AD-ttorneys@law – June 1, 2020

Alerts / June 1, 2020

In This Issue:

Democrats and Republicans Unite for Children’s Data Review

Safety concerns heightened by virus-inspired Internet boom

Amityville Honor?

One of the more obvious ways that the coronavirus has come to dominate our lives is a blowout in Internet usage. By March, Forbes reported, overall Internet usage had spiked somewhere between 50 and 70 percent, while streaming services hiked up 12 percent. The New York Times also has an interesting article covering the various vectors that are contributing to the rise.

A huge chunk of the citizenry is sitting at home in their pajamas, working, playing, and learning – except for us…we don our best work duds and are Zoom/Skype/Hangouts/BlueJeans conference ready at all times. And with that increasing dependence on internet technology, increased online predatory behavior becomes an even more pressing concern.

Enter a bipartisan coalition of United States senators, including Edward Markey (D-Mass.), Josh Hawley (R-Mo.), Richard Blumenthal (D-Conn.), Bill Cassidy (R-La.), Dick Durbin (D-Ill.) and Marsha Blackburn (R-Tenn.)

This group of lawmakers, usually engaged in endless party-line pie fights, penned a letter to the Federal Trade Commission, demanding that “the Commission should conduct a review of data collection and processing practices of educational technology companies and firms involved in digital marketing.” Here we go again!

Saddling Up

A stirring call to action? We’ve heard those before. But here’s what’s different about this letter, the thing that will have us watching to see how the Commission responds: The threat to compel the release of data.

“In order to ensure that the COPPA Rule review benefits young users,” the senators write, “the FTC should use its statutory power to uncover critical information about evolving and widespread threats to children’s privacy that warrant further protections.” After noting that service providers are often hiding the data that would make such a review possible, the senators state that “Section 6(b) of the FTC Act provides the Commission with the ability to compel entities to submit ‘annual or special…reports or answers in writing to specific questions’ to uncover findings about the entities’ ‘organization, business, conduct, practices, management, and relation to other corporations, partnerships, and individuals.’”

The Takeaway

The leadership of the Children’s Advertising Review Unit echoed those concerns and applauded the effort, even as it expressed hope that the new effort wouldn’t derail or slow down the FTC’s ongoing review of the Children’s Online Privacy Protection Act.

Heads up to any company that offers products, apps or other services to kids, or helps market those offerings – the bipartisan group is asking the FTC to dive deep on a number of kiddie-related (or not-so-kiddie) marketing practices, including data collection, consent, data retention, biometric information and the impact of incentives on school systems.

CBD Manufacturer Sued for Fabricating Test Results

Defendant accused of getting consumers high without their permission

Half-Baked Plans

There’s an urban legend that’s been floating around like so much indica haze for three decades or so, maybe more.

It goes like this: A pair of brothers are returning home from college for Thanksgiving break. Before the holiday begins, they coordinate the baking of a “special” batch of chocolate cookies made with marijuana flour. They plan to bring a regular batch along as well; as the holiday evening drags on, they’ll consume the special cookies while the rest of the family munches on the “normal” treats. Holiday tedium averted, right?

Not so fast. Grandma (in some versions it’s a cousin, or aunt, or what have you) mistakenly switches the two batches, or mixes them together, and before you know it, the dessert portion of the Thanksgiving meal is heading into comedic territory. Dad is giggling uncontrollably, and Grandpa is loudly complaining about his inordinate thirst. The after-dinner board game descends into paranoid recriminations.

Well, we’ve got a case for you that probably led to similar situations – except in our case, the college kids get sued.

In Case Your Memory Is Affected

Before we get into the details, a quick refresher. Cannabidiol (CBD) and tetrahydrocannabinol (THC) are derived from cannabis plants. THC is the psychoactive element in marijuana; in other words, it’s what gets you high. CBD is not psychoactive. This is why CBD has made its way (fitfully and always with the looming threat of regulation) into somewhat mainstream consumer product lines.

Products containing more than a small percentage of THC, however, are Schedule 1 drugs under the Controlled Substances Act.

Probably best to not sell those, at least outside of certain states and their local licensing schemes – though even then the Feds could Trump the locals. With that out of the way, on to the case.

Last summer, Lifted Made, a manufacturer of CBD products that appear in retail locations in Wisconsin, sent 40 samples of various CBD products – bath bombs, e-liquids and oral tinctures, to name a few – to Accelerated Cannabis Laboratories for appraisal of their THC/CBD content. Accelerated is a testing company that evaluates drinking water, food, flavoring and cosmetics, and does pharmaceutical testing as well as evaluating the THC/CBD content in products.

The Takeaway

Things got sticky when Accelerated allegedly noticed that a third party had posted certificates of analysis for Lifted products that were different from the original certificates. After reviewing the documents, Accelerated concluded that Lifted and the third party had altered two dozen of the tester’s certificates, increasing or decreasing the purported THC/CBD content in the products, often from illegal to legal amounts. Later analysis reportedly revealed that, in addition to the first set of altered certificates, Lifted and the third party had fabricated several certificates altogether.

Accelerated sued, claiming that Lifted and the third party altered the reports to reflect their own packaging information, which tests had not substantiated.

The complaint was filed in the Western District of Wisconsin in early May. Accelerated is suing for an injunction to eliminate the false reports. The company alleges false advertising under the Lanham Act and Wisconsin state law, and civil liability for the unauthorized use of an entity’s identifying information or documents under Wisconsin state law. It is an interesting case from a Lanham perspective. What will also be interesting is if regulators and consumer class action lawyers jump into the fray.

Shopify Slips Out of TCPA Suit

Plaintiff failed to connect the company to text abuses


Internet commerce company Shopify is huge. The company provides online payment, marketing and shipping services for more than a million businesses in 175 countries. Since the company’s services are modular, it pops up all over the place – website checkout pages, for instance.

That’s where David Sheski, a California citizen, alleges he saw the Spotify name – a checkout page on the “independent, detailed, cultured and classy” fashion website Masorini. The form asked for all the usual checkout identifiers, according to Sheski, including a phone number line item with a text title saying the number would be used for “for shipping updates.”

Perception Is Litigation

Sheski lost whatever cosmopolitan cool he had purchased from Masorini, however, when he received two text messages reading “Masorini: Hey David. Cyber Monday! 30% OFF – Code: ‘CM30’ Shop here! – STOP 17908 to opt-out.”

On someone’s advice – how many consumers initiate class actions on their own? – Sheski used the texts as a launching pad for a Telephone Consumer Protection Act (TCPA) class action, which he filed in the Northern District of California last October. To state a claim under the TCPA, a plaintiff must allege that (1) the defendant called (i.e., texted) a cellular telephone number; (2) using an automatic telephone dialing system [“ATDS”]; (3) without the recipient’s prior express consent – written, if the message includes marketing.

Sheski argued that Shopify offered “an optional line-item a retailer can implement to obtain a consumer’s express written consent to text marketing, but Shopify does not require retailers to use this line item and many or most of them do not.”

In Sheski’s opinion, Shopify’s provisioning of the checkout technology (which gathered the information that enabled the text) put the company in violation of the TCPA, as well as “tort claims for negligence, invasion of privacy and unlawful intrusion.”

The Takeaway

Sheski’s case was tossed by the Northern District, which granted Shopify’s motion to dismiss in early May. The court held that Sheski didn’t have standing to sue, as Shopify wasn’t directly involved in sending the messages, regardless of whether it provided the capability. “Even making all inferences in Plaintiff’s favor,” the court wrote, “the allegations provide no factual basis to establish that Shopify was directly involved in the procurement of consumers’ phone numbers, stores those numbers, transfers the numbers to texting apps, or approves the messages to be sent to those numbers.”

Because Sheski failed to establish an agency relationship between Shopify and Masorini, vicarious liability was also taken off the table.

There’s surely an obvious lesson here for the plaintiffs’ bar – pick the right guy to sue. Indeed, the court left the tossed complaint free to amend, but the deeper-pocketed platform was able to avoid responsibility for how its clients used, or allegedly misused, the platform.

But before you find yourself on the defense, be sure to establish contractually well-defined terms between you, your vendors and your clients. Examine carefully how the data you’re pairing up together might be used, and be sure to build protections into the partnership, and which party is responsible for what. One person’s paranoia is another person’s careful planning.

Does Noom Have a Bad Auto-Renew Habit?

Class action alleges that the company barrels on after intro period

Analog Mix

Noom is one of the countless behavior-modification, tracking and weight-loss applications that have flooded the mobile market over the past decade. Noom’s specialty, according to the company, is to marry AI, physiology and psychology, a combination that allows the application to address lifestyle choices – habits, really – that are the real enemy of health and fitness. By changing those habits, rather than emphasizing calorie counts and other strict goals, Noom claims to create lasting change.

Another unique aspect of the service is the presence of coaches who can be reached via messaging app. The coaches interact with the user, providing advice and answering questions. Along with support groups offered by the company, there’s a “real live human” aspect to Noom’s pitch.

And for Geraldine Mahood, that was part of the problem.

What Sticks?

Mahood claims to have paid a $10 fee to Noom for a two-week trial of the program. Based on Noom’s website, she believed that “she would be assigned a qualified ‘coach,’ that her trial was ‘risk-free,’ that she could ‘cancel anytime,’ and that there was . . . ‘no commitment’ since customers are able to easily cancel the program by ‘simply let[ing] their coach know.’”

All of this was incorrect, Mahood claims, and this serves as the foundation of her recent class action against Noom, filed in the Southern District of New York. She claims that Noom represented that its coaches were live human beings when really they were bots that served up advice and encouragement through an algorithm. Having never been assigned a coach at all, she argues, meant that she didn’t think the automatic charge would take place. Who would she be able to talk to about opting out, right?

The action charges Noom with deceptive practices under New York business law, common law fraud, unjust enrichment, violation of the California Automatic Renewal Law and violations of the California Unfair Competition Law and California Consumers Legal Remedies Act.

The Takeaway

While there’s a veritable grab bag of other accusations in the complaint – including claims about the confusing layout of Noom’s checkout page and the allegation that Noom requires an app-enabled smartphone but doesn’t disclose that requirement prior to signing up via desktop PC – the real interest derives from Mahood’s claim about the allegedly artificial advice she received and how that interacts with Noom’s cancellation policy.

Will Noom’s alleged assurance that customers could quit the program by “simply let[ing] their coach know” land them in hot water? If the coach was, as Mahood alleges, merely text served up by Noom’s system rather than a human being with expertise and accountability, is that a deception? But then there are the complex details of the auto renewal laws in California and many other states, not to mention the Feds. Also, what about the relatively new California law that requires disclosure that you are dealing with a bot if it is trying to sell you something, or influence your vote? Food, in reasonable portions, for thought!

We – or our blogging algorithm – will keep you posted.

NAD to Arm & Hammer: Don’t Come Clean

Watchdog group says powered toothbrush claims need to be scrubbed away

Trivial Things?

Advertising depends on often seemingly miniscule distinctions.

Consider the scribes at the Food and Drug Administration, laboring over the identification and classification of countless medical devices. At some point in their cogitation (yes, it is GRE prep time for one of our kids), they decided to define electric (“powered”) toothbrushes as devices designed “to remove adherent plaque and food debris from the teeth to reduce tooth decay.”

Does the relevant code mention the word “clean” or “cleaning”? No. Not once.

The Takeaway

Did the FDA scribes know that in the spring of 2020, their decision to omit the word would figure into the mighty contest between Church & Dwight (maker of the Arm & Hammer Spinbrush electric toothbrush) and Procter & Gamble (maker of the Oral-B Pro 1000 electric toothbrush)?

Procter & Gamble brought rival Church & Dwight before the National Advertising Division, challenging its claim that the Spinbrush offers the “same great clean as the Oral-B Pro 1000.”

NAD ruled that “clean” would lead consumers to believe that the claim involved the brushes’ “ability to remove plaque, promote healthier gums and improve overall oral hygiene, not simply to remove stains or whiten teeth.” Since Church & Dwight offered only a stain removal study to justify the claim, NAD determined that it should be discontinued.

Did an FDA staffer, somewhere in the monastic bowels of 10903 New Hampshire Ave., chuckle with delight at Church & Dwight’s misfortune? Probably not – he or she was probably diligently on to determining future marketing tsuris for the next ophthalmic, anesthesia, respiratory, ENT or dental device.

But fair warning – it’s the spirit of the regulation, and not the letter, that matters to the Solomonic interpreters at the National Advertising Division.

GRE prep has truly taken over this entry. Apologies. Still a fun case, though, and the lesson, of course, is that substantiation is needed for ALL claims, express and implied.

Check Out Our Latest Blog Post

Three Paths to Final CCPA Regulations by July 1

The California Consumer Privacy Act (CCPA) requires the California Attorney General (AG) to issue regulations to “further the purposes of the title” by July 1, 2020. As that date quickly approaches, various rumors have been circulating about the status of the final regulations and whether they will actually be issued by July 1, or at all. Some have speculated that due to the current state of affairs related to COVID-19, the AG’s office may not even issue final regulations and that the current draft will become the final version enforced by the AG on July 1. Others have contended that due to the administrative law requirements of California, the AG’s apparent inaction, and a backlog at the Office of Administrative Law (OAL), the final regulations will now inevitably be delayed until Oct.1.

Despite the conjecture, there are three possible ways in which the CCPA regulations might be adopted on or before July 1. Read more here.

Baker & Hostetler LLP publications are intended to inform our clients and other friends of the firm about current legal developments of general interest. They should not be construed as legal advice, and readers should not act upon the information contained in these publications without professional counsel. The hiring of a lawyer is an important decision that should not be based solely upon advertisements. Before you decide, ask us to send you written information about our qualifications and experience.