In a previous blog, we discussed the Federal Trade Commission’s (“FTC”) proposed changes to its Guides Concerning the Use of Endorsements and Testimonials in Advertising (the “Endorsement Guides”). The Endorsement Guides are intended to help businesses ensure that their endorsement and testimonial advertising conforms with Section 5 of the FTC Act, which prohibits “unfair or deceptive acts or practices in or affecting commerce,” including false advertising. We specifically highlighted the FTC’s proposed changes related to social media platforms and their users, deceptive endorsements by online “influencers,” businesses’ use of consumer reviews, and the impact of advertising on children. Now, approximately one year later, and after receiving and considering public comments on its proposed changes, the FTC has issued its final rule adopting revisions to the Endorsement Guides. See Guides Concerning the Use of Endorsements and Testimonials in Advertising, 88 Fed. Reg. 48092 (July 26, 2023) (to be codified at 16 C.F.R. pt. 255). In issuing its final revised Endorsement Guides, the FTC stated that the changes are intended to “reflect the ways advertisers now reach consumers to promote products and services, including through social media and reviews.” We summarize below the FTC’s final revisions to the same sections of the Endorsement Guides covered in our earlier blog.
A recent enforcement action by the Federal Trade Commission (“FTC”) against 1Health.io—which sells “DNA Health Test Kits” to consumers for health and ancestry insights—serves as a reminder that the FTC is increasingly exercising its consumer protection authority in the context of privacy and data protection. This is especially true where the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) does not reach. The FTC’s settlement with 1Health.io highlights a wide-range of privacy and security issues companies should consider relating to best practices for updating privacy policies, data retention policies, configuration of cloud storage and vendor management, especially when handling sensitive genetic data.
On May 18, 2023, the Federal Trade Commission (FTC) filed a Notice of Proposed Rulemaking and Request for Public Comment (“NPRM”) seeking to amend the Health Breach Notification Rule (“HBNR”). We previously wrote about the FTC’s policy statement, in which the FTC took the position that mobile health applications that are not covered by the Health Insurance Portability and Accountability Act (“HIPAA”) are covered by the HBNR. In our post, we highlighted concerns raised in dissent by commissioner Noah Joshua Phillips that the FTC’s interpretation of “breach of security” was too broad. Commissioner Phillips has since resigned.
In the absence of a federal law directly aimed at regulating artificial intelligence (AI), the Federal Trade Commission (FTC) is seeking to position itself as one of the primary regulators of this emergent technology through existing laws under the FTC’s ambit. As we recently wrote, the FTC announced the establishment of an Office of Technology, designed to provide technology expertise and support the FTC in enforcement actions. In a May 3, 2023 opinion piece published in the New York Times entitled “We Must Regulate A.I. Here’s How,” Lina Khan, the Chairperson of the FTC, outlined at least three potential avenues for FTC enforcement and oversight of artificial intelligence technology.
On February 17, 2023, the Federal Trade Commission (“FTC”) announced the creation of the Office of Technology (the “OT”), which will be headed by Stephanie T. Nguyen as Chief Technology Officer. This development comes on the heels of increasing FTC scrutiny of technology companies. The OT will provide technical expertise and strengthen the FTC’s ability to enforce competition and consumer protection laws across a wide variety of technology-related topics, such as artificial intelligence (“AI”), automated decision systems, digital advertising, and the collection and sale of data. In addition to assisting with enforcement matters, the OT will be responsible for, among other things, policy and research initiatives, and advising the FTC’s Office of Congressional Relations and its Office of International Affairs.
The success of an artificial intelligence (AI) algorithm depends in large part upon trust, yet many AI technologies function as opaque ‘black boxes.’ Indeed, some are intentionally designed that way. This charts a mistaken course.
The Federal Trade Commission (“FTC”) recently issued guidance clarifying protections applicable to consumers’ sensitive personal data increasingly collected by so-called “health apps.” The FTC press release indicated it has approved a policy statement by a vote of 3-2 offering guidance that organizations using “health applications and connected devices” to “collect or use” consumers’ personal health information must comply with the cybersecurity, privacy and notification mandates of the Health Breach Notification Rule (the “Rule”).
Earlier this summer, Ethan P. Davis, Principal Deputy Assistant Attorney General for the Civil Division of the U.S. Department of Justice (DOJ) delivered remarks addressing DOJ’s top priorities for enforcement actions related to COVID-19 and indicating that DOJ plans to “vigorously pursue fraud and other illegal activity.” As discussed below, Davis’s remarks not only highlighted principles that will guide enforcement efforts of the Civil Fraud Section under the False Claims Act (FCA) and of the Consumer Protection Branch (CPB) under the Food, Drug, and Cosmetic Act (FDCA) and the Controlled Substances Act (CSA) in response to the COVID-19 public health emergency (PHE), they also provide an indication of how DOJ might approach enforcement over the next few years.
DOJ'S KEY CONSIDERATIONS & ENFORCEMENT STRATEGY FOR COVID-19
Davis highlighted two key principles that would drive DOJ’s COVID-related enforcement efforts: the energetic use of “every enforcement tool available to prevent wrongdoers from exploiting the COVID-19 crisis” and a respect of the private sector’s critical role in ending the pandemic and restarting the economy. Under that framework, DOJ plans to pursue fraud and other illegal activity under the FCA, which Davis characterizes as “one of the most effective weapons in [DOJ’s] arsenal.”
However, as DOJ pursues FCA cases, it will also seek to affirmatively dismiss qui tam claims that DOJ finds meritless or that interfere with agency policy and programs. DOJ also plans to collect certain information from qui tam relators regarding third-party litigation funders during relator interviews. DOJ’s emphasis on qui tam cases—cases brought under the FCA by relators or whistleblowers—for COVID-related enforcement highlights the impact such matters have on DOJ’s enforcement agenda.
- DOJ will consider dismissing cases that involve regulatory overreach and are not otherwise in the interest of the United States.
Although Davis emphasized that the majority of qui tam cases would be allowed to proceed, in order to “weed out” cases that lack merit or that DOJ believes should not proceed, DOJ will consider dismissing cases that “involve regulatory overreach or are otherwise not in the interest of the United States.” This is consistent with the principles reflected in the 2018 Granston Memo that instructed DOJ attorneys to consider “whether the government’s interests are served” when considering whether cases should proceed and listed considerations for seeking alternative grounds for dismissal of FCA cases. Davis gave examples throughout his speech of actions DOJ might consider dismissing:
- Cases based on immaterial or inadvertent mistakes, such as technical mistakes with paperwork
- Cases based on honest misunderstandings of rules, terms, and conditions
- Cases based on alleged deviations from non-binding guidance documents
- Cases against entities that reasonably attempted to comply with guidance and “in good faith took advantage of the regulatory flexibilities granted by federal agencies in the time of crisis.”
DOJ litigators have been advised to inform relators of the possibility of dismissal. Additionally, qui tam suits based on behaviors temporarily permitted during the COVID-19 pandemic, particularly in circumstances in which agencies exercised discretion to waive or not enforce certain requirements, might
“fail as a matter of law for lack of materiality and knowledge.”
- DOJ will now include a series of questions during relator interviews to identify third-party litigation funders.
During each relator interview, DOJ has instructed line attorneys to ask a series of questions to identify whether the relator or their counsel has a third-party litigation funding agreement, which is an agreement in which a third party—such as a commercial lender or a hedge fund—finances the cost of litigation in return for a portion of recoveries. Under the new policy detailed in Davis’s speech, if a third-party funder is disclosed, DOJ will ask for the following:
- the identity of the third-party litigation funder,
- information regarding whether information of the allegations has been shared with the third party,
- whether the relator or their counsel has a written agreement with the third party, and
- whether the agreement between the relator or their counsel and the third party includes terms that entitles the third-party funder to exercise direct or indirect control over the relator’s litigation or settlement decisions.
Relators must inform DOJ of changes as the case proceeds through the course of litigation. While Davis characterizes these changes as a “purely information-gathering exercise for the purpose of studying the issues,” the questions are in furtherance of DOJ’s ongoing efforts to uncover the potential negative impacts third-party litigation financing may have in qui tam actions.  The questions Davis referenced in his remarks reflect DOJ’s concerns with third-party litigation funding as expressed by Deputy Associate Attorney General Stephen Cox in a January 2020 speech. Davis emphasized that DOJ particularly sought to evaluate the extent to which third-party litigation funders were behind qui tam cases DOJ investigates, litigates, and monitors; the extent of information sharing with third-party funders; and the amount of control third-party funders exercised over the litigation and settlement decisions. While the Litigation Funding Transparency Act of 2019 has remained inactive since its introduction in February 2019 by Senator Grassley and the 2018 proposal by the U.S. Court’s Advisory Committee on Civil Rights’ Multidistrict Litigation Subcommittee to require disclosure of third-party litigation funding remains under consideration, DOJ’s plans to include this line of questioning potentially signals DOJ’s intention to take more concrete and significant steps to address third-party litigation funding in the future.
The market for direct-to-consumer (“DTC”) genetic testing has increased dramatically over recent years as more people are using at-home DNA tests. The global market for this industry is projected to hit $2.5 billion by 2024. Many consumers subscribe to DTC genetic testing because they can provide insights into genetic backgrounds and ancestry. However, as more consumers’ genetic data becomes available and is shared, legal experts are growing concerned that safeguards implemented by U.S. companies are not enough to protect consumers from privacy risks.
Some states vary ...
On April 2, 2019, FDA issued a press release featuring a statement from FDA Commissioner Scott Gottlieb announcing the Agency’s latest enforcement actions taken against companies engaging in unlawful marketing of cannabidiol (CBD) products. Coming just days before Gottlieb’s anticipated departure from the Agency, this news otherwise is unsurprising given recent events on the federal and state level. In a December 2018 press release issued on the heels of the Farm Bill’s passage, FDA forecast its intention to step up enforcement against CBD products, and earlier this year ...
Data is king! A robust privacy, security and data governance approach to data management can position an organization to avoid pitfalls and maximize value from its data strategy. In fact, some of the largest market cap firms have successfully harnessed the power of data for quite some time. To illustrate this point, the Economist boldly published an article entitled “The world’s most valuable resource is no longer oil, but data.” This makes complete sense when research shows that 90% of all data today was created in the last two years, which translates to approximately 2.5 ...
On October 26, 2018, the Federal Trade Commission (FTC) announced that it will hold four days of hearings between December of 2018 and February of 2019 to examine the FTC’s authority to deter unfair and deceptive conduct in data security and privacy matters. The two days of December hearings will focus on data security, while the two days of February hearings will focus on consumer privacy. This announcement comes as part of the agencies Hearings on Competition and Consumer Protection in the 21st Century, an initiative that has already scheduled hearings on closely related ...
On October 2, 2018, FDA Commissioner Scott Gottlieb released a statement announcing new agency actions to further deter “gaming” of the generic drug approval process through the use of citizen petitions. Among these actions, the most significant was the issuance of a revised draft guidance on citizen petitions subject to Section 505(q) of the Federal Food, Drug, and Cosmetic Act (“FDCA”), published on the same day. The stated goal of this revision was to create a more efficient approach to 505(q) petitions and to allow the Agency to focus reviewer resources on scientific ...
The state-action antitrust exemption grew out of the 1943 decision of Parker v. Brown, 317 U.S. 341 (1943), in which the Supreme Court explained that “nothing in the language of the Sherman Act or in its history suggests that its purpose was to restrain a state or its officers or agents from activities directed by its legislatures.” And, relying on principles of federalism, the Supreme Court gave deference to the state as a sovereign body.
Subsequent decisions expanded the reach of state-action to state and local governmental agencies (including counties and municipalities ...
In an Advisory Opinion dated October 20, 2017, to Crouse Health Hospital ("Crouse Hospital"), the Federal Trade Commission ("FTC") agreed that the Non-Profit Institutions Act ("NPIA") would protect the sale of discounted drugs from Crouse Hospital to the employees, retirees, and their dependents of an affiliated medical practice (Crouse Medical Practice, PLLC) ("Medical Practice") from antitrust liability under the Robinson-Patman Act. Significantly, the FTC provided this advice despite the fact that the Medical Practice is a for-profit entity, and is not owned by Crouse ...
Telehealth continues to be a hot topic of state and federal legislatures. Texas, for example, recently joined the rest of the states in no longer requiring initial in-person visits before being able to provide telehealth services.
The Texas legislature enacted the major telehealth bill SB 1107 on May 19, 2017, and the governor signed the bill into law shortly thereafter on May 27, 2017. As reported in our prior post, Texas had considered that, if passed, this telehealth bill would allow patient-physician relationships to be established via telemedicine without requiring an initial ...
Much of the recent media scrutiny may suggest that Texas has gotten a bad rap when it comes to telehealth. But have recent reports painted an incorrect or unfair picture of telehealth innovation in Texas? The TexLa Telehealth Resource Center (“TexLa TRC”) certainly thinks so.
Recent media attention focused on Texas telehealth innovation suggests Texas is behind the telehealth curve. In a recent report, the Texas Business Association said, “Texas lags behind other states in establishing a supportive regulatory environment for the expansion of these services,” while the ...
West Virginia recently took a bold step to set the stage to shield an in-state hospital merger from further antitrust scrutiny by the Federal Trade Commission (FTC). Certain healthcare stakeholders are likely watching these developments with some excitement and with some thought toward pursing similar initiatives in their respective states. Although this may have some positive effects for healthcare mergers (depending upon one's point of view) it is not altogether clear that state review processes that might shield a merger from federal antitrust enforcement will necessarily ...
On October 26, 2015, the Federal Trade Commission ("FTC") and the Antitrust Division of the U.S. Department of Justice ("DOJ") (collectively the "Agencies") issued a joint statement to the Virginia Certificate of Public Need ("COPN") Work Group encouraging the Work Group and the Virginia General Assembly to repeal or restrict the state's certificate of need process. The Virginia COPN Work Group was tasked by the Virginia General Assembly to review the current COPN process and recommend any changes that should be made to it.
Thirty-six states currently maintain some form of ...
At the International Association of Privacy Professionals ("IAPP") Global Privacy Summit in Washington, D.C. on March 5th and March 6th, the Federal Trade Commission ("FTC") was clear in its message that privacy was a top priority for the agency. The FTC had a strong presence at the conference. Three of the five Commissioners and the Director of the Bureau of Consumer Protection (Jessica Rich) all spoke at the conference and relayed a message of the importance of consumer privacy and security. In that regard, the FTC speakers stressed the importance of:
- informing consumers of the ...
As a lawyer practicing in the telemedicine space, I am rarely surprised these days. But every once in a while I will read or hear something that stops me in my tracks. That is exactly what happened when I read a blog post by an FTC Commissioner which, among other things, calls for government policies that help facilitate greater adoption of telemedicine. The post was part of a broader piece about the FTC's role in promoting competition and innovation in health care.
By way of quick background, the Federal Trade Commission is the federal agency charged with protecting ...
- DOJ’s FY 2023 Statistics: Highest Number of Settlements, Judgments, and Civil Investigative Demands in History and a Continued Health Care Focus
- FDA Releases Updated Directory on Select Dietary Supplement Ingredients
- In Alabama, Pre-Embryos are “Extrauterine Children” Under the State’s Wrongful Death Statute
- NJ Approves Cannabis Regulatory Amendment with Major Impacts on Class 5 Retail License Holders
- Unpacking Averages: Device Manufacturers Should Use the Newly Released Demographic Data in MDRs to Ensure Their Devices Are Not Disproportionately Hurting Minorities