Common Law - The FindLaw Consumer Protection Law Blog

October 2014 Archives

FTC Sues AT&T for Throttling Wireless Customer Data

The Federal Trade Commission announced today that it has filed a lawsuit against mobile phone carrier AT&T for allegedly misleading customers by charging them for "unlimited" data plans while reducing their data speeds significantly.

In its complaint filed in U.S. District Court, the FTC alleges that AT&T failed to disclose to customers with unlimited mobile data plans that once a certain amount of data had been used during a single billing cycle, AT&T reduces the speed of that user's data. This speed reduction, known as "throttling" often results in users being unable to use popular web applications such as web browsing, streaming video, or using GPS navigation on their mobile devices.

AT&T Data Throttling Program

According to the FTC's complaint, AT&T stopped offering unlimited data plans for smartphone customers in June of 2010. However, in order to keep customers from changing carriers, AT&T allowed the millions of customers who had signed up for unlimited data to be "grandfathered in" and continue under the terms of their previous plan, giving them unlimited data usage for $30 a month.

In July 2011, AT&T began throttling the speeds of unlimited mobile data plan customers. The threshold at which AT&T would begin throttling data speeds varied depending on geographic region, with customers in urban markets often being the first to be throttled. The reduction in speed also varied. According to the FTC's complaint, some users experienced speeds up to 95% slower than they would have absent the throttling.

The FTC alleges that AT&T did not properly disclose this throttling to unlimited mobile data plan customers, in violation of the section of the FTC Act prohibiting "unfair or deceptive acts or practices in or affecting commerce." Although the company did announce its data-speed throttling in customer bills, a national press release, and text messages or emails sent directly to some customers, these FTC's complaint alleges that these methods failed to notify a large number of customers or disclose the degree of the speed reduction.

Small Claims Lawsuit

The FTC's lawsuit isn't the first lawsuit regarding AT&T's reduction of unlimited data plan customers' data speeds. In 2012, a California man successfully sued AT&T in small claims court, winning $850 after alleging that AT&T's throttling violated his contract with the carrier.

With an estimated 3.5 million AT&T unlimited data plan customers who may have been affected by the speed reductions, the amount of damages at stake in this lawsuit are likely to be much higher.

Related Resources:

Takata Airbag Defect: Critics Want Nationwide Recall

On the heels of an expanded recall of vehicles with potentially defective airbags made by Japanese airbag supplier Takata, some are criticizing the geographic scope of the recall efforts.

In a letter to Transportation Secretary Anthony Foxx, Connecticut Sen. Richard Blumenthal and Massachusetts Sen. Ed Markey questioned the recall's focus on high-humidity states, reports USA Today. "We believe that NHTSA should immediately issue a nationwide safety recall on all the affected cars, regardless of where the car is," Blumenthal wrote.

Over 7M Vehicles Affected by Recall

The recall issued last week by the National Highway Traffic Safety Administration brought the total number of vehicles affected by the airbag recalls to over 12 million worldwide. It was the latest of several recalls issued for vehicles with Takata airbags this year alone.

Vehicles subject to the recall may have a potentially fatal defect in the airbag inflators. Reports from consumers and tests performed on vehicles have shown that the inflators may explode when the airbag deploys, sending shrapnel flying into the vehicle compartment.

The problem may be somehow linked to the effects of high humidity, according to the NHTSA consumer advisory issued last week. The advisory notes that the recall is particularly urgent for car owners in areas with high humidity, including Florida, Puerto Rico, Texas, Alabama, Mississippi, Georgia, Louisiana, Hawaii. and a number of U.S. territories.

Recalled Vehicles Include Honda, Ford, BMW, Toyota

The automakers affected by the recall include domestic manufacturers such as Ford along with European companies such as BMW. But Japanese automakers are the most affected: Over 5 million Honda vehicles are subject to the recall, and nearly 800,000 Toyota vehicles are too.

Consumers who believe they may own a vehicle that has been recalled can find out by using the NHTSA's online recall search tool. The tool uses a vehicle's VIN to search for any incomplete recall repairs that may be needed. According to the advisory, consumers whose vehicles are shown as not affected by this or other current recalls should still periodically check their VIN, as manufacturers continue to add VINs to the recalls database.

Related Resources:

Beware: Ebola Scams Spreading Quickly Online

As Ebola becomes a news topic, scammers interested in cashing in on the public concern over this deadly-but-quite-rare disease have begun to proliferate online. What better way to cheat people out of money than to take advantage of the public fear of a disease that often reported on, but not well understood?

What are these new Ebola scams, and how can you protect yourself?

'Ebola Cure' Scam

Ebola-centered scams come in a couple different flavors. One is the "Ebola cure" scam, CBS News reports. The victim receives an email with a link to a website selling what it claims is a cure for Ebola. According to the FDA, there is no FDA-approved drug for treating or preventing Ebola, and the only preventive drugs in existence are experimental and being given to actual Ebola patients.

Once on the website, the victim can be induced to purchase a bogus cure outright, or to invest in a company that makes the Ebola "cure." The FDA and FTC have sent warning letters to companies peddling such bogus cures and "dietary supplements" that are alleged to cure Ebola. One company, the Natural Solutions Foundation (which sells a product called Nano Silver), had its tax-exempt status revoked by the IRS.

Ebola Donation Scams

The other kind of Ebola-related scam is the request to donate to a charity that helps Ebola victims. If you receive an email request to donate to a charity, you should look it up through the Better Business Bureau or one of many websites that list registered charitable organizations.

Of course, some scam solicitations don't even want your money -- they just want access to your computer. According to U.S. News & World Report, these malware scams direct a user to a website, ostensibly to donate to a charity. But in reality, the website is going to download spyware or adware to the victim's computer.

Protect Yourself

Protecting yourself from Ebola scams is easy. Don't click on links in emails from senders you don't recognize. Before clicking on a link, check to make sure the link is really going to send you where it claims to.

Also, keep in mind that there's currently no FDA-approved cure for Ebola, and if a company were going to make such a cure, it probably wouldn't be soliciting donations over email.

Finally, don't give out your credit card number, and if you do want to donate to a charity, confirm first that it's a legitimate charity and not a scam.

Related Resources:

No Dropbox Hack, but Account Info, Passwords Leaked

Cloud storage provider Dropbox has denied that it was hacked, following the posting of account information and passwords for hundreds of Dropbox accounts online earlier this week.

What was initially reported as a hack in which almost 7 million Dropbox accounts were compromised seems now to be limited to only a few hundred accounts. In a statement reported by ZDNet, Dropbox claims that the emails, addresses, and passwords associated with these accounts were stolen "from an unrelated service" and not from Dropbox itself.

Fortunately for Dropbox users, the data breach was less widespread than initially feared. Nevertheless, what do consumers need to be aware of when it comes to the security of their online accounts?

Your Password May Not be as Secret as You Think

Although you may have selected only something you would know as the password to one or more of your online accounts, there's a good chance that if that password has been in use for more than a year or two it may no longer be safe, especially if that same password is in use across multiple online accounts.

The email addresses and passwords posted by hackers in the latest purported hack were most likely culled from previous data breaches involving other websites. For example, in 2013 researchers discovered a database of 2 million stolen login credentials associated with Facebook, Twitter, Google, LinkedIn and other web services. If your email address/password combination was compromised in that hack, or any other of the litany of hacks on major web services over the past several years, it may be used to access other services using that same combination.

How to Improve Your Password Security

When it comes to password security, following a few small steps can prevent hackers from gaining access to your online accounts:

  • Use passwords that are hard to guess and that include lower and upper-case letters as well as numbers and symbols;
  • Change passwords often;
  • Use different passwords for different services; and
  • Use two-step verification, which makes users logging into to an account enter a second code or passphrase sent by text message to a mobile phone.

Increasingly, web services such as Dropbox are also building in features that detect suspicious log-in attempts. In this case, Dropbox said it detected attempts to access accounts compromised by hackers and reset the passwords to the affected accounts.

Related Resources:

3 Tips to Protect Your Privacy on Snapchat

Popular messaging app Snapchat was reportedly hacked last week, allowing hackers to download and share thousands of private images and videos, some of which were graphic in nature.

Snapchat is an app that allows users to send each other pictures or videos that purportedly "disappear" after being opened by the intended recipient. This feature has made Snapchat popular with teens and other users who wish to share photos or videos that they would not want to be made public or seen by other than the intended recipient.

According to Newsweek, last week's hack of Snapchat -- dubbed by some "The Snappening" -- may have exposed up to 200,000 Snapchat messages, with those photos and videos quickly being shared on sites like 4chan and Reddit.

Previous Snapchat Data Breach

The breach is Snapchat's second in less than a year. In late 2013 the company announced that the account information of at least 4.6 million Snapchat accounts had been compromised, with hackers obtaining and posting the usernames, phone numbers, and other account information connected to Snapchat accounts.

The hackers who posted the data allegedly intended the attack as a warning to Snapchat to beef up the company's security, which given the most recent release of Snapchat user images, the company may still be working on.

Tips for Snapchat Privacy

What can users do to help protect their privacy when using Snapchat? Here are three tips:

  • Don't send any messages you wouldn't want someone else to see. Although Snapchat is predicated on allowing users to share photos and videos with only the intended recipient, as shown through the latest hack, that may not always be the case. And even without hackers exposing user's images and videos, messages may be screenshotted or saved by recipients using other programs, meaning that your private Snapchat message may not be as private as you had hoped.
  • Change passwords regularly. The same advice for any potentially sensitive online account applies to Snapchat: change your password regularly, and make it something that would be impossible to guess.
  • Adjust your Snapchat privacy settings. Snapchat allows users to set their account to only receive photos or videos from those who have been added to a user's Snapchat friends list. This prevents strangers from being able to message you and potentially coax you into providing personal information or compromising photographs. In addition Snapchat allows users to block users who become a nuisance or who act suspiciously.

For more tips on maintaining privacy online and avoiding identity theft or the leak of personal information, check out FindLaw's Learn About the Law section on Online Safety.

Related Resources:

GM Turns to Facebook, Phone Calls for Recall Notices

GM is struggling to get vehicle owners to bring in their recalled cars, but they've found a new way to get out the recall notices: Facebook and phone calls.

Fewer than half of the 2 million cars affected by the GM ignition-switch recall have been taken in to get fixed, so the car manufacturer has decided that recall letters in the mail just aren't cutting it. The Associated Press reports that GM has turned to sending Facebook messages and making phone calls to owners, largely to those who own Chevrolet Cobalts and Saturn Ions.

Is this the way recalls will be announced in the future? And what should you do if you receive a recall notice?

Facebook as a Platform for Recall Notices

For GM and affected car owners, getting the word out is a matter of some importance, given the deaths related to the defect -- and the accompanying liability. With more than a million affected vehicles still waiting to be fixed, it isn't surprising that GM got a bit unorthodox with getting the word out.

Facebook has been increasingly used (with mixed results) to send parties some pretty important legal information, including notice that someone has sued you. Unlike serving someone with a complaint in civil court, however, there are far fewer rules on how a manufacturer has to notify owners of a known defect in its product. Traditionally, this is accomplished in the form of a letter, but consumers may not be paying that close attention.

"I didn't think it was very serious just from the wording on the recall notice," car owner Kim Atkins, 24, told the AP. Perhaps a direct call or Facebook message is a more effective method to make sure that 20-somethings bring their cars in.

If Your Car Is Affected by the GM Recall...

If you're unsure if your car has been affected by the ignition switch recall go to GM's website and enter in your Vehicle Identification Number (VIN). If your car is included in the recall, remove all items from the ignition key's keyring and schedule the car for repair at any certified GM service dealer.

Related Resources:

JPMorgan Chase Hack Affects 76M: What Consumers Can Do

The nation's largest bank, JP Morgan Chase, announced last week that hackers may have obtained the personal information of up to 76 million customers in a cyberattack this summer.

The bank denies that hackers were able to access account numbers, passwords, Social Security numbers, or birth dates, reports The Associated Press. The hackers were, however, able to gain access to customers' names, addresses, phone numbers, and email addresses -- information that may be used to commit identity theft.

What Can Consumers Do?

Consumers whose information may have been compromised by the hackers should be vigilant in watching out for signs of potential identity theft. They should also be wary of potential attempts to use the information stolen from Chase to obtain even more sensitive personal information.

Among the methods used by scammers to obtain personal data include:

  • Email phishing. Consumers should be wary of clicking on links or opening attachments included in emails from unfamiliar or suspicious addresses. Phishing scams are a common way for scammers to mine your personal information.
  • Scam letters. Scammers may also use addresses obtained through the cyberattack to send phony letters to consumers. Letters informing you that you've won or prize from a contest you don't remember entering, or other correspondence that requests personal information, should raise a red flag.
  • Phone scams. Hackers were also able to obtain the phone numbers of Chase customers, which means that scammers may resort to using phone calls or text messages to attempt to gather more personal information from consumers affected by the data breach.

May Increase Likelihood of Fraud

Chase is just the latest company to suffer a potentially harmful data breach. Last month, retailer Home Depot announced that payment data for up to 56 million customers may have been stolen by hackers.

With the rash of data breaches making your personal information available to scammers, consumers should be on the lookout for any suspicious activity when it comes to credit card accounts, including receiving credit cards for accounts that you never opened, or getting calls about purchases you didn't make. These may be signs that you have been a victim of fraud.

In addition, consumers may wish to get a copy of their credit report. The Free Credit Reporting Act allows consumers to obtain a free copy of their credit report once a year. Credit reports can be obtained online at the Annual Credit Report website, by calling (877) 322-8228, or by mailing Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.

Related Resources:

In a year in which automakers have recalled a record-breaking 45 million vehicles, automaker Ford announced last that it was recalling 850.000 vehicles for an electrical glitch that could prevent air bags from being deployed in an accident, followed by an announcement from Toyota this week that it was recalling 790,000 Tacoma pickups for faulty rear suspension that can damage the vehicle's gas tank or brake system.

The Ford recall includes 745,000 vehicles in the United States, 82,000 in Canada, and another 20,000 in Mexico, reports The Detroit News. The Toyota recall affects model year 2005-2011 Tacoma pickups worldwide, according to Auto World News.

Ford Models Recalled Include Ford Fusion, Lincoln MKZ

The recalled Ford vehicles may have a problem with a module that controls the vehicle's restraint systems -- like the front and side impact airbags. A short circuit in the module could cause these restraints to fail in the event of a crash. This defect could also cause malfunctions in other systems that rely on data from the module such as stability control.

The vehicles affected by the latest recall are all 2013-14 models, including:

  • C-MAX vehicles built at the Michigan Assembly Plant from January 19, 2012 to November 21 2013
  • Fusion vehicles built at the Hermosillo Assembly Plant from February 3 2012 to August 24, 2013
  • Escape vehicles built at the Louisville Assembly Plant from October 5, 2011 to November 1, 2013
  • Lincoln MKZ vehicles built at the Hermosillo Assembly Plant from April 25, 2012 to September 30, 2013

No injuries have been reported in connection with the recall. However, similar electrical glitches have been the subject of several high-profile recalls this year. An electrical issue in General Motors vehicles that is the subject ongoing recall of over three million vehicles has so far been linked to at least 19 deaths.

Toyota Recall Includes Four-Wheel Drive, Pre-Runner Tacomas from 2005-2011

The Toyota recall is due to reports of corrosion in the recalled vehicle's rear suspension system. Fractures in the leaf springs could cause the springs to fracture and damage other surrounding components, including the gas tank, leading to an increased risk of fire.

Like the Ford recall, there have so far been no reports of injuries linked to the defective suspension, though complaints from vehicle owners go back as far as 2011. The recall includes both four-wheel and pre-runner versions of the Toyota Tacoma in the model years 2005 through 2011.

Find out whether your car is affected by these or other recalls by using the NHTSA VIN search.

For more information of vehicle recalls including your rights as the owner of a recalled vehicle, check out FindLaw's Learn About the Law section on Vehicle Recalls and Defects.

Related Resources: