Wiley Consumer Protection Download (March 12, 2024)

March 12, 2024

Regulatory Announcements
Select Enforcement Actions
Upcoming Comment Deadlines and Events
More Analysis from Wiley

Welcome to Wiley’s update on recent developments and what’s next in consumer protection at the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC). In this newsletter, we analyze recent regulatory announcements, recap select enforcement actions, and preview upcoming deadlines and events. We also include links to our articles, blogs, and webinars with more analysis in these areas. We understand that keeping on top of the rapidly evolving regulatory landscape is more important than ever for businesses seeking to offer new and groundbreaking technologies. Please reach out if there are other topics you’d like to see us cover or for any additional information.

To subscribe to this newsletter, click here.

Regulatory Announcements

U.S. Senate Confirms Andrew Ferguson and Melissa Holyoak as FTC Commissioners. On March 8, the U.S. Senate confirmed Andrew Ferguson and Melissa Holyoak to serve as FTC Commissioners, and confirmed Commissioner Rebecca Kelly Slaughter to a second term as FTC Commissioner. On July 11, 2023, President Biden nominated Ferguson and Holyoak to the open FTC Commissioner seats previously occupied by former Commissioners Noah Phillips and Christine Wilson. On March 8, FTC Chair Lina Khan issued a Press Release regarding the confirmations: “I look forward to welcoming Andrew and Melissa to the FTC as we work to vigorously protect Americans from unfair methods of competition and unfair and deceptive business practices.”

Ferguson previously served as the Solicitor General in the Virginia Attorney General’s Office. Before joining the Virginia state government, Ferguson worked as Chief Counsel for Sen. Mitch McConnell (R-KY) and Chief Counsel for Nominations and the Constitution to then-Judiciary Committee Chairman Lindsey Graham (R-SC), among other positions.

Holyoak previously served as the Solicitor General in the Utah Attorney General’s Office. Previously, she served as President and General Counsel for the Hamilton Lincoln Law Institute, and Senior Attorney for the Center for Class Action Fairness at the Competitive Enterprise Institute.

FTC Issues Final Rule Extending the TSR to Telemarketing Calls to Businesses. On March 7, the FTC voted 3-0 to approve a Final Rule that amends the agency’s Telemarketing Sales Rule (TSR) to prohibit business-to-business telemarketing calls that qualify as misrepresentations under the Rule. The Final Rule also modifies the TSR’s current recordkeeping obligations to require telemarketers to retain call detail records, evidence of consent to make calls, records demonstrating compliance with the National Do Not Call Registry, and a written agreement allocating responsibility between sellers and telemarketers for the recordkeeping required under the TSR.

The FTC also approved a Notice of Proposed Rulemaking (NPRM) that proposes to amend the TSR to extend its coverage to inbound telemarketing calls involving technical support services. The TSR current covers certain inbound calls, such as calls that consumers make to telemarketers. The NPRM would extend this coverage to technical support service calls. Comments on the NPRM are due 60 days after publication in the Federal Register.

CFPB Issues Final Rule Regulating Credit Card Late Fees. On March 5, the CFPB issued a Final Rule that amends regulations implementing the Credit Card Accountability Responsibility and Disclosure Act of 2009 (CARD Act) by lowering the immunity provision for late fees to $8 for a missed payment. The Final Rule applies to card issuers that together with their affiliates have one million or more open credit card accounts. Although the Final Rule lowers the immunity provision for late fees to $8 for a missed payment, issuers are able to charge fees above $8, provided that they can prove that the higher fee is necessary to cover their actual collection costs.

FTC Testifies in Support of Colorado Repair Law. On February 29, the FTC testified before the Colorado General Assembly’s Committee on Business Affairs and Labor in support of Colorado HB 24-1121. If enacted, Colorado HB 24-1121 would expand the state’s repair laws to cover “digital electronic equipment,” which is defined as “a hardware product: (I) manufactured for the first time and first sold or used in Colorado: (A) on or after July 1, 2021, with respect to a cell phone; or (B) on or after July 1, 2015, with respect to any consumer electronic device that is not a cell phone; and (II) that depends, in whole or in part, on digital electronics embedded in or attached to the product in order for the product to function as intended.” In particular, HB 24-1121 would place restrictions on “parts pairing,” which is defined as “a manufacturer’s practice of using software to identify component parts through a unique identifier.”

CFPB Issues Consumer Financial Protection Circular on the CFPA’s Applicability to Comparison-Shopping Tools and Lead Generators. On February 29, the CFPB issued a Consumer Financial Protection Circular outlining certain practices by digital comparison-shopping tools and lead generators that the CFPB states can violate the Consumer Financial Protection Act’s (CFPA) prohibition on abusive acts or practices. Specifically, the Circular states that digital comparison-shopping tools can violate the CFPA if they “distort the shopping experience by steering consumers to certain products or services based on remuneration to the operator.” Moreover, the Circular asserts that lead generators can violate the statute if they “steer consumers to one participating financial services provider instead of another based on compensation received.” The Circular further explains that if consumers “reasonably rely on an operator of a digital comparison-shopping tool or a lead generator to act in their interests, the operator or lead generator can take unreasonable advantage of that reliance by giving preferential treatment to their own or other products or services through steering or enhanced product placement, for financial or other benefits.”

Select Enforcement Actions

FTC Finalizes Order Against Prison Communications Service Provider After Data Breach. On February 23, the FTC finalized its order against a prison communications service provider after a 30-day notice and comment period. In November, the FTC alleged that the defendants violated the FTC Act by failing to maintain adequate cybersecurity measures to prevent bad actors from accessing data stored in the cloud. The company agreed to the consent order and will implement an information security program, notify consumers of the breach, and offer credit monitoring and identity protection services to affected consumers.

FTC Settles with Online Retailer for Allegedly Misleading Marketing Practices. On February 26, the FTC filed a proposed stipulated order in the U.S. District Court for the Eastern District of New York against an online retailer and its owner that sold, among other items, personal protective equipment (PPE) and facemasks. In July 2020, the FTC filed a complaint against the defendants alleging that the company falsely promised “next-day” delivery of personal PPE and other protective products during the COVID-19 pandemic, and that some of the other products sold through the website were falsely labeled as “authentic” or certified. The stipulated order bans the defendants from selling PPE in addition to other injunctive relief and a monetary judgment of $1,088,984.20.

FTC Settles with E-Commerce Companies and Their Owners for Allegedly Deceptive Advertising Practices. On February 26, the FTC filed a stipulated order in the U.S. District Court for the Southern District of California against three individuals and their respective e-commerce companies. In August 2023, the FTC alleged in its complaint that the defendants misled consumers by promising that the purchase of their ecommerce store package would yield high investment returns. The defendants have agreed to a total monetary judgment of $21,765,902.65 in addition to injunctive relief.

Upcoming Comment Deadlines and Events

CFPB Seeks Comment on Proposed Rule to Prohibit NSF Fees for Instantaneously Declined Transactions. Comments are due March 25, 2024 on the CFPB’s Proposed Rule to prohibit “covered financial institutions,” as the term is defined in Regulation E, from charging nonsufficient funds (NSF) fees on transactions that are declined instantaneously or near-instantaneously for insufficient funds. According to the Proposed Rule, a declination occurs instantaneously or near-instantaneously “when the transaction is processed in real time and there is no significant perceptible delay to the consumer when attempting the transaction.” The proposed prohibition would cover transactions involving debit cards, ATMs, and person-to-person (P2P) payment applications. If adopted, the Proposed Rule would make charging such NSF fees an abusive practice under the Consumer Financial Protection Act.

FTC Extends Deadline to Consider COPPA Parental Consent Mechanism That Uses Machine Learning Technology. The FTC announced that it extended by 60 days the January 29, 2024 deadline to consider whether to approve a June 2, 2023 Application to use “Privacy-Protective Facial Age Estimation” technology to obtain parental consent under the Children’s Online Privacy Protection Act (COPPA) Rule. Public comments on the Application were due August 21. The COPPA Rule permits parties to file written requests for FTC “approval of parental consent methods” not listed in the COPPA Rule. The new deadline for the FTC to consider the Application is now March 29, 2024.

CFPB Proposes Rule to Target Certain Overdraft Fees Charged by Large Financial Institutions. Comments are due April 1, 2024 on the CFPB’s Proposed Rule to amend Regulation E, implemented under the Electronic Fund Transfer Act, and Regulation Z, implemented under the Truth in Lending Act, to update regulatory exceptions for overdraft credit provided by financial institutions with assets of $10 billion or more. Among other things, the Proposed Rule would, if adopted, preserve courtesy overdraft loan services provided by these financial institutions, but would limit the fees charged on such loans to only the financial institutions’ costs and losses. Specifically, the Proposed Rule would permit financial institutions to calculate their own costs using either a “breakeven standard” or rely on a “benchmark fee” set by the CFPB. Under the “breakeven standard,” the Proposed Rule would allow financial institutions to charge fees to recover both losses the financial institutions incur when they write off overdrawn account balances not returned to positive, and any direct costs that are traceable to the provision of overdraft services. Under the “benchmark fee” approach, financial institutions would be permitted to charge a fixed fee set by the CFPB.

FTC Seeks Comment on Energy Labeling Rule NPRM. Comments are due April 2, 2024 on the FTC’s NPRM seeking comment on proposed revisions to the agency’s Energy Labeling Rule. As described by the FTC, the Energy Labeling Rule requires, for certain products, “the familiar yellow Energy Guide labels stating a product’s estimated annual operating cost and energy consumption, and a range for comparing the highest and lowest energy cost for similar models.” The NPRM seeks comment on four broad issue areas related to the Energy Labeling Rule: (1) proposed new labels for previously unlabeled air cleaners, clothes dryers, miscellaneous refrigerator products, and portable electric spas; (2) new issues that commenters raised in the Advance Notice of Proposed Rulemaking phase regarding existing labels for clothes washers, televisions, and heating products including water heaters, pool heaters, and boilers; (3) several proposed amendments to match label format and location shopping patterns (such as requiring manufacturers to affix labels to large appliances prepared for showroom display only); and (4) minor amendments to address various issues, including compliance dates for ranges, television data updates, and format and placement requirements for labels.

FTC to Convene Scams Against Older Adults Advisory Group. The FTC will host an online meeting of the Scams Against Older Adults Advisory Group on April 2, 2024 at 2 p.m. Eastern Time. The Advisory Group includes committees focused on “expanding consumer education and outreach efforts; improving industry training on scam prevention; identifying innovative or high-tech methods to detect and stop scams; and reviewing research on effective consumer messaging to prevent scams.” The Advisory Group is comprised of representatives from government agencies, advocacy groups, and private industry. The online meeting will be open to the public and viewable at

FTC Issues SNPRM Seeking Comment on Prohibiting the Impersonation of Individuals. Comments are due April 30, 2024 on the FTC’s Supplemental Notice of Proposed Rulemaking (SNPRM) that proposes to amend the newly adopted rule to prohibit the impersonation of individuals and extend the scope of liability for violations in place of its previous proposal. Specifically, and as we summarized here, the SNPRM proposes to revise the FTC’s Trade Regulation Rule on Impersonation of Government and Business to both add a prohibition on the impersonation of individuals, and extend liability for Rule violations to parties who provide goods and services with “knowledge or reason to know that those goods or services will be used in impersonations of the kind that are themselves unlawful under the Rule.”

More Analysis from Wiley

Executive Order on Foreign Access to Sensitive Personal Data Will Increase U.S. Regulation of Cross-Border Data Transfers

State Privacy Law 2024: Major Enforcement and Compliance Activity Shows No Signs of Slowing Down

Start Here: Cyber Fundamentals for Public Policy Makers

NIST Cybersecurity Framework 2.0 Reveals Major Shifts in Federal Guidance

Federal Government Acts on Connected Vehicle Privacy and National Security Concerns

FCC Extends Regulatory Reach Over AI: Announces TCPA Restrictions Cover AI-Generated Voices in Outbound Calls

California Appeals Court Allows Immediate Enforcement of CPRA Regulations

DOJ Signals Tough Stance on Crimes Involving Misuse of Artificial Intelligence

SEC Chairman Critiques AI: Compares Faulty AI to "Hallucinogenic Mushrooms" and Predicts Regulation and Oversight

Wiley Promotes Megan Brown and Duane Pozza to Co-Chairs of Privacy, Cyber & Data Governance Practice

Podcast: AI in 2024: What Comes Next?

CES 2024: FTC Commissioner Slaughter Discusses New Rules, Competition, and AI

State Privacy Update: New Jersey Becomes 13th State to Pass a Consumer Privacy Bill

Heading into 2024, Federal AI Activity Ramps Up After AI Executive Order

AI Around the Globe: What to Know in 2024

Cybersecurity in 2024: Ten Top Issues to Consider

Annual Updates to Privacy Policies Reminder and Looking Ahead to 2024

FCC and FTC Launch Inquiries on AI and Voice Cloning

FCC Expands Privacy and Data Protection Work with States to Increase Investigations

AI Use is Promising Yet Risky for Government Subpoenas and CIDs

DOJ Must Help in Fighting Illegal Robocalls, Lawyers Say

CFPB Poised to Significantly Expand the Reach of the Fair Credit Reporting Act

FTC and HHS Caution Hospitals and Telehealth Providers on Tracking Tech

Podcast: The “Wild West” of AI Use in Campaigns

SEC Cyber Reporting Mandates: How to Request a National Security or Public Safety Delay

Podcast: What could AI regulation in the U.S. look like?

Podcast: AI Risk Management: A Discussion with NIST’s Elham Tabassi on the NIST AI Risk Management Framework

Generative AI Policies: Five Key Considerations for Companies to Weigh Before Using Generative AI Tools

U.S. State Privacy Law Guide

Legal 500 US Recognizes Wiley’s Telecom, Media & Technology Practice as Tier 1. Read more here.

Read Time: 12 min
Jump to top of page

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.