Why the Location Privacy Protection Act is a commonsense consumer protection

chisbealsBy Christopher Beal, Public Policy Intern

With the seemingly ceaseless increase in the number of mobile internet devices finding their way into the hands (and pockets) of consumers, geolocation data (broadly, any information that can be used to identify the location of a person using a device) is becoming ever easier to collect and transmit without consumer awareness or consent. As such, a cohesive set of protections affording consumers with control and knowledge as to the collection and sharing of their sensitive private data is long overdue. The Location Privacy Protection Act of 2014 (“LPPA”) promises to do just that. Accordingly, NCL is pleased to offer its support for this legislation.

It doesn’t take much of a search to uncover that industry standards and established governmental protections are ineffective or easily circumvented. Many of the currently applicable laws were drafted in a time prior to the prevalence of internet-enabled cellphones and other mobile devices and, as such, don’t speak to the practice of sharing (or selling) geolocation data with commercial entities. As a result, companies can collect information which in any other context would be deemed irrefutably private (for example, visiting a therapist or going to a church) and share or sell that information to other companies (including advertisers). And beyond that, recent history shows that some companies participate in practices like this despite their privacy policy stating otherwise (for example, in May 2014 the FTC settled an enforcement action with Snapchat over their collecting geolocation data in contradiction of their privacy policy).

The LPPA requires that companies alert consumers to the act of geolocation collection and sharing, and to require individual consent before either may occur (with reasonable exceptions for emergencies, parental supervision of children, and the like). It also requires that companies in the practice of collecting geolocation data must disclose the kinds of data collected, the ways in which it is shared and used, and companies must tell consumers how they can stop this collection or sharing. The LPPA also has provisions targeting the practice of GPS stalking and of the collection of geolocation data without a user’s knowledge.

NCL — along with many other privacy and consumer groups and the FTC — supports a comprehensive privacy protection law that encompasses all consumer data. Absent such a law, consumers deserve to at least have their most sensitive data, such as location information — protected. On Wednesday, June 4, NCL Executive Director Sally Greenberg will be testifying before the Senate Judiciary Subcommittee on Privacy, Technology and the Law in support of the LPPA. To watch the hearing live, click here.


It’s time for broadcasters to step up on deceptive advertising

By John Breyault, Vice President of Public Policy, Telecommunications and Fraud

If you’ve turned on the television or radio recently, chances are that you’ve heard at least one advertisement that made you sit up and say “what the…?” From bogus weight-loss products, to suspicious tax “advice” firms, to “free” cruises to the Bahamas, it often seems difficult to avoid ads that are misleading, if not outright fraudulent.

At the federal level, the Federal Trade Commission (FTC) is charged with protecting consumers from unfair and deceptive advertising. Over the years, the agency has brought hundreds of cases against companies that have made dubious claims in their advertisements. In addition, in cases where there is evidence of fraud the FTC can also shut down operations under its “unfair and deceptive acts or practices” authority. State attorneys general also have authority to go after deceptive advertising and fraudulent operations.

Unfortunately, given the limited resources at their disposal, regulators are often only able to go after the most egregious cases of deception and fraud. The result? Ads for all kinds of deceptive and fraudulent products and services continue to proliferate on the public airwaves and on cable TV.

So what can be done to better police the airwaves for deceptive and fraudulent content? As part of its recent enforcement action against four bogus weight-loss companies, the FTC sent a letter to publishers and broadcasters asking them to refer to the FTC’s guidance on spotting phony weight-loss claims when advertisers submit ads.

While this action is a step in the right direction, we think the broadcasting and publishing industries can and should do more to vet the ads they run before they run. The FTC has largely steered clear of putting pressure on publishers and broadcasters to take this common-sense step. The Commission’s last significant effort on this was back in 2003, when former chairman Tim Muris asked cable television advertisers to strictly screen weight-loss ads.

As the Washington Post’s Lydia DePillis noted in a recent article on this topic, publishers and broadcasters usually cite two big reasons for resisting ad screening: their First Amendment right to publish and broadcast what they wish and the expense of setting up a screening program. With the proliferation of Internet-based advertising, the problem becomes even harder to control.

That said, we don’t think that these excuses are reason enough for the industry not to even try. Consumers tend to trust the ads they see on the radio or on television to a greater extent than online ads. When a fraudulent or deceptive ad runs, it undermines confidence in the advertising industry generally. More concretely, when a deceptive advertiser goes under due to enforcement actions, it can leave media outlets holding the bag. For example, when “tax resolution” company TaxMasters went bankrupt in 2012 after being investigated by the Texas Attorney General’s office, it owed CNN and Fox News Channel more than $3.5 million in unpaid advertising.

Doing a better job of screening out deceptive ads is not only the right thing to do from a public interest point of view, but it makes good business sense too. That being the case, why aren’t more companies doing it? Consumers deserve no less.


Did you know another American falls victim to ID theft #every3seconds?

clock graphicBy John Breyault, Vice President of Public Policy, Telecommunications and Fraud

NCL’s “State of ID Theft” Conference To Put National Spotlight on Continuing Problem

For thirteen years, the crime of identity theft has generated more complaints to the Federal Trade Commission than another other fraud. In 2012, more than 12 million Americans were affected by identity theft, costing the U.S. economy $20.9 billion. Every three seconds, a consumer’s identity is comprised by this pernicious crime.

Seven years ago, President George W. Bush, recognizing the seriousness of the threat of ID theft, created the federal Identity Theft Task Force. Made up of eighteen federal agencies, the task force was charged with implementing a range of recommendations to address the threat of ID theft. The task force made thirty-one recommendations, from reducing the use of Social Security Numbers by federal agencies, to improving coordination by law enforcement, to passing a national data breach notification standard, to name a few. The implementation of these recommendations by the federal government, as well as improved anti-fraud procedures in the private sector, have done much to make life harder on ID thieves.

Despite these advances, ID theft is still a major threat to consumers, business and the government. According to one conservative estimate, more than 1.1 billion records have been comprised by identity theft. Data breaches, which put information on millions of consumers in the hands of fraudsters, are still occurring at a rate of at least one per day.

Just as troubling, it appears that we may be on the cusp of a new wave of ID theft. With ever larger amounts of data being collected about consumers by government and the private sector, data breaches become more likely. Identity thieves are shifting towards scams that are harder to detect, such as tax-related ID theft and medical ID theft. And the criminal themselves — often located overseas — are becoming more professional and organized.

How will these new factors affect consumers’ vulnerability to identity theft? What can we learn from the last seven years of fighting this problem? What should consumers expect from regulators, law enforcement and the private sector as this crime evolves?

To examine these and other questions, the National Consumers League will be hosting our first State of ID Theft conference on December 12 in Washington, DC. The event will bring together some of the brightest minds in the country for panel discussion examining the continuing threat of ID theft and what can be done to better protect consumers. Headlining the conference will be a lunchtime conversation between FTC Chairwoman Edith Ramirez and Former Chairwoman Deborah Platt Majoras, who co-chaired the federal Identity Theft Task Force from 2006-08.

Registration is free but space is limited. Please RSVP here. For more information please contact John Breyault at johnb@nclnet.org.

Additional consumer protections could help prevent more Jamster’s

By John Breyault, Vice President of Public Policy, Telecommunications and Fraud

The Federal Trade Commission (FTC) today announced its second major enforcement action against a wireless cramming scheme – a $1.2 million settlement with Jesta Digital, a.k.a. Jamster. While enforcement actions may give some scammers pause, the dozens of FTC enforcement actions against landline cramming scammers since the early 2000’s show that enforcement alone isn’t the answer. As the FTC itself has stated, wireless cramming is a “significant consumer problem,” demanding action by federal regulators.

We couldn’t agree more. Based on data reported by the California Public Utilities Commission, the Federal Communications Commission (FCC) and the Vermont Attorney General’s office, we estimated that wireless cramming fraud is costing consumers as a much as $887 million per year. As we have said before, the Jamster case as well as Wise Media and JAWA before it, are likely just the tip of a very large iceberg when it comes to wireless cramming.

Unfortunately, the wireless industry seems determined to defend its assertion that there is not a significant wireless cramming problem in the U.S. For example, in June, CTIA, the wireless industry’s association, published an industry-funded study the called into question the results of an earlier study by the Center for Rural Studies at the University of Vermont. The Vermont study found that 60% of third-party charges on consumers’ wireless phone bills were unauthorized. An earlier analysis by the Illinois Consumer Utility Board found that 44% of third-party charges were unauthorized.

Continue reading

Join us in a twitterchat about online and mobile safety while traveling #ChatSTC


By Nikola Sirovica, Communications Intern

School is out, graduations are over, and the time for your summer vacation has arrived! You have your sunscreen, your giant cooler, and the beach chairs – all you need is that dream destination. Whether you are embarking on a last-minute getaway with friends or a family vacation planned months in advance, keeping your mobile devices safe and secure in unfamiliar places can be a challenge. Join us this Thursday, July 18 for a Twitterchat to discuss how to keep yourself safe online when traveling.

There are many tricks that criminals use to defraud vacationers via their mobile devices. How do you know if your Wi-Fi network is secure? What do you do if you lose your phone away from home? Should you change your privacy settings when traveling?

As consumers, it is very important to know your rights and take extra precautions while traveling. Be extra wary of any prizes and sweepstakes telling you that you’ve won a trip to the Bahamas, Florida, or any other dream location. These scams will ask you to pay a fee up front before you can receive your prize. Anyone who pays the fee will unfortunately find out the trip doesn’t exist and they have fallen victim to a scam.

On Thursday, NCL will be a guest expert in a Twitterchat organized by the National Cyber Security Alliance’s (NCSA) global cyber security campaign Stop. Think. Connect. Among the topics covered will be how to spot travel scams, how to identify reliable Wi-Fi connections, safe online banking, and which apps can be helpful to protect you when you are on the road. Ask questions in advance using the hashtag #ChatSTC, and the panel of experts will answer. Or, follow the conversation live at #ChatSTC.

When: Thursday, July 18th at 3 p.m. EDT/noon PDT

Who: National Consumers League (@ncl_tweets), STOP. THINK. CONNECT. (@STOPTHNKCONNECT), the U.S. Department of Homeland Security (@cyber), McAfee (@McAfeeConsumer), the FCC (@FCC).

Google’s Transparency Report reveals widespread global malware




By Sam Hamer and R.J. Smith, Public Policy Interns

Last week, tech giant Google released its semiannual Transparency Report, which for the first time included data about malware and security threats drawn from the company’s Safe Browsing program. The program began in 2006 as a way to identify infected sites and warn browser users who attempt to access them. According to Google:

“Our security team built Safe Browsing to identify unsafe Web sites and notify users and webmasters so they can protect themselves from harm. By providing details about the threats we detect and the warnings we show, we hope to shine some light on the state of web security and encourage safer web security practices.”

As part of the Safe Browsing program, Google scans a fraction of sites in each country and utilizes the data to indicate the prevalence of sites hosting malware. A country-by-country breakdown of the prevalence of malware-infected sites shows, for instance, that approximately 2 percent of the over 14 million sites in the United States contain malware or phishing scams. By comparison, roughly 15 percent of sites in India tested positive for malware, one of the highest rates in the world. Google’s worldwide tracker identifies as many as 90,000 unsafe Web sites per week, notifying webmasters each time fraudulent code is discovered. In addition to delivering a warning page to browser users who attempt to access these infected sites, webmasters receive a report notifying them of the corruption and instructing them to fix the problem.

Google’s disclosure of malware infection data has received significant media coverage, with the New York Times, NBC News, and CNN covering the release, in addition to a smattering of online magazines and tech blogs. Many credit Google with increasing popular awareness of “just how unsafe the Internet has become,” as the New York Times put it. Google’s Dorothy Chou disclosed in an email that, “the coverage has been fairly neutral to positive.” But, she notes, “[it is] probably too early to know what people are doing with the data release yet.”

Indeed, while Google’s collection of malware and phishing data over the past half-decade has provided greater certainty of where malicious online activity persists, just what the vanguards of online security should do with the data is less certain. As privacy blogger John Hawes notes on the blog Naked Security, webmasters can now monitor the Safe Browsing site for data about their site provider service. If Google’s data show that a particular site provider comes up as a host for a number of infected sites, then webmasters will know that they should start asking questions, Hawes suggests. Moreover, webmasters can better inform themselves about which site providers have a clean record, and flag those providers who host numerous infected sites.

If anything, the Safe Browsing program has contributed to a heightened awareness of Internet scams among the general populace. While many Internet users have heard of the words “phishing” and “malware,” Google has shed additional light on the scope of the problem. As Google engineer Niels Provos put it, “[Safe Browsing] is about making the Internet a safer environment… We want to make as much information available about the state of the Web as we see it…By putting [the data] out there, we want to educate Web masters that this is very real, that the danger of you getting infected is very large.”

Wireless cramming: The tip of a very large iceberg

By John Breyault, Vice President of Public Policy, Telecommunications and Fraud

Wireless cramming is at the top of the Federal Trade Commission’s agenda today, as government officials, advocates and industry representatives gather to discuss the issue and potential solutions at the FTC’s Mobile Cramming Roundtable. I am honored to present at the event, along with a number of other experts on the topic. For those loyal readers unable to watch the live webcast, I can sum up my comments thusly: Wireless cramming is a big problem and is only going to get worse without action by regulators to protect consumers.

Cramming fraud has been around for decades. Beginning in the late 1990s, enterprising scam artists learned that they could get small charges placed on consumers’ landline phone bills. With doctored “authentications” and poor policing by the phone companies and billing aggregators, scammers made millions of dollars. As consumers increasingly adopted wireless phones, the scam artists moved to those bills. Wireless cramming is proving to be just a lucrative for the fraudsters. In its first enforcement action against alleged wireless cramming outfit Wise Media, the FTC stated that the company made millions of dollars in less than two years of operation.

Wise Media is likely just the tip of a very large iceberg. While there is precious little data about the scope of the wireless third-party billing market generally and the cost of wireless cramming on consumers, we can make some educated estimates based on the data that is available.

Continue reading

Consumers need an FCC chair on their side

By Sally Greenberg, NCL Executive Director

Last month, the Federal Communications Commission announced that Julius Genachowski would soon be stepping down after four years as chairman. Now, all eyes are on the White House as it prepares to nominate his successor.

The FCC serves a critical role as a government watchdog and is charged with the important task of protecting the public interest in the telecommunications industry. Though the FCC is bound by law to weigh the interests and concerns of all parties, it is clear that consumers depend on the FCC to protect them and the public interest first and foremost.

Any consumer who has opened their mobile phone or cable bill in recent years understands the importance of having an FCC chair that is on their side. While the Obama Administration will undoubtedly consider a number of worthy candidates, we believe that the next FCC chair should have significant experience in public interest advocacy.

In the coming months and years, the FCC will consider a wide range of issues that impact consumers on a daily basis. Spectrum auctions will determine the shape of our mobile broadband future. The transition from a copper-based to IP-based telephone system will be felt by all Americans. Enforcement actions against fraudsters will protect millions of consumers.

The next FCC chair will play an enormous role in shaping how these and the myriad other issues the Commission handles on a daily basis are addressed. A background in public interest advocacy is therefore critical to helping that person understand how these issues affect consumers at a very basic level.

Washington is filled with lobbyists who have deep backgrounds in telecommunications and technology policy. They play an important role in helping the Commission address the often complex issues that it faces on a daily basis. That said, the FCC’s mission is to defend the public interest, not corporate bottom lines. Having someone at the top of the agency’s leadership who comes out of the public interest community will ensure that the FCC’s decisions reflect that critical responsibility.

This September 19, remember: ‘It Can Wait’

By John Breyault, NCL Vice President of Public Policy, Telecommunications and Fraud

“My aunt was in a car accident. She was texting and driving and drove off the edge of a bridge that didn’t have any guard rails. Her skull was crushed in and she was killed instantly. That haunts me every day. I want to take the pledge for her, and for my family and friends. #itcanwait” – Kelsey, TN

Today is September 19, 2012. While it may seem like any other Wednesday, it’s a special day for consumers concerned about the rising numbers of serious accidents attributed to texting while driving.  The quote above comes from a consumer who wrote in to ItCanWait.org, a website created by AT&T in partnership with more than a dozen community organizations (including NCL) to raise awareness about the dangers of texting while driving.

The numbers are frightening.  A 2009 Virginia Tech study found that operators of heavy vehicles or trucks are more than 23 times as likely to risk a crash or near-crash as non-distracted drivers.  A study by the Centers for Disease Control and Prevention founds that 58 percent of high school seniors said they texted or emailed while driving. About 6,000 deaths and half a million injuries are attributed to distracted driving per year, according to the U.S. Department of Transportation.

Clearly, texting while driving is an issue that continues to pose a major threat to consumers, despite the significant numbers of states and localities that have outlawed texting while driving.  Despite these laws, thousands of drivers continue to get hurt due to distracted driving, and particularly texting while driving.

More needs to be done to educate consumers about the dangers of distracted driving. This is why NCL is proud to support AT&T’s “It Can Wait” consumer education campaign.  If you haven’t already done so, head over to ItCanWait.org and sign the pledge to refrain from texting while driving.  Today is “Pledge Day,” so encourage your friends to support the campaign by sharing information about the campaign on Facebook and tweeting about it with the #itcanwait hashtag.

Remember, no life is worth risking over a text message. As Val from Texas put it:

Life >>>>> A silly little text message #itcanwait

‘CN U PIK ME UP FRM SOCCR, MOM?’ – NCL survey examines pre-teens and cell phones

By John Breyault, NCL Vice President of Public Policy, Telecommunications and Fraud

In addition to lunch money, friendship bracelets and the occasional frog for teacher’s desk, today’s pre-teens are just as likely to carry a cell phone in their backpacks.  According to a new survey released today by NCL, nearly 6 in 10 (56 percent) of parents of tweens have purchased a cell phone for their tween-aged (8-12) children.

Why the focus on pre-teens?  According to a 2007 survey by C&R Research, 46 percent of children ages 9-11 had cell phones.  Today’s report shows that cell phone penetration rates among this demographic continues to climb.

In response to this development, over the past twelve months, NCL has worked to provide parents of younger children the tools they need to make an informed buying decision.  Parents of pre-teens clearly have different priorities to consider regarding cell phone use than parents of teenagers.  In addition, more than 30 percent of American households now have cell phones as their only phones.  These market developments have left many parents scratching their heads as to how they deal with this brave new world of kids and phones.

That’s why NCL has developed a parent’s guide to pre-teen cell phone use.  We also have tips for parents on how to take advantage of parental control technologies to manage kids’ cell phones.  Indeed, NCL’s survey found that among parents whose cell phones bills were higher than expected, investigating parental controls was the preferred method to control costs (62 percent), higher than setting a monthly budget (38 percent), cancelling the phone (23 percent) or switching to an unlimited service plan (22 percent).

It’s never a good idea to go grocery shopping without a list (or on an empty stomach), because you’re likely to buy things you don’t really need.  The same principles are at work when it comes to buying a cell phone. A rough game plan developed before you start shopping can help you stay within budget and get a phone that fits for your kids. Our pre-teen cell phone guide has some suggested questions to ask yourself before you head in to the cell phone store and your child’s eyes get wide at the site of the latest iPhone or Android superphone.

Armed with a good idea of what kind of phone works for your child and how much you want to spend, parents can (hopefully!) avoid sticker shock from pre-teen cell phone use.

Now if they could just make a consumer guide for getting kids to eat their broccoli and stop picking on their kid brothers …