Bryan Cave on Consumer Complaints to the FTC

The law firm Bryan Cave offers some good advice for companies about consumer complaints to the FTC:

…a massive database of consumer complaints known as “Consumer Sentinel” … is used by the FTC and other consumer protection regulators to identify and investigate enforcement targets.

[fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”no” center_content=”no” min_height=”none”][…]

the FTC also creates a “Top Violator” report and a “Surge” report that track those organizations that the FTC believes may have a suspicious pattern of consumer complaints. The end result is that the vast majority of FTC enforcement actions target companies identified within the FTC’s database.

Presumably, you could hire Bryan Cave to monitor these violator and surge reports and get on top of these complaints before the FTC opens a case. I think it is absolutely the case that some divisions use these reports. But different divisions of the FTC choose cases differently. A 2014 Inspector General Report noted the use of five different rationales among the BCP divisions in case selection. These included consumer harm; whether related matters were being litigated; the volume of sales made by a respondent; whether the respondent was a repeat offender; and whether the behavior was egregious.[1]

From my interviews with FTC staff, the privacy cases are not complaint-driven. A large number–perhaps most–are brought to the Commission’s attention by competitors. And if you think about it, consumers cannot make privacy complaints because they cannot know about companies’ uses of information. Just consider important cases such as Nomi (consumer tracking through their wireless phones) or the secret software installed on “rent-to-own” computers in Aaron’s. I found that instead of looking at complaints to find targets, the FTC’s privacy attorneys were reading the newspapers, going to industry conferences, and scanning the class action litigation landscape to identify defendants.

And it gets worse for companies: FTC attorneys engage in undercover investigation by making test accounts on websites and other services, and the attorneys even engage in “test shopping” (for instance, buying information from investigatory targets). As early as the 1990s, the FTC developed consumer aliases (complete with credit card accounts) to make purchases from websites in the course of an investigation. These test activities always occur before voluntary or compulsory processes have been sent. You won’t see them coming, because the agency uses a privacy-protecting VPN to mask its IP address.

[1]FTC Office of Inspector General, Evaluation of the Federal Trade Commission’s Bureau of Consumer Protection Resources, OIG Evaluation Report No. 14-003, October 2, 2014.