Alerts

AD-ttorneys@law - November 6, 2017

Alerts / November 6, 2017

In This Issue:

Neutrogena, Customers in Class Cert Survey Fight

Multiple attacks on putative sunscreen purchaser class

Beach party

Plaintiffs’ lawyers in a class action against Neutrogena were fighting hard in the Central District of California in October 2017. The plaintiffs were trying to win class certification for a group of consumers who allegedly purchased Neutrogena sunscreen based on labels claiming the products contained “naturally sourced sunscreen ingredients.”

In support of their argument, the plaintiffs submitted a survey that polled consumers about the nature of the sunscreen ingredients. The survey purported to demonstrate that most of the consumers, when presented with the labels claiming natural sources, concluded that the products were made entirely of natural ingredients.

Neutrogena’s counsel wasn’t impressed, protesting that the survey was irrelevant because it didn’t show respondents either actual labels or products. “That survey,” stated the Neutrogena team, “violates every rule in the book.”

Somewhat natural?

The certification battle grew out of an original lawsuit filed in 2013. After several twists and turns, including a failed motion to dismiss, the defendants submitted a renewed motion for class certification in the summer.

The plaintiffs, led by named consumer Julie Fagen, had allegedly purchased a range of Neutrogena sunscreen products. The common thread binding the putative class together was the argument that the “naturally sourced” label claim is false and misleading. Neutrogena argued against the certification, claiming that the specific product ingredients that blocked the sun were naturally sourced and that other ingredients did not need to be natural for the labels to be true. The defendants also took a shot at the consumers’ damages model, arguing that it did not support classwide damages.

The takeaway

Surveys and damage models aside, the future of this putative class may come down to a more mundane subject: semantics. A third objection raised against the class rested on the defense’s claim that the plaintiffs, in their own testimony, claimed they wanted naturally sourced products because they thought they were safer than other products. Neutrogena’s counsel was quick to note that “natural and safe don’t mean the same thing”; given that difference, the issuance of reliance is inherently individualized, the defense contends.

The court is currently reviewing the arguments. This case illustrates the importance of class certification battles in defending false advertising consumer claims.

CARU Isn’t Toying Around With Consent!

Organization claims WhatNot solicits information from kids sans screening

OMG!!! TOYS!!!

Ryan is a really cute 7-year-old who happens to sit at the apex of an online empire.

Ryan is the star of Ryan ToysReview, a YouTube channel with 9.4 million subscribers and more than 16 billion – that’s billion – total views.

His videos feature toy reviews with an interesting spin – the reviews center on Ryan actually playing with the toys. His parents are also present, but he’s the center of the action. Predictably, the videos themselves are high-energy, colorful, quick-cut YouTube set pieces sometimes featuring cheesy special effects and even an occasional NBA player as a guest star.

The Ryan ToysReview family has expanded to include four additional review channels with more than 1.5 million additional subscribers.

With a profile like this, it’s no wonder toy companies advertise through the channel.

TMI

WhatNot Toys, a company that seeks out toys around the globe to bring back to the North American market, clearly saw the exposure that Ryan ToysReview offered and created an advertisement on the channel.

That’s where the Children’s Advertising Review Unit (CARU) comes in.

CARU, an investigative unit of the advertising industry’s system of self-regulation, ran across WhatNot’s ad in its ongoing search for sites that are not in compliance with its self-regulatory program for children’s advertising and the federal Children’s Online Privacy Protection Act (COPPA).

CARU raised a red flag about WhatNot. According to CARU, its investigators were directed by WhatNot’s Ryan ToysReview video to visit the WhatNot website to receive a free toy package. Once at the website, the user was asked to fill out a form that asked for first and last names and email and street addresses. The form stated, “Sign up today, but if you are under 13, please be sure to ask your parents for permission!”

The takeaway

CARU objected to the lack of age screening on the form. WhatNot pushed back, saying that the tagline telling kids to get parental approval was enough to remain in compliance with the relevant laws.

In its decision, CARU maintained its objection, noting that asking children to obtain consent from parents was not a recognized method under COPPA for “providing notices to parents to obtain parental consent.”

If the site is directed to a mixed audience that is not predominantly children under 13, age screening is an option under COPPA. However, it must be done in a way that does not coach children on how to get around the gate; for instance, by soliciting month, date and year of birth and blocking those users who do not qualify. Even then, the operator should simply tell the users they do not qualify to proceed rather than that they must be 13, and it should use technology to prevent reattempts, such as disabling the back button and dropping a session cookie to block the user for a reasonable period, e.g., 48 hours. However, sites that are predominantly directed to children may not age gate, and they must assume all users are under 13 and follow the notice and parental consent requirements of COPPA for children’s online services.

WhatNot answered the objection by deleting the form from its website and agreeing to follow CARU’s guidance in the future.

Orgs to FTC: Get Smart About Smartwatches

Advocacy groups urge COPPA, FTC Act review of kids’ safety accessory

Security

The smartwatch, a wearable piece of technology that functions as a phone, a GPS tracker and an emergency alert system, promises to make a big impact on how parents interact with their kids. By tapping into Internet connectivity, smartwatches allow parents to easily and quickly contact their child, allow children to send an SOS message to their parents, and allow parents to track and find their kids.

But according to advocacy groups, the smartwatches actually pose a grave threat to their users.

Alarmed

Seven advocacy groups – including the Electronic Privacy Information Center, the Center for Digital Democracy and the Consumer Federation of America – are raising an alarm about the devices. The groups claim that some popular smartwatch models are hackable, while others sport features, such as an “SOS button,” that are essentially unreliable. They recently sent a letter to the Federal Trade Commission (FTC) summarizing these concerns.

The groups are basing their claims on a Norwegian Consumer Council (NCC) study on four models: Caref/Gator, TickTalk/Xplora, SETracker/Wonlex and Tinitell. After examining the products, the NCC claimed to have found serious flaws. The allegedly hackable models purportedly allowed anyone with access to the hacked phone to know where a child is, precisely when the child is separated from their parents and most vulnerable. Some functions, like the crucial SOS button, were said to be unreliable.

Moreover, the study concluded that the smartwatch sector fell short on crucial data protections for their young users. One of the smartwatch makers is reported to have used data gathered by the phone for their marketing campaigns, and another failed to encrypt the sensitive GPS locations of the young wearers. All but one of the companies are alleged to have not secured consent before saving user data. Hacked by the wrong individual, the groups maintain, smartwatches may devolve into a dangerous weapon.

The takeaway

The groups requested that the Commission launch further investigation into the smartwatch niche, particularly on possible violations of the FTC Act and the Children’s Online Privacy Protection Act (COPPA) – the federal children’s privacy law.

What’s more, they threw down the gauntlet and called out the FTC on its past performance. “We recognize that the FTC has done much to extend privacy protections for children and is also aware of the risks of Internet-connected devices,” the letter states. “But…the FTC has failed to take enforcement action in similar cases concerning the safety of children on matters that other consumer agencies have pursued effectively.”

Mattress Firm Sues Tuft & Needle for Nightmare Ad Campaign

Plaintiffs claim hair feels brittle, dull, lifeless after products prove keratin-free

Goliath, meet David

Mattress Firm, the largest mattress retailer in the United States, with 3,500 stores in 49 states, is a highly recognizable brand. Its distinctive red-and-yellow logo appears on each of its storefronts and is featured in its extensive advertising efforts, which it claims cost $300 million to support in 2017.

With online competition on the rise, Mattress Firm began to pay attention to Tuft & Needle, the second-largest “bed-in-a-box company in the United States, and noticed what it calls a nefarious campaign by Tuft & Needle to undermine its market.

Pillow talk

In a lawsuit filed in October 2017, Mattress Firm called out Tuft & Needle for allegedly making numerous false statements in ads about the retailer’s product pricing, product quality and overall honesty. At first glance, these would seem to be the charges you’d expect in a run-of-the-mill false advertising suit. But what adds interest to Mattress Firm’s claims was the underlying technology it claimed was used by its competitor to direct the ads.

Mattress Firm accused Tuft & Needle of buying up Google “AdWords.” AdWords are phrases that when searched for by a Google user yield results that drive the user to particular links. In this case, Mattress Firm alleges, Tuft & Needle purchased phrases like “mattress firm outlet” and “mattress firm reviews.” So far, Mattress Firm admitted in the complaint, so good – buying the words was not unlawful on its own.

But the links themselves featured messaging that Mattress Firm took exception to, including links tagged “Mattress Stores Are Greedy,” for instance, that then sent the user on to Tuft & Needle’s website.

The bed trick

Furthermore, Mattress Firm alleged, Tuft & Needle used the well-known Mattress Firm logo and color scheme in ads that refigured the retailer as “Mattress Goliath” and presented Tuft & Needle as a scrappy up-and-comer.

Once the consumers arrived on Tuft & Needle’s site, they were hit with messaging that Mattress Firm considers problematic, containing claims that Mattress Firm “engages in dishonest and wrongful pricing practices,” including unfair markups, misrepresented pricing and false advertising about the price structure of Mattress Firm products. According to the retailer, the bed-in-a-box upstart even attacked its materials, calling them outdated, and said that the company’s return policy penalties locked customers into a “death spiral.”

The takeaway

Mattress Firm’s suit hits Tuft & Needle with false advertising and federal trademark dilution charges under the Lanham Act, trademark dilution and unfair competition charges under Texas state law, and defamation and business disparagement. The retailer is demanding damages in the form of Tuft & Needle’s profits and the cost of the action and seeks a permanent injunction against “the false, unfair, dilutive, and disparaging advertising practices of Tuft & Needle.”

The court awaits the bed-in-a-box company’s reply.

This case illustrates that care must be taken when using competitor’s marks and in comparative advertising. A brand can expect its competitors to closely scrutinize this type of advertising and, if it crosses the line of what the law permits, to bring self-regulatory or legal claims.

Baker & Hostetler LLP publications are intended to inform our clients and other friends of the firm about current legal developments of general interest. They should not be construed as legal advice, and readers should not act upon the information contained in these publications without professional counsel. The hiring of a lawyer is an important decision that should not be based solely upon advertisements. Before you decide, ask us to send you written information about our qualifications and experience.

Blog

In The Blogs

Previous Next
Data Privacy Monitor
The Weekly Privacy Rewind
June 19, 2018
Class Actions Finkly & Sons Co. Faces Illinois Biometric Information Privacy Act Class Action • A former employee of steelmaker A. Finkly & Sons Co. filed a putative class action against the company in Cook County, Illinois, for violations...
Read More ->
Data Privacy Monitor
OCR Announces Intention to Move Forward With Development of Methodology to Distribute Enforcement Funds to Victims of HIPAA Violations
By Kathryn Carey, Lynn Sessions
June 15, 2018
The Office for Civil Rights (OCR) updated its agenda, outlining proposed and final rules as well as pre-rule document releases for 2018. A notable, and highly anticipated, advance notice of proposed rulemaking included on the agenda...
Read More ->
Data Privacy Monitor
11th Circuit Issues Opinion Vacating Order That Required LabMD to Overhaul Its Data Security Program
By Kathryn Carey, Aaron R. Lancaster
June 8, 2018
On June 6, the 11th Circuit issued its long-awaited decision on LabMD Inc. v. Federal Trade Commission, vacating as unenforceable the Federal Trade Commission’s (FTC’s) cease and desist order that required LabMD to create and implement a...
Read More ->
Data Privacy Monitor
The Weekly Privacy Rewind
June 5, 2018
Canada Canadian Banks Notify 90,000 Following Breach • Bank of Montreal and Canadian Imperial Bank of Commerce announced that they were contacted by hackers and informed that nearly 90,000 customers’ personal information was accessed. •...
Read More ->
Data Privacy Monitor
New Jersey Attorney General's Office Ramping Up Data Privacy and Cybersecurity Enforcement Efforts
By Sara M. Goldstein
June 4, 2018
The Office of the New Jersey Attorney General (AG’s Office) recently announced that it will be creating a new civil enforcement unit, known as the Data Privacy & Cybersecurity Section (DPC Section), to investigate data breaches impacting...
Read More ->