will seek to restrict commercial speech to the minimum extent possible, consistent with fraud prevention, and will not require onerous clinical studies to substantiate non-fraudulent advertising claims.  I also urge that the FTC clarify that it will only seek equitable remedies (including injunctions and financial exactions) in court for cases of clear fraud.

Recently I highlighted problems with the FTC’s enforcement actions targeting companies’ data security protection policies, and recommended that the FTC adopt a cost-benefit approach to regulation in this area.  Yesterday the Heritage Foundation released a more detailed paper by me on this topic, replete with recommendations for new FTC guidance and specific reforms aimed at maintaining appropriate FTC oversight while reducing excessive burdens.  Happy reading!