Tag: Consumer Protection

Community Banks and Overdrafts — Time for Reconsideration?

Bank consumer overdraft fees (together with nonsufficient funds (NSF) fees and returned check fees) have long been a target of attacks by consumer advocacy groups and progressive politicians who claim that such fees are disproportionately levied on the most vulnerable consumers. The Obama-era Consumer Financial Protection Bureau (CFPB) initiated efforts to regulate overdraft programs, which were shelved during the Trump administration, and legislation to restrict overdraft fees has regularly been proposed and considered by Congress, but not enacted.

2022, however, may be the year that the US financial regulatory agencies finally move to impose formal restrictions on banks’ overdraft fee programs. In particular, the CFPB, increasingly assertive in President Biden’s second year in office, has clearly signaled its intent to take action in this area:

  • Rohit Chopra, the director of the CFPB, has spoken out on numerous occasions — in public appearances, opinion pieces, and blog posts — regarding the imperative of reining in so-called junk fees charged by banks and other financial companies.
  • On January 26, 2022, the CFPB published a request for public comment targeting “exploitative junk fees,” including overdraft and NSF fees. The CFPB stated that the goal of its information request was to assist the agency’s plan to “craft rules, issue industry guidance, and focus supervision and enforcement resources,” with the goals of reducing excessive fees and eliminating illegal practices.

The attack on overdraft fee programs has been echoed by other administration officials as well as by allied politicians. Acting Comptroller of the Currency Michael Hsu has called traditional bank overdraft programs “a significant part” of a “regressive system” that penalizes the poor and has stated that “banks that hesitate to adopt pro-consumer overdraft programs will soon be negative outliers.” On March 31, 2022, the House Financial Services Subcommittee held a hearing on possible government intervention to restrict overdraft programs, clearly showing coordination by the committee majority with the Biden administration’s initiatives. In March 2022, a group of US Senate Democrats (including Banking Committee Chairman Sherrod Brown) sent letters to seven large banks urging them to abolish or significantly reduce overdraft and other fees, and in early April, New York Attorney General Letitia James, in recent letters signed by numerous other state attorneys general, asked the country’s four largest banks to eliminate consumer overdraft fees altogether by summer 2022.

Adding to the chorus of Biden administration and other political voices critical of overdraft fees has been a steady stream of announcements over the past year by many large banks regarding plans to eliminate or greatly restrict their overdraft and related fees. In January 2022 alone, five of the country’s largest banks announced the planned elimination of NSF fees and certain overdraft charges. These announcements add weight to the CFPB’s attacks on overdraft fee programs and will inevitably result in additional pressure on other large banks to follow suit.

The bottom line is that federal regulation of this area may finally be on the horizon, if not imminent, although it is anyone’s guess what form regulatory action will take. The initial targets of any action taken by the CFPB — whether formal rulemaking, statements of policy, or increased enforcement activity — are likely to be banking companies that have total assets in excess of $10 billion and that are thus subject to direct supervision by the CFPB. However, whatever new policy is implemented by the CFPB in this area will inevitably be applied by the three principal federal banking agencies to financial institutions of all sizes, and community banks should prepare themselves for increased examination scrutiny of their overdraft fee programs and the potential for enforcement actions.

Accordingly, community banks — especially those heavily reliant on overdraft fee income — should review their overdraft programs, ensure that they are compliant with existing regulations and best practices, and consider changes to respond to possible regulatory concerns. While it is impossible to react effectively to a regulatory regime that has not been proposed, much less implemented, reports and statements by the CFPB and other banking agencies provide some guidance. First, the CFPB has indicated that it will demand transparent and fully disclosed pricing of overdraft solutions that allow consumers to make an informed choice. In addition, Acting Comptroller Hsu stated in a December 2021 speech — in which he notably did not call for banks to eliminate overdraft fees — that the OCC had identified several features of bank overdraft programs that could be modified or recalibrated to help achieve the goal of improving the financial health of vulnerable consumers. He stated that these changes included:

  • Requiring consumer opt-in to the overdraft program.
  • Providing a grace period before charging an overdraft fee.
  • Allowing negative balances without triggering an overdraft fee.
  • Offering consumers balance-related alerts.
  • Providing consumers with access to real-time balance information.
  • Linking a consumer’s checking account to another account for overdraft protection.
  • Collecting overdraft or NSF fees from a consumer’s next deposit only after other items have been posted or cleared.
  • Not charging separate and multiple overdraft fees for multiple items in a single day and not charging additional fees when an item is re-presented.

Finally, community banks should closely monitor CFPB and other bank regulators’ overdraft fee initiatives, through state and national bankers associations and otherwise, and continue to explore potential methods of managing their overdraft programs in line with stated and possible future regulatory concerns.

© 2022 Jones Walker LLP
For more about banking institutions, visit the NLR Financial, Securities & Banking section.

L’Oreal PFAS Lawsuit Again Shows ESG Risks of Marketing

In less than six months, L’Oreal has now found itself to be the target of PFAS lawsuits related to its mascara products. The latest L’Oreal PFAS lawsuit was filed in the New Jersey federal court on April 8, 2022. Cosmetics and PFAS is a topic that saw increased scrutiny from the scientific community, legislature, and the media in 2021. As we predicted in early 2021, the increased attention on the industry presented significant risks to the cosmetics industry, and our prediction was that the developments made the cosmetics industry the number two target for future PFAS lawsuits. In less than three months, four industry giants – Shiseido, CoverGirlL’Oreal and Burt’s Bees – were hit with lawsuits related to their cosmetics and PFAS content in some of the companies’ products.  The industry, insurers, and investment companies interested in the consumer goods vertical with niche interest in cosmetics companies must pay careful attention to the cosmetics lawsuits and the increasing trend of lawsuits targeting the industry.

PFAS and Cosmetics: the 2021 Foundation

On June 15, 2021, a scientific study in the Journal of Environmental Science and Technology Letters published conclusions regarding testing of a variety of cosmetics products from the United States and Canada for PFAS content, and found PFAS present in over half of the products. On the same day that the study was published, the No PFAS In Cosmetics Act 2021 was introduced in the Senate by U.S. Senators Susan Collins (R-ME), Richard Blumenthal (D-CT), Dianne Feinstein (D-CA), Maggie Hassan (D-NH), Jeanne Shaheen (D-NH), Kirsten Gillibrand (D-NY), and Angus King (I-ME). The bill sought to ban PFAS in cosmetics.

These two developments led us to conclude “with these developments, our prediction that cosmetics is the number two target for PFAS litigation issues behind water rings true.”

Why PFAS In Cosmetics Is A Concern

PFAS content in cosmetics raises concerns for human health in scientific communities due to the fact that PFAS are capable of entering the bloodstream in ways other than direct oral ingestion, and one of these ways includes dermal absorption. Concerns have also been raised regarding absorption of PFAS into the bloodstream by way of tear ducts. The absorption issue is one that is being studied fairly extensively through various pending scientific studies. At the end of 2021, the federal Agency for Toxic Substances and Disease Registry (ATSDR) went so far as to recommend that citizens in Southern New Hampshire reduce their risk of further PFAS exposure by avoiding the use of certain consumer goods, including cosmetics.

L’Oreal PFAS Lawsuit

On April 8, 2022, plaintiff Rebecca Vega filed a lawsuit in the New Jersey federal court seeking a proposed class action lawsuit against LOreal. The L’Oreal PFAS lawsuit alleges that the company does not disclose to consumers that its mascara and other products contain PFAS. Instead, the lawsuit states, the products were fraudulently and misleadingly marketed as safe for consumers and environmentally friendly, in violation of federal and state consumer laws. The Complaint details several examples of L’Oreal marketing indicating the safe nature of the products.

The plaintiff seeks certification of the class action lawsuit, injunctive relief, damages, fees, costs and a jury trial. The proposed class is any consumer in the United States, or in the subclass of New Jersey, who purchased the relevant L’Oreal products.

Just the Beginning For Cosmetics Industry

With studies underway, legislation pending that targets cosmetics, and increasing media reporting on cosmetics concerns to human health, the cosmetics industry has a target on its back with respect to PFAS that will have impacts on the industry’s involvement in litigation. Twelve months ago, we made this prediction: “Personal injury / products liability cases, false advertising, and failure to disclose theories of liability are some of the more prominent allegations that cosmetics companies are likely to face. Further, the cosmetics industry is concerned about federal and state level regulatory enforcement action for environmental pollution remediation costs stemming from placing PFAS waste into the environment as a by-product of the manufacturing process.”

The first part of our prediction is becoming reality, as four significant cosmetics industry players now find themselves embroiled in litigation focused on false advertising, consumer protection violations, and deceptive statements made in marketing and ESG reports. The lawsuits may well serve as a test case for plaintiffs’ bar to determine whether similar lawsuits will be successful in any (or all) of the fifty states in this country. Each cosmetics company faces the stark possibility of needing to defend lawsuits involving plaintiffs in all fifty states for products that contain PFAS.

It should be noted that these lawsuits would only touch on the marketing, advertising, ESG reporting, and consumer protection type of issues. Separate products lawsuits could follow that take direct aim at obtaining damages for personal injury for plaintiffs from cosmetics products. In addition, environmental pollution lawsuits could seek damage for diminution of property value, cleanup costs, and PFAS filtration systems if drinking water cleanup is required.

Conclusion

It is of the utmost importance that businesses along the whole supply chain in the cosmetics industry evaluate their PFAS risk. Public health and environmental groups urge legislators to regulate PFAS at an ever-increasing pace. Similarly, state level EPA enforcement action is increasing at a several-fold rate every year. Now, the first wave of lawsuits take direct aim at the cosmetics industry. Companies that did not manufacture PFAS, but merely utilized PFAS in their manufacturing processes, are therefore becoming targets of costly enforcement actions at rates that continue to multiply year over year. Lawsuits are also filed monthly by citizens or municipalities against companies that are increasingly not PFAS chemical manufacturers.

©2022 CMBG3 Law, LLC. All rights reserved.
Article By John Gardella with CMBG3 Law.
For more articles on ESG lawsuits, visit the NLR Environmental, Energy & Resources section.

Regulation by Definition: CFPB Broadens Definition of “Unfairness” to Rein in Discrimination

In a significant move, the CFPB announced on March 16revision to its supervisory operations to address discrimination outside of the traditional fair lending context, with future plans to scrutinize discriminatory conduct that violates the federal prohibition against “unfair” practices in such areas as advertising, pricing, and other areas to ensure that companies are appropriately testing for and eliminating illegal discrimination.  Specifically, the CFPB updated its Exam Manual for Unfair, Deceptive, or Abusive Acts or Practices (UDAAPs) noting that discrimination may meet the criteria for “unfairness” by causing substantial harm to consumers that they cannot reasonably avoid.

With this update, the CFPB intends to target discriminatory practices beyond its use of the Equal Credit Opportunity Act (ECOA) – a fair lending law which covers extensions of credit – and plans to also enforce the Consumer Financial Protection Act (CFPA), which prohibits UDAAPs in connection with any transaction for, or offer of, a consumer financial product or service.  To that end, future examinations will focus on policies or practices that, for example, exclude individuals from products and services, such as “not allowing African-American consumers to open deposit accounts, or subjecting African-American consumers to different requirements to open deposit accounts” that may be an unfair practice where the ECOA may not apply to this particular situation.

The CFPB notes that, among other things, examinations will (i) focus on discrimination in all consumer finance markets; (ii) require supervised companies to include documentation of customer demographics and the impact of products and fees on different demographic groups; and (iii) look at how companies test and monitor their decision-making processes for unfair discrimination, as well as discrimination under ECOA.

In a statement accompanying this announcement, CFPB Director Chopra stated that “[w]hen a person is denied access to a bank account because of their religion or race, this is unambiguously unfair . . . [w]e will be expanding our anti-discrimination efforts to combat discriminatory practices across the board in consumer finance.”

Putting it Into Practice:  This announcement expands the CFPB’s examination footprint beyond discrimination in the fair lending context and makes it likely that examiners will assess a company’s anti-discrimination programs as applied to all aspects of all consumer financial products or services, regardless of whether that company extends any credit.  By framing discrimination also as an UDAAP issue, the CFPB appears ready to address bias in connection with other kinds of financial products and services.  In particular, the CFPB intends to closely examine advertising and marketing activities targeted to consumers based on machine learning models and any potential discriminatory outcomes.

Article By Moorari Shah and A.J. S. Dhaliwal of Sheppard, Mullin, Richter & Hampton LLP

For more financial legal news, click here to visit the National Law Review.

Copyright © 2022, Sheppard Mullin Richter & Hampton LLP.

New Tools in the Fight Against Counterfeit Pharmaceuticals

The explosive growth of internet pharmacies and direct-to-consumer shipment of pharmaceuticals has provided increased access to, and reduced the cost of, important medications. Unfortunately, these same forces have increased the risks that counterfeit medicines will make their way to consumers, endangering patient safety and affecting manufacturers’ reputation in the public eye.

While the Food and Drug Administration attempts to police such misconduct through enforcement of the Food, Drug, and Cosmetics Act (FDCA), the resources devoted to enforcement are simply no match for the size and scope of the counterfeiting threat. Fortunately, pharmaceutical manufacturers are not without recourse, as several well-established tools may be used in the right circumstances to stop counterfeiters from profiting from the sale of knock-offs.

Experienced litigators can use the Lanham Act and the Racketeer Influenced Corrupt Organizations (RICO) Act to stop unscrupulous individuals and organizations from deceiving customers with counterfeit versions of trademarked drugs. Until recently, these legal weapons – including search warrants, seizures, forfeitures, and significant penalties – were typically wielded only by the government and only in criminal prosecutions.

As one recent case demonstrates, however, many of the tools that law enforcement has used for years to combat counterfeiters are also available to pharmaceutical manufacturers. In Gilead Sciences, Inc. v. Safe Chain Solutions, LLC, et al., the manufacturer of several trademarked HIV medications filed a civil complaint, under seal, alleging violations of the Lanham Act and RICO against scores of individuals and companies that were allegedly selling counterfeit versions of these drugs to patients across the country.

By deploying private investigators and techniques typically used by law enforcement, Gilead was able to gather a substantial amount of evidence before even filing the case. The company then used this evidence to secure ex parte seizure warrants and asset freezes, allowing it to locate and seize thousands of counterfeit pills and packaging before they could be shipped to unsuspecting consumers. Through the seizure of the financial proceeds of the alleged counterfeiting, Gilead prevented the dissipation of assets. If the company can successfully prove its RICO case, it stands to recover treble damages and attorneys’ fees as well.

Manufacturers of trademarked pharmaceuticals may consider using these and other tools to tackle the threat posed by counterfeiters. By drawing upon the experience and skills of trained litigators – particularly counsel who previously deployed these tools on behalf of the government while serving as federal prosecutors – companies can proactively protect their intellectual property and the consumers who depend on their products.

Article By Eric J. Beste, Anthony J. Burba and Heather F. Delgado of Barnes & Thornburg LLP

For more health law legal news, click here to visit the National Law Review.

© 2022 BARNES & THORNBURG LLP

Lawsuits Allege Fudged Fudge

 

hot fudge sundae misleadingly described as fudge dairy fat, are falsely and misleadingly described as “fudge.” (See Reinitz v. Kellogg Sales Company, Bartosiake v. Bimbo Bakeries

Three class-action lawsuits filed in district courts in Illinois allege that products containing vegetable oils, and not dairy fat, are falsely and misleadingly described as “fudge.” (See Reinitz v. Kellogg Sales CompanyBartosiake v. Bimbo Bakeries USA, Inc., and Lederman v. The Hershey Company).  The lawsuits, which are all filed by Sheehan & Associates, P.C. and are substantively identical, have targeted Kellogg Sales Company’s “Frosted Chocolate Fudge,” Bimbo Bakeries USA, Inc.’s “Chocolate Fudge Iced Cake,” and the Hershey Company’s “Hot Fudge” respectively.

The lawsuits allege that fudge is a candy made from the mixing of sugar, butter, and milk, and that the replacement of dairy fats (butter and/or milk) with vegetable oils in each of the three products at issue constitutes deceptive advertising.  In support of these claims, Plaintiff cites a hodgepodge of sources including three recipes from around the turn of the 20th century, a Wikipedia entry, Molly Mills, who is apparently “one of today’s leading authorities on fudge,” and a 1982 Bulletin from the International Dairy Federation.

Plaintiffs have not, however, provided any extrinsic evidence of consumer deception (e.g., market studies), and such information will almost certainly have to be produced for such a case to ultimately succeed. We have previously reported on several other class actions which allege that the replacement of dairy fat with vegetable oil is misleading to consumers (see here and here), and we will continue to monitor and report on the outcomes of these cases.

© 2021 Keller and Heckman LLP

Article by the Food and Drug Law at Keller and Heckman

See links for more articles on Biotech, Food, Drug law, and Consumer Protection law 

One-Two Punch: Businesses Must Fight the Virus and Possible Liability Claims

After several weeks in lockdown and thousands of business closures in an attempt to control the spread of the novel coronavirus, businesses are finally reopening their doors. Given the high transmission of COVID-19, businesses should consider their risks of legal liability to visitors on their property – customers, employees and others – in the event of COVID-19 exposure at their premises.  But the fear of civil liability remains a hindering problem. These claims will most commonly be pursued under the legal theory of negligence and plaintiffs may seeking financial compensation for their injuries and medical treatment related to COVID-19. Plaintiff’s lawyers in these cases will focus on the operations and procedures in place during the reopening. Some businesses are taking extraordinary measures to protect customers, while others are doing the bare minimum. Businesses need to know how to be in compliance with best safety practices to prevent and defend against claims related to an alleged failure to protect customers from COVID-19 exposures.

Immunity for Businesses for COVID-19 Exposure?

A large number of states, including Massachusetts, have enacted laws to shield health care workers, health care facilities and volunteer organizations treating COVID-19 patients from negligence claims subject to certain exceptions. However, the immunity does not extend to cover damages caused by gross negligence or recklessness. It is important to note that these states have not provided similar immunity to other businesses, nor have they limited liability in cases involving gross negligence for COVID-19 related claims. There have been discussions of additional legislation to protect businesses in these cases, but this has yet to happen.

Tort Claims and Premises Liability Law in Massachusetts

Personal injury claims typically stem from negligent acts, where a party had a duty of care, failed to reasonably care for that individual, and that failure to care caused the individual harm or injury. A ”duty of care” exists when its reasonably foreseeable that some act or omission would cause some type of knowable harm, and thus taking reasonable action to ensure safety. The breach of that duty is the act or omission that causes the harm. The breach of duty must cause some damages. Damages are monetary compensation for the victim’s injuries and losses if liability is found.

Premises liability law, a subset of personal injury law, similarly holds that property owners owe a duty of reasonable care to visitors on their premises in Massachusetts, so as to not create or allow unsafe or hazardous conditions to exist on their premises that could cause injury or harm to patrons and guests. If a hazardous condition exists that could reasonably cause harm, and the property owner fails to remove it or warn of it, this could ultimately result in liability.

The duty of care is stricter for business owners, as they invite persons onto their property to purchase goods or services. The level of care owed depends upon the type of visitor on the property. Massachusetts has two types of lawfully present visitors: 1) licensees- individuals presenting financial gain for the property owner like patrons, diners, shoppers; and 2) invitees- those who are not providing any financial gain to the property owner like guests and friends at a social gathering. The property owner owes its visitors a duty of care, that is to keep the property reasonably safe. In this context, the property owner is well aware of the risks associated with COVID-19, the nature of the disease and how it is transmitted. If it did not take reasonable steps to prevent the transmission of the virus to its licensees and invitees, and the claimant can prove the business’ failure to exercise reasonable care was a “substantial contributing factor” in causing the claimant’s injury, they may be entitled to damages, which can include among other things, medical expenses, economic damages, and even emotional distress.

Breach of Duty

There is an abundance of guidance available to businesses on the virus, transmission, preventative measures. Whether a business “breached” their duty of care will focus on what the business did to determine if taking action (or taking no action) was reasonable or not, given the state of knowledge on the virus. Thus, claimants would need to point to what steps the businesses took to protect its licensees and invitees, and whether there were additional procedures that could have been implemented to prevent the transmission, and whether those additional actions were reasonable in light of what was known about the virus. Intentional ignorance is not a defense – property owners have a duty to investigate known or potential hazards, including COVID-19.

Causation

Claimants in tort claims have the burden of proving causation. This usually means proving that the breach of duty was a “substantial contributing factor” in causing the claimant’s injury. In COVID-19 cases, the claimant will ultimately need to prove that the virus was contracted at that business as opposed to another source, which may be extremely difficult to do. Asymptomatic spread of COVID-19 is one of many challenges to proving the initial source of exposure. While some claimants will rely on contact tracing, that alone does not rule out alternative sources of COVID-19 exposure – any other place the person visited (markets, homes, their workplace), and exposure to family members and friends.

Notably, a large number of states are enacting legislation applicable to workers compensation claims related to COVID-19. This legislation establishes a rebuttable presumption that an employee who tests positive for COVID-19 contracted it in the course of employment, although some are limited to essential workers. A “rebuttable presumption” means that the burden of disproving causation is thrust upon the employer. While there are no similar rebuttable presumptions for personal injury and premise liability claimants at this time, it is an open question as to whether these presumptions can be used affirmatively in tort lawsuits, particularly in a situation where a worker brings COVID-19 into the home and sickens a family member or housemate.

Mitigating Liability

If businesses can show that safety protocols were followed, this evidence can be used to defend these types of claims. The Centers for Disease Control and Prevention (CDC) has set guidelines that should be followed as best practices to avoid COVID-19 liability claims. There is an abundance of state and local guidance on social distancing, use of masks and other measures to prevent the spread of the virus. With the vast amount of information available to the public on the risks of the virus and preventative measures, claimants will argue that businesses have enough information to safely operate Crafty plaintiff’s lawyers will likely seek out and find guidance that specifically supports their clients case. Business owners are advised to do the same for their respective industries, whether it be restaurants, offices or youth sports leagues.

Defenses to Consider in Defending COVID 19 Liability Claims

Statute of Limitations

The statute of limitations for in Massachusetts governing personal injury and premises liability cases places a time limit of three years within the date of the incident for filing the lawsuit. Lawsuits filed after the statute of limitations period may be dismissed as “time-barred.” Other states have similar statutes, although the specific timeframe may vary.

Modified Comparative Negligence Law

Some states, including Massachusetts, use a modified comparative negligence rule in personal injury cases, allowing plaintiffs to recover only if the defendant’s share of the blame was equal to or greater than their own. There are only a few exceptions allowing plaintiffs to recover if they were more than 51% at fault. Another important factor of this rule to consider is that if plaintiffs are found to be at fault, their damages are reduced by their allocated share of the blame. Did the visitor where a mask? Did they stay 6 feet apart from other individuals? Did they wash their hands and sanitize frequently? Were they placing their hands on their mouth and nose? These facts and circumstances are critical factors to consider when shifting the blame to the claimant.

Assumption of Risk Abolished in Massachusetts

Some jurisdictions allow a defendant in a personal injury action to raise an affirmative defense of assumption of risk, but that is abolished in Massachusetts as a defense in personal injury cases. In jurisdictions where this defense is allowed, instead of denying the allegations, defendants can assert that a plaintiff was aware of the risk when engaging in the activity or conduct, fully had knowledge of the consequences and willingly disregarded the risks or assumed the risks. Therefore, the defendant cannot be at fault for negligence and this serves as a complete bar to recovery.

Liability Waivers

Did a plaintiff sign a written liability waiver acknowledging and accepting risks? Enforceability of liability waivers as well as the exceptions to the enforceability of releases vary from state to state. While this only shows licensees and invitees were made aware of the risk, using such waivers in these COVID 19 claims is not a slam dunk defense.

Conclusion

We encourage businesses to consider these liability risks when resuming operations and to follow comprehensive procedures and CDC guidelines to mitigate the risks and protect licensees and invitees from the spread of the virus at these establishments. Our office can help businesses develop a plan specific to their business to mitigate the risks of liability from emerging claims related to COVID 19 and provide guidance and advocacy for defending such claims.

©2020 CMBG3 Law, LLC. All rights reserved.

ARTICLE BY Seta Accaoui at CMBG3 Law.
For more on business COVID-19 liability, see the National Law Review Coronavirus News section.

Clash of Consumer Protection Goals: Does the Text of the TCPA Frustrate the Purposes of the CPSA?

“Hello.  This is an automated call from Acme Manufacturing. Our records indicate that you purchased Product X between December 2019 and January 2020. We wanted to let you know that we are recalling Product X because of a potential fire risk. Please call us or visit our website for important information on how to participate in this recall.”

When companies recall products, they do so to protect consumers.  In fact, various federal laws, including the Consumer Product Safety Act (CPSA), the Federal Food, Drug, and Cosmetic Act (FDCA), and National Highway and Motor Vehicle Safety Act (MVSA), encourage (and may require) recalls. And the agencies that enforce these statutes would likely approve of the hypothetical automated call above because direct notification is the best way to motivate consumer responses to recalls.[1]

But automated calls to protect consumers can run into a problem: the Telephone Consumer Protection Act (TCPA).

Are Recall Calls a Nuisance or an Emergency?

The TCPA seeks to protect consumers from the “nuisance and privacy invasion” of unwanted automated marketing calls.[2] The TCPA prohibits any person from making marketing calls to landlines, or any non-emergency calls or text messages[3] to wireless lines, using automated dialers or recorded messages unless the recipient has given prior written consent. The Act includes a private right of action and statutory per-violation damages – $500, trebled to $1,500 if a court finds the violation willful and knowing.[4] These penalties can add up quickly: In one case, a jury found that a company violated the TCPA nearly two million times, exposing the company to minimum statutory damages totaling almost $1,000,000,000.[5]

There is an important exception to the TCPA’s prohibition on automated calls. The TCPA allows autodialed calls for emergency purposes,[6] but the Act does not define that phrase. While the FCC has interpreted emergency purposes to mean “calls made necessary in any situation affecting the health and safety of consumers,”[7] recalls are not explicitly identified within this definition. As a result, aggressive plaintiffs have demanded millions in damages from companies that use automatic dialers to disseminate recall messages.[8]

For example, a grocery chain – Kroger – made automated calls to some purchasers of ground beef as part of a recall stemming from salmonella concerns. A plaintiff responded with a purported class action that did not mention the recall [9] but was based on consumers alleging that they had received “annoying” “automated call[s] from Kroger.”

Moving to dismiss, Kroger observed that the plaintiff – who had not listened to the call beyond its initial greeting[10] and thus could not comment on the call’s text – had “cherry-picked”[11] portions of consumers’ online comments to support the case, omitting text that clearly demonstrated that the calls were made for health and safety purposes.[12] Kroger argued that the online comments did not support the plaintiff’s allegations that Kroger had made any marketing calls.

The court granted Kroger’s motion and dismissed the complaint without leave to amend. Even so, Kroger was compelled to spend time and money defending the claim.

In light of this type of lawsuit, one communications firm involved in automotive recalls has petitioned the FCC to “clarify . . . that motor vehicle safety recall-related calls and texts are ‘made for emergency purposes.’”[13] The Association of Global Automakers and the Alliance of Automobile Manufacturers commented in support of the petition, arguing that the “[l]ack of clarity regarding TCPA liability for vehicle safety recall messages has had a chilling effect on these important communications.”[14] The Settlement Special Administrator for the Takata airbag settlements also wrote in support, commenting that automated “recall-related calls and texts serve an easily recognizable public safety purpose.”[15]

The TCPA’s emergency exception offers protection in litigation. The FCC’s definition – “calls made necessary in any situation affecting the health and safety of consumers” – neatly encapsulates the entire function of a recall, namely acting to protect consumers’ health and safety. Moreover, in developing the emergency exception, Congress broadened initial language that excepted calls made by a “public school or other governmental entity” to the enacted “emergency purposes” phrasing precisely to ensure the exception encompassed automated emergency calls by private entities.[16] One of the seminal emergency purposes for which a private entity might seek to make automated calls is a product recall.

Even with such sound arguments that TCPA claims related to recall calls are without merit within the statute, however, aggressive plaintiffs have brought such claims. These efforts compel companies to spend finite resources defending claims that should not be brought in the first place. An express statutory or regulatory statement that recalls are squarely within the definition of emergency purposes would give companies greater confidence that not only would they be able to successfully defend against any effort to pit the TCPA against consumer-protection values, but that the claims are so unlikely to be brought that the companies need not even fear to have to defend.

Protecting Against Recall-Call Complaints

Until the FCC or Congress expressly instructs plaintiff’s counsel not to try to litigate against automated recall calls, there are steps companies that want to use automated dialers to drive recall responses can take to minimize any risk of a court misinterpreting their calls or finding TCPA liability where it should not attach.

For example, companies may (as some already do) ask for customers’ consent to be autodialed in connection with the products they have purchased – e.g., by including consent language on product warranty cards or registration forms. In fact, the Consumer Product Safety Improvement Act of 2008 (CPSIA)[17] already requires manufacturers of durable infant and toddler products to include registration cards for recall-communication purposes.[18] Companies in some other industries (like the on- and off-road motor vehicle industries) typically have robust registration systems that can incorporate auto dialing consent, and more companies in other spaces may want to consider using registration to facilitate recalls.

Further, automated recall calls should focus on the recall. If calls extend to marketing messaging, that could undermine both a future TCPA defense and the efficacy of that and future recall communications.

Optimally, companies would be less likely to need these defenses if the statute more clearly signaled to would-be litigants that they should not even bother. If the FCC grants the pending petition and plainly states that product recalls are emergencies for TCPA purposes, courts’ deference to agency interpretations might deter at least some complaints. A statutory amendment would be the surest guarantee, though, and manufacturers may wish to ask Congress to amend the TCPA to clarify that recall messages are emergency messages.

[1] See, e.g., Joseph F. Williams, U.S. Consumer Prod. Safety Comm’n, Recall Effectiveness Workshop Report, 5 (Feb. 22, 2018).

[2] Pub. L. No. 102-243, § 2(12), 105 Stat. 2394, 2395 (Dec. 20, 1991).

[3] Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991, CG Docket No. 02-278, Report and Order, 18 FCC Rcd 14014, 14115, para. 165 (2003)

[4] TCPA at § 3(a), 105 Stat. at 2399 (codified at 47 U.S.C. § 227(c)(5)).

[5] Wakefield v. ViSalus, Inc., No. 3:15-cv-1857-SI (D. Or.).

[6] See, e.g., TCPA at § 3(a), 105 Stat. at 2395-96 (codified at 47 U.S.C. § 227(b)(1)(A)).

[7] 47 C.F.R. § 64.1200(f)(4).

[8] See, e.g., Compl., Ibrahim v. Am. Honda Motor Co., Inc., No. 1:16-cv-04294, Dkt. #1 (N.D. Ill. Apr. 14, 2016).

[9] Compl., Brooks v. Kroger Co., No. 3:19-cv-00106-AJB-MDD, Dkt. #1 (S.D. Cal. Jan. 15, 2019) (“Brooks”).

[10] Pl. Opp. to Mot. to Dismiss at 5, Brooks, Dkt. #9 (Apr. 4, 2019).

[11] Reply in Supp. of Mot. to Dismiss at 7, Brooks, Dkt. #10 (Apr. 11, 2019).

[12] The plaintiff quoted one complaint as “Automated call from Kroger.” Compl. at 3-4, Brooks. As the defense noted, that complaint continued, “requesting that you return ground beef . . . due to the threat of salmonella.” Mem. in Supp. of Mot. to Dismiss at 6, Brooks Dkt. #7 (Mar. 21, 2019).

[13] IHS Markit Ltd. Petition for Emergency Declaratory Ruling, CG Docket No. 02-278, Petition, ii (Sept. 21, 2018).

[14] IHS Markit Ltd. Petition for Emergency Declaratory Ruling, CG Docket No. 02-278, Comments of Association of Global Automakers, Inc. and Alliance of Automobile Manufacturers, 9 (Nov. 5, 2018).

[15] IHS Markit Ltd. Petition for Emergency Declaratory Ruling, CG Docket No. 02-278, Comments of Patrick A. Juneau, 3 (Nov. 5, 2018).

[16] S. Rep. No. 102-178, 5 (Oct. 8, 1991).

[17] Pub. L. No. 110-314, 122 Stat. 3016 (Aug. 14, 2008) (codified as amended at 15 U.S.C. § 2056a).

[18] 15 U.S.C. § 2056a(d).

© 2020 Schiff Hardin LLP

For more on CPSA, FDCA, MVSA & other recalls, see the National Law Review Consumer Protection law section.

Florida’s Legislature to Consider Consumer Data Privacy Bill Akin to California’s CCPA

Florida lawmakers have proposed data privacy legislation that, if adopted, would impose significant new obligations on companies offering a website or online service to Florida residents, including allowing consumers to “opt out” of the sale of their personal information. While the bill (SB 1670 and HB 963) does not go as far as did the recent California Consumer Privacy Act, its adoption would mark a significant increase in Florida residents’ privacy rights. Companies that have an online presence in Florida should study the proposed legislation carefully. Our initial take on the proposed legislation appears below.

The proposed legislation requires an “operator” of a website or online service to provide consumers with (i) a “notice” regarding the personal information collected from consumers on the operator’s website or through the service and (ii) an opportunity to “opt out” of the sale of certain of a consumer’s personal information, known as “covered information” in the draft statute.

The “notice” would need to include several items. Most importantly, the operator would have to disclose “the categories of covered information that the operator collects through its website or online service about consumers who use [them] … and the categories of third parties with whom the operator may share such covered information.” The notice would also have to disclose “a description of the process, if applicable, for a consumer who uses or visits the website or online service to review and request changes to any of his or her covered information. . . .” The bill does not otherwise list when this “process” would be “applicable,” and it nowhere else appears to create for consumers any right to review and request changes.

While the draft legislation obligates operators to stop selling data of a consumer who submits a verified request to do so, it does not appear to require a description of those rights in the “notice.” That may just be an oversight in drafting. In any event, the bill is notable as it would be the first Florida law to require an online privacy notice. Further, a “sale” is defined as an exchange of covered information “for monetary consideration,” which is narrower than its CCPA counterpart, and contains exceptions for disclosures to an entity that merely processes information for the operator.

There are also significant questions about which entities would be subject to the proposed law. An “operator” is defined as a person who owns or operates a website or online service for commercial purposes, collects and maintains covered information from Florida residents, and purposefully directs activities toward the state. That “and” is assumed, as the proposed bill does not state whether those three requirements are conjunctive or disjunctive.

Excluded from the definition of “operator” is a financial institution (such as a bank or insurance company) already subject to the Gramm-Leach-Bliley Act, and an entity subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Outside of the definition of “operator,” the proposed legislation appears to further restrict the companies to which it would apply, to eliminate its application to smaller companies based in Florida, described as entities “located in this state,” whose “revenue is derived primarily from a source other than the sale or lease of goods, services, or credit on websites or online services,” and “whose website or online service has fewer than 20,000 unique visitors per year.” Again, that “and” is assumed as the bill does not specify “and” or “or.”

Lastly, the Department of Legal Affairs appears to be vested with authority to enforce the law. The proposed legislation states explicitly that it does not create a private right of action, although it also says that it is in addition to any other remedies provided by law.

The proposed legislation is part of an anticipated wave of privacy legislation under consideration across the country. California’s CCPA took effect in January and imposes significant obligations on covered businesses. Last year, Nevada passed privacy legislation that bears a striking resemblance to the proposed Florida legislation. Other privacy legislation has been proposed in Massachusetts and other jurisdictions.

©2011-2020 Carlton Fields, P.A.

For more on new and developing legislation in Florida and elsewhere, see the National Law Review Election Law & Legislative News section.

FDA Issues Warning Letters, Cautions Consumers on Unapproved CBD Products

Nearly a year after the 2018 Farm Bill legalized hemp nationwide, the legal status of one of its most popular products, cannabidiol (CBD), is becoming clearer.

On Nov. 25, the U.S. Food and Drug Administration (FDA) issued a revised consumer update regarding unapproved CBD products and issued a new round of warning letters to CBD retailers selling products in violation of the Food, Drug and Cosmetics Act (FDCA). The agency also warned of potential health risks and safety concerns associated with numerous unapproved CBD products. The FDA publicized its determination that CBD cannot be considered as Generally Recognized as Safe (GRAS) under federal law, foreclosing one of the regulatory paths available to the FDA for allowing CBD as a food ingredient.

These recent actions underscore the FDA’s interpretation that food products, unapproved drugs, dietary supplements and cosmetics containing CBD sold in interstate commerce often violate the FDCA.

FDA warning letters

In this recent round of enforcement efforts, the FDA issued fifteen warning letters to CBD companies selling a variety of products in interstate commerce, including balms, capsules, oils, tinctures, lotions, gummies, chews and sprays that were marketed for use by adults, children and animals.

The letters outline the FDA’s legal analysis which concludes that the products at issue were marketed in interstate commerce as unapproved new drugs, misbranded drugs, adulterated foods or improperly labeled as dietary supplements in violation of the FDCA. The crux of this analysis is that CBD is an active ingredient in an approved drug as well as other drugs under clinical investigation.

These products triggered FDCA violations in a variety of ways:

  • Unapproved new drugs – CBD products making claims to prevent, diagnose, mitigate, treat or cure serious diseases, such as cancer, AIDS, schizophrenia and diabetes.
  • Misbranded drugs – CBD products marketed as drugs that also fail to bear adequate directions for use.
  • Dietary supplement labeling – Improperly using the label “dietary supplement” when it does not meet the definition under the FDCA.
  • Adulterated human food – CBD products marketed as conventional human foods and contain a drug approved by the FDA.

Each warning letter identified an “unapproved new drug” violation with products making aggressive health claims surrounding cancer or other similar serious conditions, suggesting the FDA continues to focus its efforts at “egregious, over-the-line” health claims as referenced by former FDA Commissioner Scott Gottlieb.

FDA consumer update

The FDA simultaneously issued a consumer update, signaling that unapproved CBD products remain prohibited under the FDCA. The agency noted it has seen only limited data about CBD safety and that some of the data points to risks that should be considered before taking CBD.

The FDA warned that unapproved CBD products may pose safety risks and make unproven health claims. The FDA fears consumers may put off getting proper diagnosis, treatment or supportive care due to unsubstantiated claims associated with CBD products.

Additionally, the FDA noted the information it currently has “underscores the need for further study and high quality, scientific information about the safety and potential uses of CBD.” The consumer update further notes:

  • No FDA evaluation of CBD products – There has been no FDA evaluation of whether unapproved CBD products are effective for their intended use, what the proper dosage might be, how they could interact with FDA-approved drugs or whether they have dangerous side effects or other safety concerns.
  • Potential health risks – Specifically, the FDA also identified some of the potential risks associated with using CBD products, including liver injury and male reproductive toxicity. Other potential health risks remain unknown to date, including the effects of sustained daily usage by adults as well as the effects on children, breastfed newborns and developing fetuses.
  • Side effects – Other side effects include drowsiness, gastrointestinal distress and increased irritability and agitation.
  • Unregulated manufacturing process and product safety is unknown – The manufacturing process of unapproved CBD drug products has not been subject to FDA review and the effects of CBD containing potentially unsafe levels of contaminants, such as pesticides and heavy metals, are unknown.

CBD remains a legal product

Despite this recent action from the FDA, hemp-derived CBD remains a legal product under federal law, but it must be marketed without violating the FDCA. Additionally, the warning letters and consumer update highlight that the FDA is targeting its enforcement to companies engaged in interstate commerce and making egregious, unsubstantiated health claims.

As is the case with other cannabis issues, the disconnect between state and federal law means companies are finding ways to bring products to market while limiting their risk. However, stakeholders must be aware of the risks under state and federal law when marketing any product containing CBD.

Expect more information from the FDA soon

The consumer update also notes that the FDA is “evaluating the regulatory frameworks that apply to certain cannabis-derived products that are intended for non-drug uses, including whether and/or how the FDA might consider updating its regulations, as well as whether potential legislation might be appropriate.” More information will be coming soon from the FDA, but it may be awhile before CBD can be marketed legally as a food ingredient or dietary supplement under federal law.

Copyright © 2019 Godfrey & Kahn S.C.

More on FDA CBD Regulation via the National Law Review Biotech, Food & Drug law page.

CPSC Staff Addresses IoT 2018 Hearing Feedback, IoT Project Plans in New Report

Connected products can make the world a safer place: electronic sensors in the home can detect problems and send smartphone notifications to the homeowner; smart alert devices can notify family members or home help companies that an elderly person has fallen and needs assistance. But with over 64 billion connected products in the marketplace, there is a concern that connected devices could introduce hazards that might lead to a risk of injury due to problems with software updates or customization, faulty connections, and even consumer modifications.

As the body charged with overseeing consumer product safety in the U.S., over the last few years, the Consumer Product Safety Commission (CPSC) has shown an increasing interest in defining its role with regard to connected products. In May 2018, the CPSC held a public hearing on IoT, obtaining feedback from a range of stakeholders on potential risks of connected consumer products and the agency’s role. In late September, CPSC staff submitted to the Commission a status report outlining the CPSC’s work on consumer product IoT issues since the public hearing. The report also outlines how CPSC staff understands the agency’s role, which is safeguarding consumers from potential physical product risks, as well as how its work intersects with the jurisdiction of other agencies as they oversee connected products.

The report notes that this is an ongoing process, stating that CPSC staff is working on “how to define consumer product safety in terms of the IoT, the intersection of, and interdependencies among, consumer product safety, data security and privacy, and how our traditional risk management approaches apply to connected products.” The report acknowledges that privacy and data security are not within CPSC’s jurisdiction, but noted that at least one participant in CPSC’s 2018 hearing warned that “CPSC should pay attention to certain cybersecurity threats that create opportunities for physical harm, a risk not previously considered, and resist creating any prescriptive rules for IoT devices.”

To increase institutional knowledge of IoT benefits and challenges, CPSC has dedicated resources to develop its staff’s expertise. CPSC has also participated in developing voluntary standards, has taken a leadership role in establishing an interagency IoT working group, and has been developing its capability to simulate home networks at its laboratory.

The staff report outlines three ongoing internal projects relating to IoT. The first involves developing a methodology for assessing safety-related implications arising out of software and firmware updates to connected products. This project is at what CPSC views as the intersection of product safety and data security and potential “hazardization” of connected products as a result of data vulnerabilities. CPSC is also looking at connected heating appliances and the risks associated with their remote activation. Finally, CPSC is studying smart toys “in an effort to identify physical safety hazards.” It is surprising that CPSC staff would dedicate resources to toys as opposed to other products, like in-home safety devices, since the physical safety of toys is strictly regulated by the mandatory toy safety standard, ASTM F-963. The likelihood of physical hazardization of toys is far lower than, for example, connected home security devices and sensors. In those categories, connectivity, and thus security breaches that affect the operation of those devices, may be directly related to both safety risks and advantages. Indeed, home safety devices is a category where we have actually seen CPSC recall activity.

The report notes that CSPC is engaging in product safety assessments of connected& shared e-scooters. This is likely in response to reports of e-scooters that were vulnerable to hacking. The emerging hazards of micro-mobility devices such as shared e-scooters are also a focus of CPSC’s Operating Plan for Fiscal Year 2020 and represent another product category that appears to be more vulnerable to hazardization than connected toys.

CPSC staff intended to develop a best practices guide for industry and consumers on connected products, which was an enumerated project in the proposed Operating Plan for Fiscal Year 2020. However, an amendment introduced by Commissioner Feldman focuses CPSC’s resources on IoT intergovernmental work instead. Given the report’s acknowledgment that the agency is still working to develop staff expertise in IoT, attempting to create such a guide appears premature at this juncture.

The sharp increase in the number of connected devices in the market means it is necessary and appropriate for CPSC to continue to build expertise on IoT issues, even though very few examples of actual product safety hazards attributable to some type of connectivity failures exist. It would be useful for CPSC to focus its efforts and resources on product categories that pose a higher potential risk to the physical safety of consumers through hazardization or failure as a result of connectivity, without overstating potential risks. It is encouraging that through the intergovernmental initiatives a variety of federal agencies are working collaboratively to better understand the various consumer protection issues potentially raised by connected products that fit within their respective jurisdictions.

© 2019 Keller and Heckman LLP

For more CSPC regulation, see the National Law Review Consumer Protection law page.