Common Law - The FindLaw Consumer Protection Law Blog

September 2009 Archives

Toyota will institute its largest ever safety related US recall due to floor mats that can hold down the accelerator and cause deadly high speed crashes. So far only a safety advisory has been issued until Toyota can work out the details of a recall. It will likely affect up to 3.8 million vehicles, including the Toyota Camry, Prius, Avalon, Tacoma truck, Tundra truck, as well as the Lexus ES350, IS150 and IS350.

First, the affected models:

  • 2007-2010 Toyota Camry
  • 2005-2010 Toyota Avalon
  • 2004-2009 Toyota Prius
  • 2005-2010 Toyota Tacoma
  • 2007-2010 Toyota Tundra
  • 2007-2010 Lexus ES 350
  • 2006-2010 Lexus IS 250 and IS350

What can car owners do now? Take any removable driver's side floor mat out of an affected model, and do not replace it. Then wait for details of how Toyota is going to fix the problem.

USA Today reports that the National Highway Transportation & Safety Administration (NHTSA) has received 102 reports of jammed accelerators in Toyota and Lexus models, including 13 crashes, 5 deaths and 17 injuries.

Toyota cannot recall the vehicles or floor mats until it has a fix approved by the NHTSA. According to the NHTSA's release and Toyota's press release, Toyota will be instituting a program to deal with the problem (i.e., a recall), but Toyota, and the NHTSA, in strong language, "warned owners to remove all driver-side floor mats from the models listed ... immediately as an interim safety measure in advance of the recall."

Affected models:

According to the NHTSA, some all-weather floor mats from 2007 and 2008 Lexus ES350's and Toyota Camry's were recalled in September of 2007 due to similar concerns.

The NHTSA cites unsecured floor mats, accelerator pedal configuration and the steps required to trun off the engine in keyless ignition models as perhaps contributing to the danger.

Owners of any of the listed vehicles (and other drivers as well) should read Toyota's advice on what to do if you get caught in a stuck accelerator situation.

Overdraft Fee Reform: 5 Terms to Watch

This week, more banks have eased back on some overdraft fees in the wake of widespread criticism from consumer groups and legislators. As banks scurry to reform their own practices, and Congress thinks about making some rules, here are some terms to watch to know who's walking the walk when it comes to overdraft reform.

As Wells Fargo, Chase and Bank of America did last week; BB&T, Inc. announced today that it too will ease its foot off the overdraft throttle. Like some of the others, in 2010, BB&T will stop charging overdraft fees to customers going less than $5 under zero, and will limit overdraft fees to 4 per day.

As banks change their tune and as Congress grinds its way toward possibly making new overdraft regulations, here are 5 key terms to watch:

  • Will banks still be able to process transactions largest first, instead of chronologically? Processing the largest first pushes more people below zero then hits them with an overdraft fee for each smaller transaction. Many of the banks' internal reforms (with exceptions, such as Chase) have not addressed this.
  • Will consent to overdraft protection be required at account opening, rather than automatically enrolling new accounts? This will likely be the norm for most banks that announce overdraft changes. Also keep an eye for whether and how they allow existing accounts to opt-out of overdraft protection.
  • Will an opportunity to back out of a transaction be offered at the point of sale (convenience store, for example), if that transaction would put the customer's account balance below zero? Even if people sign up for overdraft protection when they open their account, many would like customers to have an opportunity to step out of bank card transactions that would push them into overdraft fees.
  • Will the number of overdraft charges per day and per year be limited, and to what extent. Those paying most of the overdraft fees are paying lots of them, sometimes from a single day in which they didn't know they went under, continued to use the card and got multiple overdraft fees. So far banks look to be cutting their max per day in about half, but will still be hitting people up to 3 and 4 times a day.
  • Will overdraft fees will be proportionate to the amount used? The bank spotting you the $10 you went below zero shouldn't cost you $30. For small amounts, look for reduced fees or no fee at all.

Related Resources:

Consumer Financial Protection Agency, Hold the Plain Vanilla

The potential Consumer Financial Protection Agency (CFPA) is meant to protect us from harmful financial products by imposing some limits on credit cards and financial products. Before it's even come into existence, it got some limits of its own last week, as the promise of plain vanilla terms -- by which consumers could understand and compare products -- was scrapped.

The CFPA faces stiff opposition from the banking and finance community. In what's become a common refrain, they fear too much government intervention would harm competition and innovation in financial products. (Indeed, should the CFPA come to exist, we may see a slowdown in the laboratories that produce breakthroughs such as universal default and unlimited flavors of 30% interest traps on credit cards.)

To make the CFPA more palatable, Congressional Democrats and the Obama administration agreed to drop the call for "plain vanilla" terms on financial products. "Plain vanilla" terms have been part of the call for the CFPA by many who see consumer confusion about the terms in credit cards, exotic mortgages, etc. as a primary cause of consumer bilking.

For a nice explanation of why we need plain vanilla terms, and the CFPA itself, see this interview with Elizabeth, a champion of the CFPA and meaningful consumer financial protection.

R.I.P., plain vanilla. As explained by Treasury Secretary Geitner, "There has been a lot of concern that if you invest the government with the ability to decide what's appropriate here and there, that will lead to less competition and choice."

It's hard to imagine a Consumer Financial Protection Agency having much impact without the ability of government "to decide what's appropriate here and there." The impact any CFPA will have might be predicted by how often and in what situations our leaders are willing to trot out lines like that one.

As explained by Elizabeth Warren, the convoluted nature of everything from credit card agreements to mortgage contracts, with no emphasis put on consumers actually understanding the terms, plays a large role in preventing meaningful competition from taking place. Consumers can't compare financial products and choose because each product is 30 pages deep in fine print "innovation."

No doubt we've had a full menu of all sorts of exploding arm mortgages and credit cards featuring 25 ways for your interest rate to skyrocket. What the banking lobby sees as competition and innovation, to others may look more like a menu chock full of tainted food.

We'll know much more about the future CFPA after the House and Senate submit legislation later this fall. It remains to be seen what powers the agency will have, and whether what's on our menu of financial products will be any healthier.

Rocky Mountain Bank, of Wyoming, is feeling the sting of a whopper of an inadvertent email. Not an errant reply-to-all, but instead an email to the wrong person... which happened to contain social security numbers and account information for 1,325 of its customers. Their "response" begs the question: when must banks or other businesses disclose security breaches involving personal information?

As reported by The Register, problems began with an email to the wrong address -- a gmail account -- which for whatever reason had an attachment containing names, addresses, social security numbers and loan information for 1,325 account holders. (Actually, problems began somewhere further back, when someone had the zinger of an idea to send an attachment like that to a gmail account or anyplace outside a highly protected internal network.)

Next step? One might think: notify the people affected and see what we can do about restricting further disclosure of the information. Rocky Mountain opted against notification and for trying to put the toothpaste back in the tube by pulling the email back from the ether.

Unfortunately for Rocky Mountain, no response came from the mystery gmail account. Google then refused to turn over information to Rocky Mountain about the gmail account without a court order. So seek a court order Rocky Mountain did, with a request that everything filed be kept under seal, away from the public access of normal court filings.

This might make sense if the filings included customers’ private information, but not the case here. Rocky Mountain's argument for keeping it all secret? Its customers might find out. Seriously, they argued that in court filings. From Rocky Mountain’s point of view, why scare customers and have to deal with questions and all that mess if we don't know what happened with their confidential information?

A federal judge in Calfornia wasn't buying it and refused the request to file under seal.

All this begs the question: Is Rocky Mountain obligated by law to inform these people about the breach?

Well, maybe not.

It's largely a question of state law. Though 44 states and the District of Columbia have laws on the books requiring notification of security breaches involving personal information, the specifics vary widely.

For example, Rocky Mountain Bank serves Wyoming. Wyoming law requires that if a business discovers a security breach, it must conduct an investigation to find out if misuse of the lost personal information has occurred or is reasonably likely to occur. If all the customers involved were Wyoming residents, Rocky Mountain may not be obligated to notify them that their private information was disclosed until they find out what happened afterward. What happens if they are unable to conclude what might have occurred with these people’s information? That’s a question that might concern Wyomians.

California's notification law, on the other hand, which served as the model for many other states, goes further. It requires notification to California residents "whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person." This has the obvious benefit of not waiting until the business cyber-sleuths its way to a conclusion about what happened to data after they lost control of it.

What can you do? Look at the security breach notification laws of your state, and your bank's state if it's not local. You can also inquire with your bank as to when its notification policy kicks into action.

Overdraft Fee Reform: Chase and BofA Make Some Changes

Following the calls for reform of banks gorging on overdraft fees, two of the nation's largest banks have announced some changes to make their overdraft policies more consumer friendly. Bank of America and Chase announced changes that address some, but not all concerns. Whether Congress will follow through with new rules for all banks, and what those rules would be, remains to be seen.

We've recently discussed possible Congressional action to address the overdraft fees being charged by banks, which have brought banks increasingly enormous revenues from perhaps their most vulnerable account holders.

As noted by Consumer Reports, Bank of America and Chase have announced changes to their overdraft policies.

So, how did they do?

Beginning on October 19, Bank of America will make it easier for customers to opt-out of overdraft protection, will cap the maximum number of overdraft fees at 4 per day (instead of the current 10), and will not demand fees for going less than $10 under zero for a single day.

Beginning in June of 2010, B of A will make overdraft protection an opt-in service for new accounts, and will institute and annual maximum of overdraft fees charged per customer.

Though a step in the right direction, these changes don't fully address calls for consent to overdraft protection, or the bank practices that multiply a consumer’s number of overdrafts.

Though it would require coordination with the card payment industry, what many want is consent to use overdraft protection (and pay the fee) at the point a customer is making a purchase -- for example, an option coming back through the convenience store’s card reader informing them that the purchase would put them under zero, and giving them an option to avoid the overdraft fee by not making the purchase.

More importantly, B of A's changes do nothing to address the practice by which banks push people below zero and maximize the number of overdrafts -- processing larger transactions first, then hitting them with overdraft fees for each smaller purchase.

Chase did a little bit better. Beginning in 2010, it will have an opt-in system for overdraft protection at account opening (but again nothing about point of sale). It will also limit the number of daily overdraft fees to 3 (rather than the current 6), and will not charge overdraft fees for going $5 or less under zero. These changes resemble those being made by B of A.

Importantly, however, Chase will begin processing all debit card and ATM transactions chronologically, rather than largest first. This is a change that will reduce the number of overdraft charges.

Whether other banks will follow or go further remains to be seen. So does Congress' reaction to the problem.

FDA Flavored Cigarette Ban: What's Covered and What's Next?

Until today, the first one might not have been free, but it might have tasted like a popsicle. But now, the FDA says no more. As discussed in FindLaw's Law & Daily Life, an FDA ban on flavored cigarettes is in full effect.

As tobacco products come in seemingly endless forms and flavors, here is some key info about what products are covered.

  1. Are menthol cigarettes banned? No. The ban specifically allows menthol in cigarettes. It forbids cigarettes containing an artificial or natural flavor (other than tobacco or menthol) or an herb or spice, including strawberry, grape, orange, clove, cinnamon, pineapple, vanilla, coconut, licorice, cocoa, chocolate, cherry, or coffee, that is a characterizing flavor of the tobacco product or tobacco smoke.
  2. Is flavored loose tobacco banned? Yes, provided it is intended to be used in roll-you-own cigarettes.
  3. Is flavored pipe tobacco banned? If not intended to be rolled into cigarettes, flavored "bona fide pipe tobacco" is not banned.
  4. Are flavored rolling papers or filters banned? Yes. The ban includes component parts of cigarettes. This means flavored rolling papers and flavored filters are forbidden.
  5. Are flavored cigars banned? No. The ban applies only to cigarettes.
  6. Are flavored smokeless tobacco products banned? No. The FDA is still decifing how it will deal with smokeless tonbacco products.

Going forward, here are some already passed rules which will be going into effect over the next few years:

  • By January 2010, tobacco manufacturers and importers will submit information to the FDA about ingredients and additives in tobacco products. 
  • By July 2010, tobacco manufacturers may no longer use the terms "light," "low," and "mild" on tobacco products without an FDA order in effect. 
  • By July 2010, warning labels for smokeless tobacco products will be revised and strengthened. 
  • By October 2012, warning labels for cigarettes will be revised and strengthened.

Related resources:

Banks have ramped up overdraft fees to an unprecedented level over the past 10 years. Now Congress may step in to require consent to overdraft "protection," and hopefully ban some of the shady tactics banks have used to push people into the red.

According to the Washington Post, between 1999 and 2009, bank revenue from overdraft fees went from around $18 billion to about $38.5 billion. And larger banks who have received taxpayer bailouts... they rely most heavily on revenue from overdraft fees.

As discussed previously, overdraft fees in the age of the check card are a much different and more profitable beast than their paper check overdraft forefather.

That's because people often use check cards multiple times a day. And because they are automatically signed up for overdraft "protection" when they open an account.

Dipping below a zero balance of course means an overdraft fee. But today it also means another for each transaction while still below zero, all without necessarily knowing you've gone sub-zero, and without an opportunity to refuse a transaction that would result in another overdraft.

Oh, and your bank might process your larger transactions ahead of smaller ones, to put you under and then have you dinged again for each of the smaller transactions (which is a problem apparently not yet addressed in the currently discussed legislation).

Some Congressional Democrats, including Senator Chris Dodd would like to require consent from account holders to dip into overdraft protection. Dodd put it simply: "People out there are getting whacked. ... They should have the right to say, 'Deny me the transaction.' " He plans to introduce legislation to require customer consent to a transaction that would result in overdraft. A similar bill has been introduced in the House of Representatives.

As noted by the Post, some think that current bank overdraft protections have made check cards a sort of unregulated credit card. Because banks classify money they spot you when you go under as a "service," rather than a "loan," they are currently allowed to charge a $35 fee for a $1 overdraft. That might be viewed as 3,500% interest on what some would call a short term loan. Another potential reform being considered is to make any overdraft fee proportionate to the amount the bank actually covers in overdraft.

Any reforms face stiff opposition from banks. They characterize overdraft protection as a service they are kind enough to offer customers. The American Bankers Association, Nessa Feddis, points out that "[c]learly, consumers who pay overdraft fees are the minority, and that number is shrinking."

She's right. As of 2006 data, almost 70% of the billions banks are getting in overdraft fees came from only 4.9% of consumer account holders. Those are the folks getting hit many times, often in rapid succession and often without ever knowing that they went under. They're also folks to whom hundreds of dollars in overdraft fees is no small thing, much less a "service" which protects them.

Living Trusts Scams: Seniors Should Beware

Many people and millions of dollars are being taken in by living trust scams. Overselling (or lying about) the benefits of living trusts causes thousands to spend money on living trusts they do not need.

According to CNN, states attorneys general have become increasingly concerned about the sale of living trusts to seniors who often do not need them and can in fact be harmed by purchasing them.

First off, what is a living trust? A living trust is not the same thing as a living will. Living wills allow people to communicate their preferences about medical treatment should they become incapacitated.

A living trust, on the other hand, is a tool by which someone can transfer assets to a trust during their lifetime. In certain specific situations, living trusts can be useful for avoiding the probate process and/or minimizing estate taxes upon one's death. However, for most people, living trusts are not needed. CNN cites the AARP as claiming that only 5% of the population should consider a living trust.

See FindLaw's Law & Daily Life for a breakdown of when a living trust might be useful.

As far as the scams being run primarily on senior citizens through seminars, luncheons, in-home, telephone and other hard sales tactics, be aware of these false (or at least misleading) claims about living trusts.

  1. Living trusts are the only (or the best) way to avoid probate. Though living trusts can be an effective way for some to avoid the probate process, they are not the only way. Most importantly, many people who would never have to go through probate anyway are buying them. For example, jointly owned property would most often pass to a surviving spouse without going through probate. Find out if you would be subject to probate. Then decide whether avoid probate would be worth it, and which of the multiple ways to do so would be preferable.
  2. You need a living will to help you avoid estate taxes. Even if your estate would be subject to estate tax, there are a variety of tools to minimize this. Living trusts should be viewed as one possible alternative.
  3. Living trusts will help avoid contested wills.Wills and trusts are separate legal documents. Having a living trust will not prevent a fight over your will.
  4. Living trusts help you avoid creditors. This is false. Creditors can go after the assets in your living trust.
  5. Living trusts will help you qualify for public assistance benefits. This is also false.
  6. This living trust is approved by the AARP. False. The AARP does not sell or endorse any living trust products.
  7. This living trust was created by an attorney. Many of the living trust packages offered are cookie cutter templates which may not adhere to the specific requirements of your state. Even if an attorney was ever involved in its creation, no attorney will be making sure it works for your needs.

To plan out what will happen with your assets, consult an estate planning attorney, who can help you choose from all options whether a living trust would be applicable and whether it would be the best way to achieve your goals.

Latisse wants you to "Look who's growing longer, fuller, darker lashes." Unfortunately for Latisse and it maker Allergan, Inc., the FDA wants you to look at who may be growing unwanted non-eyelash hair, getting brown pigmentation (possibly permanent) in their irises, getting brown pigmentation on their eyelids, and possibly having allergic reactions.

Here is the warning letter sent by the FDA to Latisse maker Allergan, who brought us Botox, amongst other hit cosmetic drugs.

The FDA is concerned about the "FAQs" and "About Safety" pages on the Latisse website. It appears, that in addition to watching Brooke Shields' remarkable eyelash journey made possible by Latisse, consumers might encounter some less than forthcoming claims about risks associated with the cosmetic drug.

This is not about failure to include something in the fine print of an ad or laundry list at the end of a TV commercial, but instead about the website where consumers go to find out basic information about what risks Latisse might pose.

The FDA's problems with the Latisse site include:

  • Warning users not to apply latisse to the lower lashes, but not telling them why -- because applying Latisse to the lower lashes could cause unwanted hair growth below;
  • Stating that "similar" medications have caused some brown pigmentation to seep into the iris of people's eyes, when actually the same active ingredient in Latisse has caused this; and
  • Misleadingly stating that eye redness and itching associated with Latisse are not allergic reactions.

The FDA has demanded that Allergan respond by September 24 and get rid of the misleading claims.

Credit Card Data and Encryption: Big Holes in Protection

These days many people fear the theft of credit card data during online purchases or through malicious software on their personal computers. However, the biggest risk to your credit card number probably isn't someone stealing it from you, but rather someone stealing it from one of the merchants you pay everyday or from the payment processor a merchant uses.

In the wake of the largest credit card data heist yet recorded, many are wondering how a twenty-something in Miami (plus his partners) can rob one of the nation's largest card payment processors blind for more than a year. They may also wonder how he could cruise down the highway and remotely detect which big box retailers have credit card transaction data open for the plucking.

The answer would surprise most: credit card data often goes unencrypted at some point along the chain. As it goes from cardholder to merchant to payment processor to credit card company and back, someone getting hold of it at any point while its not encrypted has gold in their hands.

Currently, credit card companies require payment processors and merchants to comply with the Payment Card Industry Data Security Standard (PCI DSS). While the PCI DSS requires encryption for payment card data while it is in transit from one network to another (say the merchant to the payment processor), encryption is not required when payment data is within an internal network.

This has Robert Carr, CEO of Heartland Payment Systems, calling for the credit card industry to adopt an "end-to-end" standard for the encryption of payment card information.

One might view this as too little too late from the less than nimble victim of the theft of 120 million card numbers (and the defendant of a slew of lawsuits over its data practices), but it's a good point none the less: why is this data not encrypted all the time?

Carr's call may also be seen as a plea for continued self-regulation -- let the credit card industry (not federal regulators) revamp its internal rules (which up to now have not proved terribly reassuring). As Computer Weekly put it in January, after the year and half long plundering of Heartland came to light, Heartland's case proved that PCI compliance is not enough. Will revamped self regulation through revised PCI compliance be enough?

A Congressional committee might rake Mr. Carr over the coals for a day, but will Congress step in and create rules of the road for payment data?

The California Attorney General's Office has launched an investigation into the role played by ratings agencies in the financial meltdown.

In very brief sketch, when a corporation, state, municipality, or other entity issues debt, that debt often comes with a rating from a ratings agency such as Moody's, Standard & Poor's or Fitch. The rating is meant to indicate the likelihood that the debt will be repaid. The same thing happens when investment banks bundle up and issue securities, including the now loathed subprime motgaged backed securities blamed for touching off the worst financial crisis in a generation.

Like many, the question California's Attorney General wants answered is how so many of those securities backed by bundles of risky mortgages were sold with AAA ratings, and whether cozy relationships between ratings agencies and investment banks were to blame.

California is by no means the first to the party. Other states, including New York and Connecticut are investigating. Investors, including the California Public Employees Retirement System, have also sued the ratings agencies.

Here's what Attorney General Jerry Brown wants to know regarding the ratings agencies:

  • Did they fail to conduct adequate due diligence in the rating process?
  • Did they give high ratings to particular securities when they knew or had reason to know that high ratings were not warranted?
  • Did they fail to comply with their own codes of conduct in rating certain securities?
  • Did they profit from giving inaccurate ratings to particular securities?
  • Did they make fraudulent representations concerning the quality or independence of their ratings?
  • Did they compromise their standards and safeguards for profits?
  • Did their statistical models capture the risk inherent in subprime and other risky assets and, if not, what was the rating agencies' response? and
  • Did they conspire with the companies whose products they rated to the detriment of investors?

California has subpoenaed Standard & Poor's, Moody's and Fitch in search of answers.

Whether and how they would be held to account if the answer to those questions is yes remains a somewhat open question.

Booster Seat Laws: Should Size Be the Measure?

The laws regarding which children are required to sit in booster seats while riding in an automobile vary greatly from state to state. Kids of the same age also vary enormously in size. This has Consumer Reports asking whether a single federal law booster seat law based on the height of the child would work better.

As discussed by Consumer Reports, all states require safety seats for children under one year old. Every state except Arizona, Florida and South Dakota has enacted booster seat requirements for some children.

A quick look at the child safety seat laws of all states shows the extreme differences in booster seat laws. Some base it solely on age, others on age and weight, and yet others on age and height.

As advised by Consumer Reports' Safety blog, parents wondering if going without a booster seat is okay should ask the following questions:

  1. Can the child's knees comfortably bend at the edge of the car's seat?
  2. Does the seat belt cross the shoulder area between the child's arm and neck?
  3. Does the lap belt, when low as possible, touch the child's thighs?
  4. Can the child sit like this for the entire trip?

No to any of those means yes to the booster seat.

Unfortunately, the wide variance of state laws means you still need to check your state's requirements as well.

From Consumer Reports' point of view, since height is most often the determining factor in how a seat belt fits on a child, the best solution would be a single federal booster seat requirement for all kids under 4'9" (57 inches).

It's hard to turn around in any city or on any highway without seeing ad space selling us on the fabulousness of all variety of goods and services. What happens if some of that same ad space is purchased to send passers-by the opposite message? In the case of an LA billboard by Consumer Watchdog against Mercury Insurance, it appears that the billboard gets yanked... but that a lawsuit may follow.

Mercury Insurance provides auto, personal, homeowners and commercial insurance in 13 states. As reported in the LA Times (and noted in The Consumerist), the consumer protection group Consumer Watchdog placed a billboard ad in Los Angeles through CBS Outdoor which read "CONSUMER WATCHDOG SAYS: YOU CAN'T TRUST MERCURY INSURANCE. Find out why at"

According to Consumer Watchdog, it put up the billboard in the midst of California's raging wildfires in part to draw attention to Florida's punishment of Mercury for illegally handling hurricane claims -- in order to warn Californians to attentively document wildfire related claims with Mercury.

CBS reportedly approved the ad before placing it. The ad was supposed to run through September 20th. That is, until Mercury's attorney's contacted CBS and CBS took it down sometime around September 3rd. The Times reports a statement from Mercury Insurance that CBS, "as a responsible organization, has removed the defamatory statements from their billboard. Consumer Watchdog's claims about Mercury Insurance and its motivation are without merit."

Here are the reasons Consumer Watchdog says consumers should not trust Mercury Insurance. They include:

  • previouss punishment for violations of consumer protection laws regarding claims handling in California and Florida;
  • internal documents detailing Mercury's claims handling processes revealed through prior litigation; and
  • information as to Mercury's political contributions and connection to an FBI political corruption probe.

Mercury has not identified what portion of the billboard it believes to be defamatory.

A letter from Consumer Watchdog's attorney's to CBS Outdoor asserts that the only contractual grounds for removing the billboard would be nudity, pornography, profanity or obscenity in the billboard's content -- none of which were present in the Don't Trust Mercury ad. The letter demands that CBS put the ad back up or face a lawsuit for breach of its contract with Consumer Watchdog.

Cybersecurity Coordinator: On the Way but with What Power?

Last May, President Obama announced the establishment of a White House office to be led by a Cybersecurity Coordinator. According to reports, Frank Kramer, a member of Bill Clinton's administration, may soon be named as the Cybersecurity Coordinator, tasked with coordinating cyber security efforts within different branches of government and with private industry.

Last week, Reuters reported, from an unnamed source familiar with the decision-making process, that Frank Kramer, a former assistant Defense secretary under President Clinton, looks to be the current front-runner.

The White House has been criticized for the delay in installing a head of the newly created cyber security office. Computer World reports indications that numerous individuals floated as possible Cybersecurity Coordinators refused the job due to concerns that the office would not have adequate power to affect real cyber security improvements.

So, what role will such a Cybersecurity Coordinator have? The position was created to enable cyber security improvements across disparate government agencies and departments. However, it appears that divisions between these departments (part of the the need for such a Coordinator in the first place), along with bureaucratic infighting, may have caused the delay in naming a nominee.

Though Obama stated in his May speech that the Cybersecurity Coordinator would be personally selected by the President, and would have access to him, the position is defined to report to the National Security Council and the National Economic Council. According to Computer World, neither the National Security Council nor the National Economic Council appears eager to give the Cybersecurity Coordinator much power.

Information Week reported that Melissa Hathaway, who led the 60 day review of cyber security efforts which recommended creation of the position (and was once rumored to be a contender for the job) resigned her post because she did not feel empowered to drive federal cyber security policy.

James Lewis, one of the 60 day review's coauthors stated that "[t]he people whom the White House wants don't want the job because it is three layers down and because of the infighting that surrounded the 60-day review," according to Computer World.

Whether Frank Kramer will serve as Cybersecurity Coordinator, and more importantly, what effect the office will have, remains to be seen.

Lead in Children's Jewelry: "I Love USA" with 80% Lead

Nothing says "I Love USA" like a charm from China made of 80% lead. A study performed this summer by an analytical chemist found that some "Patriot Pride" jewelry charms shaped to read "I Love USA" and purchased last May in Ohio have 2870 times the current limit on lead in children's products.

After many high profile recalls in 2007 and 2008, Congress passed the Consumer Product Safety Improvement Act. It set new rules for the amount of allowable lead in children's products. As of February 10, the limit was set at 600 part per million (ppm). On August 14, the limit moved down to 300 ppm. In 2011, it is slated to go down to 100 ppm. One important feature of the rules: they apply to goods designed or primarily intended for children 12 or under.

So, how is a Patriot Pride "I Love USA" charm, 80% lead by weight, still on a store shelf in Ohio last May? It could be easy to imagine that new rules for a wide variety of goods might take time to enforce. But in this case, there have been similar charms recalled in the past, key chain charms sold at Wal-Mart in 2008, and 170 million pieces of children's jewelry before that -- all recalled due to elevated lead content.

And in this case, we have the dedicated Jeffrey Weidenhamer, chemistry professor at Ashland University in Ohio, sounding the alarm to the Consumer Product Safety Commission (CPSC). Weidenhammer was previously honored as one of Consumer Reports' Safety Crusaders for his research and advocacy on the lead content of children's jewelry. Those Wal-Mart key chains recalled in 2008... he wrote the CPSC about the lead in similar key chains in 2006. Though glad they finally came off the shelf, Weidenhamer expressed to the Cleveland Plain Dealer wonder at why it took 16 months, and tests showing a 9 month old with elevated lead in her system after mouthing one of the key chains, to make it happen.

Now, he's alerted the CPSC about the Patriot Pride charms. Consumer reports provides some details about his study. In June, Weidenhammer submitted his findings on the "I Love USA" charms to the CPSC. In mid July, they responded that they were looking into whether the charms were designed or primarily intended for children 12 or under.

As the professor noted, many manufacturers attempt to skirt the rules by simply slapping a "Not intended for children 12 or under" sticker on the goods. These "I Love America" pendants didn't even have that. It leaves Weidenhammer concerned that parents will buy the $1.50 trinkets thinking they are safe. "I worry about the cases that never are reported, where no one makes the connection between learning disabilities and a child's exposure to lead in products that never are recalled," he explained. Feds Launch Food Safety Website

The US Department of Health and Human Services (HHS) and Department of Agriculture (USDA) have launched a website -- -- designed to help consumers stay up to date of food safety issues and recalls.

The website's main appeal is that it brings together information from scattered government agencies responsible for overseeing our food supply and reacting to food safety issues. Consumers will be able to go to one place for information from the Food and Drug Administration (FDA), the Center for Disease Control (CDC), along with the Food Safety and Inspection Service (FSIS), which as part of the USDA oversees the safety of meat, poultry, and egg products. features news regarding new and ongoing food safety issues, such as recalls, along with tips on keeping food safe and avoiding food poisoning. It also features educational materials on many common food related illnesses along with the bacteria, viruses, parasites, toxins and contaminants that cause them.

The site has podcasts, video offerings, and even e-cards which you can send to people to alert them to food safety issues. Visitors can also sign up for email alerts, RSS feeds of food safety information, or download a food safety alerts and tips widget which can be featured on other websites, such as social networking websites, to keep users informed even when they are not on the website.

One handy feature the site offers is a clearinghouse through which users can report a wide variety of problems. Users can also use the site to ask questions from food safety experts. Links to state agencies involved in food safety are offered, as well.

Kohl's Fined in Wave of Child Sweatshirt Recalls

Kohl's Department Stores, along with several sweatshirt manufacturers agreed to pay a total of $600,000 in fines over children's sweatshirts with drawstrings. About 170,000 children's sweatshirts have been recalled over the risk of strangulation posed by neckline drawstrings.

In 2006, the Consumer Product Safety Commission announced that children's upper outerwear with drawstrings at the neck would be considered as presenting a substantial risk to young children and would be deemed defective. Retailers are bound by law to inform the CPSC if they have sold any such children's clothing with neckline drawstrings.

Kohl's agreed to pay the largest of the recently announced fines: $425,000. In 2008, Kohl's paid a $35,000 fine for a similar violation. Hill Sportswear, maker of the sweatshirt whose drawstring strangled a 3 year old Fresno, California boy last year after getting caught in a playground set, agreed to pay a $100,000 fine. Two other manufacturers agreed to pay a combined $85,000 in fines.

Here are the recalled sweatshirts:

Related Resources:

10 Tips to Avoid Fake Reviews

With more consumers perusing product and service reviews before deciding on a purchase, the importance of spotting fake reviews has increased. As marketers lay more and more astroturf (fake grass roots support), some tips can help spot those reviews that are more advertisements than actual reviews.

We've discussed the phenomenon previously, but those who've been busted for cranking out fake reviews only represent the tip of the iceberg. To help sort real reviews from those trying to hawk their own goods, AOL put together a list of tips to help travelers avoid bogus hotel reviews. The tips, however, apply just as well to a wide variety of online reviews.

While there are some signs more obviously indicative of fake reviews, many traits sould simply put you on alert that all may not be above board. To help spot fake reviews or at least avoid unhelpful reviews, here are 10 traits to watch for:

  1. Superlatives. Description of a hotel or a restaurant as either the absolute best or absolute worst place on the face of the earth might be a sign of ulterior motives. If it sounds like a marketing team wrote it, well, one might have. And on the other hand, an over-the-top negative review may signal that its a review by a competitor.
  2. Standouts. At the very least, reviews way out of whack with the other reviews indicate that the person did not have the average experience with what is being reviewed. Similar to reviews loaded with superlatives, reviews standing out from all the others may signal conflicted interests.
  3. Specific comparisons to other products or services. These can be a tip-off to a review by competitor. If the comparison to the wonderful appetizer offerings at the restaurant down the street are a bit too detailed, be on alert.
  4. Reviewers with no record. Reviewers who have no or few past reviews for comparison may simply be new reviewers, or they may have joined the community in order to post fake reviews.
  5. Self-styled "experts." If a reviewer boasts expert knowledge, see if there are any signs of such expertise. Are there other reviews by the person which demonstrate it? Does a quick search on their user name turn up any signs of expertise? If not, give a little less weight and perhaps a little more suspicion to such an "expert."
  6. Website warnings. Some websites, such as, flag questionable reviews with a warning. Obviously, pay attention to such warnings.
  7. Language problems. Does the language used make sense? If the words strung together sound like a computer put them together, well, maybe one did. Or perhaps someone with little to no contact with the product or service put them together.
  8. Generalizations. When reading a review full of generalizations, ask yourself whether someone who had never been there or never used the product could have written it. Typically, anyone who has and who takes the time to write a review will have specific memories.
  9. Lack of photos (where available). Going with the above, certain types of reviews -- such as hotel reviews -- allow reviewers to include photos. While the lack of photographs doesn't mean fake review, the presence of user photos most often indicates a real review.
  10. Incomplete reviews. If the reviewer didn't take the time to fill out all sections of the review, they may have been either customers, or staff, who've been given an incentive to throw up a quick review.

[via the Consumerist]

Tool against Drug Ads: CR AdWatch

With pharmaceutical companies pushing (and often far exceeding) the legal boundaries of drug marketing, many consumers wonder how to cut through the misinformation. Even ads within the rules often leave consumers less informed than they were before. One tool to help diagnose and treat the deception is Consumer Reports AdWatch.

CR AdWatch steps through specific commercials, taking time-outs to explain background and unexplained elements within the barrage of information and persuasion in television drug ads. In addition to important information left out of the ads, AdWatch points out reasons behind methods used in the ads. For example, it points out that not mentioning the name of a drug, but instead directing viewers to a website that specifically markets the drug without having to list its side effects.

The ads dissected include pitches for Abilify, Boniva, Chantix, Cialis, Requip, Rozerem, Seasonique, and others. AdWatch also includes a piece taking apart some of the ads advocating or criticizing health care reform, along with pieces on other food supplement and health topics..

To learn about some of the drugs being pushed at use through less than informative ads, as well as an entertaining glimpse at how drugs are advertized, AdWatch is a useful tool.

Related Resources:

Yesterday's record-breaking fines against Pfizer offer an opportunity to examine recently surfaced information regarding marketing tactics employed in the pharmaceutical industry. Though the line is not always clear, the Pfizer settlement agreement shows that federal prosecutors believe many widely used marketing tactics to be illegal.

While much of yesterday's news regarding the Pfizer fines concentrated on "off-label" marketing, the other area of large concern in the Pfizer case was its payment of doctors to promote and prescribe a whole host of drugs. As discussed in a recent New York Times article, pharmaceutical companies often pay doctors to speak about their drugs, or sponsor continuing medical education events which incorporate promotion of specific drugs.

As detailed in the Pfizer settlement agreement, the Department of Justice viewed Pfizer's payment of doctors for speakers programs, mentorships, journal clubs and entertainment as kickbacks for promoting or prescribing Pfizer drugs. Specifically, the DOJ contended that Pfizer violated the Federal Anti-Kickback Statute by paying doctors to promote and prescribe:

  • Aricept;
  • Bextra;
  • Celebrex;
  • Geodon;
  • Lipitor;
  • Lyrica;
  • Norvasc;
  • Relpax;
  • Viagra;
  • Zithromax;
  • Zoloft;
  • Zyrtec; and
  • Zyvox.

Pfizer did not admit guilt to these kickback charges, but instead paid $1 billion to settle the civil case (which also included other charges regarding Pfizer's drug marketing).

This week also saw release of an old marketing document from drug maker Forest Laboratories. As discussed in the Times, the 2003 marketing plan for the anti-depressant Lexapro shed light on the common industry practice of paying doctors to promote drugs. Though such tactics may be common, viewed through the lens of the Pfizer case, they also might approach illegal kickback status.

A brief summary of select 2003 planned marketing expenses for Lexapro:

  • $34.7 million for a Lexapro Speakers Bureau, comprised of 2,000 doctors trained to deliver dinner lectures featuring Lexapro. Their training would cost another $3.3 million, with yet another $4.28 million in administrative fees.
  • $11 million dollars for a variety of continuing medical education events and courses.
  • $36 million for "Lunch & Learns" where sales reps can sell doctors on the benefits of Lexapro.

A comparatively small $200,000 is allocated for articles to be "developed by (or ghost written for) thought leaders." And that is only for articles in trade or consumer publications, not the sponsored research associated with Lexapro.

If all this sounds expensive for the promotion of one drug, it's partly because the drug in question was in a particular class of anti-depressants that features many similar drugs fighting fiercely to differentiate themselves. As noted by the Times, Forest was keen to sell as much Lexapro as possible because it still had life on its patent (and therefore could be sold for much more money) than its close (and generically available) cousin Celebrex.

The federal government might have just found some much needed health care money. Drug maker Pfizer has agreed to pay $2.3 billion in fines to settle criminal and civil charges surrounding its promotion of the drug Bextra.

The felony to which Pfizer pled guilty as part of the settlement was violation of the Food, Drug and Cosmetic Act by marketing the drug with the intent to deceive and mislead. Like many recent drug marketing cases to make the headlines, the Bextra case involved "off-label" marketing. See FindLaw's Blotter for a breakdown of the record setting criminal fine against Pfizer, the largest ever levied by the federal government.

As discussed regarding Eli Lilly (our previous criminal fine record holder) and it's marketing of Lexapro, "off-label" refers to uses of a drug which are not specifically approved by the Food and Drug Administration (FDA).

When a drug maker applies for FDA approval of a drug, it must specify the uses for which it seeks approval. Drug companies are only allowed to promote the drug for uses approved by the FDA. If a use is not specified in the approval application, or is specifically refused by the FDA, then it is an "off-label" use. Promoting the drug at dosages higher than that approved by the FDA also constitutes off-label promotion.

A doctor may still prescribe the drug for an off-label use, but marketing the drug for such a use is forbidden.

According to the plea agreement in the case of Pfizer and the anti-inflammatory drug Bextra, Pfizer was actually marketing the drug for off-label uses which the FDA specifically denied approval due to safety concerns.

As detailed in the whistleblower complaint that touched off the Bextra investigation, Pfizer aggressively promoted the drug for uses including the treatment of acute pain, pre-operative and post-operative pain, all of which were specifically denied approval by the FDA, despite attempts by Pfizer to expand Bextra's approved uses. For the narrow uses that had been approved, Pfizer promoted the drug in dosages far exceeding the approved dosage.

NAAG: Top 10 Consumer Complaints for 2008

| 1 TrackBack

The National Association of Attorneys General (NAAG) has released its top 10 types of consumer complaints received in 2008. With the state of the economy over the last year, it's not too surprising that debt collection complaints top the list of most common consumer complaints to state Attorneys General across the country.

Part of the duty of each state's Attorney General (AG) is to protect the state's consumers against illegal commercial activities. They bring lawsuits to enforce the state's consumer protection laws, and hopefully shut down violators if appropriate. They often rely on consumer complaints to know which industries or practices need policing.

The National Association of Attorneys General conducts an annual survey of what types of complaints are most commonly reported to each state's AG's office. Here were the top 10 types of consumer complaints for 2008:

  1. Debt Collection
  2. Auto Sales
  3. Home Repair/Construction
  4. Credit cards (tie)
  5. Online goods and services (tie)
  6. Predatory lending/Mortgages
  7. Telemarketing/Do-not-call
  8. Auto Repair
  9. Auto Warranties (tie)
  10. Telecom/Slamming and cramming (tie)

(In number 10, "slamming" refers to the unauthorized switching of a customer's long distance carrier, and "cramming" means adding of services unrequested by the customer.)

Also mentioned were unauthorized charges and inaccurate late fees on credit cards, along with debt reduction and foreclosure avoidance scams in which consumers are asked to pay an up-front fee.

Here is a list of contact information for the Attorney General's office of each state.

(Via the Consumerist.)