Attorney, Division of Privacy and Identity Protection, FTC
Whether it’s a website where people diagnosed with the same medical condition can share their stories or an app to find out how long it will take in the gym to burn off a Macadamia Mania Ripple sundae, consumers are taking their health in their own hands — and generating a massive amount of digital data in the process.
Thanks to a settlement with the FTC, Apple is refunding more than $32 million to people for in-app charges made by kids without their parent’s permission. Apple also had to change its billing practices to make sure it now gets express, informed consent from people before charging them for in-app purchases.
Imagine a criminal gang has defrauded thousands of people around the country. They may have scammed folks out of millions — or tens of millions — of dollars. The FTC goes after just these kinds of bad guys, and often, can get money back for the consumers who were ripped off. But what about the scammers? Some of them just pick up stakes and start again — ripping off more people along the way. The FTC might haul them right back into court. But the unfortunate truth about some of these crooks is that nothing short of locking them up is going to stop them. That’s where the FTC’s Criminal Liaison Unit comes in. The CLU teams up with prosecutors to get justice for consumers.
Right about now is the time when many of us are searching for scholarships and financial aid for our college-bound kids. Or maybe Junior is interviewing for his first job — or Muffy is buying her first car. In the middle of the paperwork, you might get a nasty surprise: your child’s credit report shows unpaid bills and a loan default. What? My child’s credit report? Children and young teens aren’t even legally able to open credit accounts on their own; you wouldn’t expect them to have a credit report. So what happened? Most likely, it’s identity theft.
A child's Social Security number can be used by identity thieves to apply for government benefits and tax refunds, open bank and credit card accounts, apply for a loan or utility service, or rent a place to live. The best way to know if your child’s information is being misused is to check for a credit report. Even if you don’t suspect identity theft, it’s a good idea to see if there is a credit file on your child. Do a check at their 16th birthday. And if needed, take action immediately.
Have you gotten an email with the subject line “Pending consumer complaint” that looks like it came from the FTC? The email warns that a complaint against you has been filed with the FTC. It asks you to click on a link or attachment for more information or to contact the FTC.
These emails pull out all the stops to look official: They have an FTC seal, references to the “Consumer Credit Protection Act (CCPA)” and a “formal investigation,” and what look like real FTC links. The truth is that they’re fakes.
“Hereby you are notified that you have been scheduled to appear for your hearing that will take place in the court of Tallahassee in April 02, 2014 at 09:00 am.” Signed, the Clerk to the Court.
Sound official? Like the fake funeral notices we wrote about recently, emails like this have been going around trying to convince concerned — or curious — people to click on the supposed “court notice.”
A long time ago, in a galaxy far, far away, people used phones primarily to call each other. Strange, huh?
Today, in this galaxy, many of us depend on our phones to take care of everyday tasks like waking up on time, keeping track of our calories, and sharing photos and updates. Need movie tickets? Tap, tap, and done. Want to track your credit history and get free credit scores? Yep, you can do that, too.
Unfortunately, according to the FTC, apps don’t always secure the information they send and receive, and that could lead to serious problems for users. Two companies the FTC is focusing on today: Fandango and Credit Karma. The FTC says these popular services didn’t properly secure information sent through their apps — including credit card numbers (Fandango) and Social Security numbers (Credit Karma).
An app that does not validate its security certificate leaves users vulnerable to “man in the middle” attacks.
Some companies can be very sneaky these days. Especially when they buy lists of consumers’ phone numbers from companies that falsely claim those consumers have given written consent to get sales calls despite being on the National Do Not Call registry.