Caveat Venditor: FTC Amends Telemarketing Sales Rule to Enhance Anti-Fraud Protections and to Update and Clarify Several Key Provisions Relating to the National Do Not Call Registry

On November 18, 2015, the Federal Trade Commission (FTC) released a final rule setting forth a number of key amendments to its Telemarketing Sales Rule (TSR).  [FN1]  Specifically, in response to changes in the financial marketplace, the final rule prohibits the use of certain payment methods in telemarking.  In addition, and of likely much greater significance to the vast majority of legitimate, compliance-focused telemarketers operating today, the TSR amendments update and clarify several provisions related to the National Do Not Call (DNC) Registry, including those concerning:  (i) the telemarketing exemption for calls to businesses; (ii) demonstrating the existence of an “established business relationship” with the customer; and (iii) sellers/telemarketers sharing the cost of DNC Registry fees.  The FTC also made several important clarifications regarding a consumer’s right to be placed on entity-specific do-not-call lists, as well as with respect to call recordings made to memorialize a customer’s “express verifiable authorization.”  In light of these recent changes to the TSR, even the most reputable and well-intentioned sellers and telemarketers will need to reexamine their current practices to ensure compliance with the final rule.

Certain Telemarketing Payment Methods Prohibited

The weighty, 136-page final rule focuses, to a great extent, on further protecting consumers from fraud by banning the use of four types of “novel payment methods” in telemarketing, namely, remotely created checks, remotely created payment orders, cash-to-cash money transfers, and cash reload mechanisms.  [FN2]  According to Jessica Rich, Director of the FTC’s Bureau of Consumer Protection, these are the “payment methods that scammers like, but honest telemarketers don’t use.”  For this reason, the FTC’s amendments in this regard were purposely and narrowly tailored to prohibit just these specific payment methods, thereby allowing for innovations with respect to other payment methods that are used by legitimate companies.

Do-Not-Call Amendments and Clarifications

Of greater consequence to most legitimate businesses engaged in telemarketing activities (i.e., sellers and/or the telemarketers that may be acting on their behalf) are the FTC’s amendments and clarifications with respect to the DNC Registry and other do-not-call requests made by consumers, as follows:

  • Existing Business Relationship. If a consumer’s number is on the DNC Registry, the revised TSR expressly states that sellers or telemarketers bear the burden of demonstrating that they have (i) an existing business relationship with the person or (ii) the person’s express written agreement to get calls. [FN3]
  • Business-to-Business Exemption. The business-to-business exemption extends only to calls to induce a sale to, or contribution from, a business entity; it does not cover soliciting employees at their places of business to make personal charitable contributions or to purchase goods or services for their individual use.
  • Entity-Specific Do-Not-Call Lists.
    • The amended TSR illustrates the kind of burdens that would illegally interfere with a consumer’s right to be placed on a seller’s/telemarketer’s entity-specific do-not-call list. For example, impermissible burdens include, among others, harassing consumers who make such a request, hanging up on them, requiring the consumer to listen to a sales pitch before accepting the request, and assessing a charge or fee for honoring the request.
    • Further, the TSR now specifies that if a seller or telemarketer does not get the information needed to place a consumer’s number on their entity-specific do-not-call list, the business is disqualified from the safe harbor for isolated or accidental violations.
  • DNC Registry Cost Sharing. The revised TSR emphasizes that no person may participate in any arrangement to share the cost of accessing the DNC Registry, including any arrangement with any telemarketer or service provider to divide the costs to access the registry among various clients of that telemarketer or service provider.

Finally, in addition to the do-call-call modifications highlighted above, the FTC also sought to make its enforcement policy more transparent by clarifying that any call recording made to memorialize a customer’s or donor’s “express verifiable authorization” must include an accurate description, clearly and conspicuously stated, of the goods or services or charitable contribution for which payment authorization is sought.  Such “express verifiable authorization” must be obtained by sellers and telemarketers prior to billing for telemarketing purchases or donations if payment is not made by credit or debit card.  [FN4]

*The DNC Registry and other do-not-call provisions will take effect 60 days after the final rule is published in the Federal Register.  The “novel payment method” prohibitions become effective 180 days after Federal Register publication.


[FN1]     The FTC promulgated the original TSR in 1995 and subsequently amended it in 2003 and again in 2008 and 2010 to add, among other things, provisions establishing the National Do Not Call Registry and addressing the use of pre-recorded messages and debt relief offers.  In general, the TSR requires telemarketers to make specific disclosures of material information; prohibits misrepresentations; sets limits on the times telemarketers may call consumers; prohibits calls to a consumer who has asked not to be called again; and sets payment restrictions for the sale of certain goods and services.

[FN2]     The FTC distinguishes these four prohibited payment methods from “conventional payment methods” (e.g., credit cards, and electronic fund transfers, such as debit cards), which are processed or cleared electronically through networks that can be monitored systematically for fraud.  Further enhancing the security of conventional payment methods is the fact that they are subject to federal laws that provide statutory limitations on a consumer’s liability for unauthorized transactions and standard procedures for resolving errors.  Detailed definitions of these four banned payment methods are set forth in the Federal Register notice announcing the final rule, at Section I.B.1.

[FN3]     For purposes of this section of the TSR, the term “signature” includes an electronic or digital form of signature, to the extent that such form of signature is recognized as a valid signature under applicable federal law or state contract law.

[FN4]     See 16 CFR 310.3(a)(3).

An Overview of the NY AG’s Demands On FanDuel and DraftKings

Anyone who has turned on their television in the past year is likely familiar with the business model of DraftKings, Inc. (“DraftKings”) and FanDuel Inc. (“FanDuel”). In case you have missed the numerous advertisements, both FanDuel and DraftKings run daily fantasy sports (“DFS”) promotions where contestants pay varying entry fees for the opportunity to receive cash prizes based upon the performance of their fantasy team in a given day. DFS promotions have exploded in popularity in the blink of an eye. FanDuel was founded in 2009 and, according to the FanDuel web site, it now has over one million registered users, has paid out $560 million in 2014 alone, and has received over $350 million in venture funding. Its junior, DraftKings, founded in 2012, promises over $1 billion in payouts this year according to its web site. Both companies have brokered partnerships with professional sports leagues and teams as well as other industry leaders.

Recently, however, DFS companies, including, most prominently, FanDuel and DraftKings, have come under fire due to allegations (among other reasons not discussed in this post) that DFS constitute illegal gambling under certain state lottery and gambling laws and, also, the federal Unlawful Internet Gambling Enforcement Act of 2006 (“UIGEA”).[i] DraftKings asserts on its website that it is “100% legal” because 45 of 50 states[ii] and the federal government consider one-day daily fantasy sports a legal game of skill, but both federal and state regulators and enforcement agencies are beginning to question this assertion. Most recently, on November 10, 2015, the New York State Attorney General (“NY AG”) issued cease and desist letters to DraftKings and FanDuel demanding that both parties stop accepting entry fees (or “wagers”, according the NY AG) from New York residents. The NY AG’s action follows closely behind an October 15, 2015 Nevada Gaming Control Board (“NGCB”) notice which asserted that DFS constitute gambling under Nevada law and, therefore, must be licensed by the NGCB. Further, according to a recent Wall Street Journal report, both companies are under investigation by the FBI and Department of Justice to determine whether DFS violate the UIGEA.


As background, a promotion will be found to be an illegal lottery, i.e., illegal gambling, if all of the following three elements are present:

  1. Prize;
  2. Mandatory consideration (g., payment of money, purchase of a product, etc.); and
  3. Chance.

A private sector company that wants to offer a prize promotion must remove one of the three lottery elements to avoid violating state lottery and gambling statutes. Determining the presence of prize and consideration are usually relatively straightforward whereas it may be more difficult to ascertain whether chance is present. In part, this is because states take a wide range of approaches to determine what constitutes a skill contest versus a game of chance. The tests used by states generally fall into one of the following four categories: “pure chance”, “predominant element”, “material element”, and “any chance” taints.  Each test can be summarized as follows:

  • Pure Chance Test. A minority approach is the “pure chance” doctrine under which a promotion must be solely based on chance to be an illegal lottery.  The exercise of any skill by a participant removes the promotion from within the definition of a lottery and it will instead be viewed as a game of skill.
  • Predominant Element Test.  The majority of jurisdictions apply the “predominant element” test. This test evaluates the relative degree of skill and chance present in the game; if the element of skill predominates over chance, then the game is likely permitted.
  • Material Element Test.  In several jurisdictions, a promotion will be pro­hibited if chance plays a “material” role in the outcome. A jurisdiction using this test would prohibit wagering on the game if chance has more than a mere incidental effect on the game, even if skill primarily influences the outcome of the game. This is a stricter standard than the “predominant element” test and makes it more difficult to offer skilled-based gaming if the games in question resort to a chance component in determining the outcome. New York adheres to the material element test.
  • Any Chance Test. A small number of jurisdictions apply the “any chance” test. In other words, if any chance is present in the promotion and there is a charge to play, then the promotion becomes an illegal lottery.  Certain (but not all) of the Excluded States adhere to the “any chance” test.

Further, certain states (e.g., Montana) explicitly prohibit fantasy sports or, more generally, pay to play contests by statute.

With respect to federal law, the UIGEA generally prohibits online gambling but makes an exception for online fantasy sports where (among other requirements) the “winning outcomes reflect the relative knowledge and skill of the participants and are determined predominantly by accumulated statistical results of the performance of individuals (athletes in the case of sports events) in multiple real-world sporting or other events.”[iii]


In the cease and desist letters, the NY AG concluded that both FanDuel and DraftKings run gambling operations that are illegal under NY law (pursuant to N.Y. Penal Law § 225.000 et seq. and N.Y. Const. Art. I, § 9) and demanded that both cease and desist from accepting “wagers” from NY residents. Under NY law, “a person engages in gambling when he stakes or risks something of value upon the outcome of a contest of chance or a future contingent event not under his control or influence” and a “contest of chance” exists where winning or losing depends on elements of chance to a “material degree” (i.e., NY adheres to the “material element” test discussed above) (N.Y. Penal Law § 225.00(2), see also N.Y. Gen. Bus. Law § 369-ee). Under NY law, those who operate illegal gambling enterprises are subject to criminal prosecution, but the individual gamblers are not.

The NY AG distinguished DFS from traditional fantasy sports stating: “participants in traditional fantasy sports conduct a competitive draft, compete over the course of a long season, and repeatedly adjust their teams. They play for bragging rights or side wagers, and the Internet sites that host traditional fantasy sports receive most of their revenue from administrative fees and advertising, rather than profiting principally from gambling.” The letters allege that, unlike traditional fantasy sports, FanDuel and DraftKings are engaged in illegal gambling because the fees paid by participants are actually bets that “depend on the real-world performance of athletes and numerous elements of chance” and because each party in its respective business controls the prize amounts, sets the variables (e.g., player “salaries”), advertises easy game play with big payoffs, stresses the lack of long term strategy needed, and profits directly from the wagers (i.e., by taking a cut of the entry fees paid by participants). Also for these reasons and because “a small number of professional gamblers profit at the expense of casual players”, the letters assert that DFS are more akin to (and, therefore, pose the same public health and economic risks as) poker and traditional gambling.

Notably, the letters point out that Washington state’s definition of gambling is substantially the same. Like NY, Washington adheres to the “material element” test. As noted herein, Washington is (and always has been) one of the Excluded States for both companies and Washington state regulators and its Attorney General’s office have consistently challenged the legality of all fantasy sports (traditional and DFS).

Finally, the NY AG letters lay the ground work for bringing a lawsuit against each company for their advertising campaigns, which the letters allege deceive and mislead consumers as to the prospects of winning large sums of money.

Both parties vehemently deny that their activities constitute illegal gambling and each quickly stated their opposition to the NY AG’s position. On Friday morning, both FanDuel and DraftKings filed actions seeking declaratory and injunctive relief in the New York County Supreme Court.[iv] At least for the time being, however, FanDuel has stopped accepting deposits from NY residents.


Given the high level of market exposure that FanDuel and DraftKings have experienced recently, it is not surprising that they are the subject of multiple enforcement investigations. It remains to be seen whether DFS companies will be able to persuade regulators and enforcement agencies that DFS are in fact games of skill that do not constitute illegal lotteries. This is something that we will continue to watch.

[i] Generally speaking, the provisions of the UIGEA are applicable only to payment processors.

[ii] To date, both FanDuel’s Terms of Use and DraftKing’s Terms of Use prohibit participation in each of their respective promotions by residents of Arizona, Iowa, Louisiana, Montana, Nevada and Washington (“Excluded States”). Nevada was added to the list of Excluded States on both parties’ web sites shortly after the October 15, 2015 issuance of the notice by the NGCB.

[iii] A bill recently introduced in Illinois (HB 4323 and SB 2193) that aims to exempt fantasy contests from the state’s criminalization of gambling contains nearly identical language.

[iv] DraftKings’ filing also includes numerous other causes of action based on, among other things, violations of the U.S. and NY Constitutions.

Come hear Jamie Rubin and Heather Nolan speak on hot topics in marketing law at the BAA Conference in Chicago on November 10th & 11th

On November 10, 2015, Partner, Jamie Rubin will moderate a panel on The Tricky Terrain Of Retail Marketing at the Brand Active Association/ Association of National Advertisers Legal Conference in Chicago.

Also, on November 11, 2015, Partner, Heather Nolan will present a roundtable discussion on legal compliance steps for charitable promotions at the same conference.

For those in Chicago on Tuesday, November 10th, even if you are not attending the conference, please feel free to come by our Rooftop After Hours Event between 8 and 10:30pm.   It will be at The Rooftop Lounge at the Wit Hotel (201 North State Street).


Heather Nolan to speak at Women Leaders in Advertising Law conference this week

Join Heather Nolan at ACI’s Women Leaders in Advertising Law conference this Thursday, October 22nd, at the Carlton Hotel in New York City.  She will host a panel comprised of leading self-regulatory and in-house attorneys discussing how to make the most out of work and non-work life during this time of 24/7 availability through technology.  

The panel is titled “Updating Your Status 24/7: How Women Leaders in the Increasingly Demanding Advertising and Marketing Space Can Make the Most Out of Both Life and Career.” To register click on this link


Jamie Rubin-Digital Media: Dealmakers and Legal Issues Panel

Join Jamie Rubin this Tuesday October, 20 at Collective Digital Studio in Beverly Hills for the AMEC panel Digital Media: Dealmakers and Legal Issues.  Jamie will be joined by Gary Binkow, Co-Founder and Chief Content Officer, Collective Digital Studio and Peter Morris, Vice President, Business Affairs & Development, General Counsel, Funny or Die.  REGISTER at or contact Sheree Johnson at or 310-432-0550.

Gift-Card Issuers: Mind State Cash-Back Requirements

This past August, Dave & Buster’s, the restaurant-cum-arcade chain, was sued in California state court for allegedly violating the cash-out provision of California’s gift-card law.[FN1] Under California’s law, a gift-card issuer must allow the holder of a card worth less than $10 to redeem it for cash upon request.[FN2] In the suit, plaintiff alleges that the terms of Dave & Buster’s gift cards expressly state that they are not redeemable for cash (without any qualification that cash redemption is permitted where required by law) and that repeated attempts to redeem a card for cash were denied by employees of Dave & Buster’s. The plaintiff purports to represent a class of California consumers who bought Dave & Buster’s gift cards between August 2011 and August 2015.

The Dave & Buster’s case is new, but not novel. The cash-out provision was added to California’s gift-card law in 2008 and has seen enforcement from both public and private litigants since. In August 2009, District Attorneys for Sonoma, Monterey and Shasta counties settled a claim against Starbuck’s for failure to honor the cash-out provision. Pursuant to that settlement, Starbuck’s was required to pay $225,000. Lawsuits alleging non-compliance with the cash-out provision have also been filed against at least Google, Chipotle, Petsmart, Panda Express, and Pep Boys.[FN3]

Continue Reading

New State Privacy Regulation for Connected Televisions

California will become the first state in the nation to regulate information gathered by connected television manufactures through the televisions they sell. Assembly Bill No. 1116 (“AB 1116″) was signed into law by California Governor Jerry Brown on October 6, 2015 and will take effect January 1, 2016.

There are three major provisions to AB 1116. First, 22948.20 (a) requires that a person or entity must “prominently” inform users that there is a voice recognition feature during the initial setup or installation of a connected television.

Continue Reading

Will Spies Sink Transatlantic Commerce?

The Impact of the Schrems Safe Harbor Decision

Here is the latest fallout from Edward Snowden’s public disclosures about NSA snooping on international communications: On Tuesday, the European Court of Justice invalidated the 15-year-old “Safe Harbor Data Protection Framework” under which more than 4500 US companies and organizations are permitted to process data relating to European consumers and employees. According to the EU’s highest judicial institution, it does not matter how carefully the companies keep their privacy commitments, because US government agencies may be reading their electronic mail without adequate legal supervision. This means that US-based companies must quickly pivot to other legal means of bringing European personal data to the US, such as Model Contracts and Binding Corporate Rules. But that is only the beginning.

Blowing up the Safe Harbor

The 1995 EU Data Protection Directive (Article 25) generally forbids transferring personal data from Europe to countries that do not assure an “adequate” level of legal privacy protection. The United States is deemed inadequate (along with India, Russia, China, Brazil, and, well, most of the rest of the world), because the US does not have a comprehensive data protection law on the European model.

An important alternative has been available since 2000: US companies participating in the “Safe Harbor” program negotiated between the European Commission and the US Department of Commerce could receive (or access) personal data from Europe so long as they certified compliance with the Safe Harbor Privacy Principles, a streamlined version of the principles found in the EU Data Protection Directive. Safe Harbor companies submit to third-party dispute-resolution procedures and, ultimately, enforcement in the US (chiefly by the Federal Trade Commission) or in Europe by a panel of European national data protection authorities in the case of employee data. The European Commission, with the assent of the European Council representing the governments of the EU Member States, issued a decision in 2000 that data flows subject to Safe Harbor principles and enforcement mechanisms should be deemed “adequately” protected. The thousands of Safe Harbor companies and organizations listed on the Department of Commerce website include Google, Microsoft, Apple, IBM, Amazon, most of the major US-based outsourcing and cloud services providers, and many global companies with European affiliates, including those that use Safe Harbor chiefly to access their own customer and employee records in Europe, operate central database applications, or simply manage their email servers on a global basis.

Continue Reading

Know your Privacy Policy and Practices: An Important Reminder Illustrated by Recent FTC Actions

The Federal Trade Commission’s (“FTC”) announcement last week of settlements with 13 separate companies for charges of falsely advertising certification with the U.S.-EU and/or U.S.-Swiss Safe Harbor Frameworks (“Safe Harbors”)some of which never existed but several of which had simply lapsed serves as a reminder that businesses should periodically and often review their online privacy policies (“PP”). During this review, businesses should ensure that: (i) they are following all of the stated provisions of the PP; (ii) the PP accurately reflects current business practices, technologies used on the applications, websites or other online services (“Online Services”), and business arrangements with third parties; and (iii) the PP remains current with regard to applicable laws, regulations and self-regulatory programs for which the Online Services are subject. A look at recent FTC actions illustrate the importance of this review. Continue Reading