Trade Regulation Rule on Impersonation of Government and Businesses

Download PDF
Federal RegisterOct 17, 2022
87 Fed. Reg. 62741 (Oct. 17, 2022)

AGENCY:

Federal Trade Commission.

ACTION:

Notice of proposed rulemaking; request for public comment.

SUMMARY:

The Federal Trade Commission (“FTC or “Commission”) commences a rulemaking to promulgate a trade regulation rule entitled “Rule on Impersonation of Government and Businesses,” which would prohibit the impersonation of government, businesses, or their officials. The Commission finds such impersonation to be prevalent based on the comments it received in response to an advance notice of proposed rulemaking and other information discussed in this document. The Commission now solicits written comment, data, and arguments concerning the utility and scope of the proposed trade regulation rule to prohibit the impersonation of government, businesses, or their officials.

DATES:

Comments must be received on or before December 16, 2022.

ADDRESSES:

Interested parties may file a comment online or on paper by following the instructions in the Comment Submissions part of the SUPPLEMENTARY INFORMATION section below. Write “Impersonation NPRM, R207000” on your comment and file your comment online at https://www.regulations.gov. If you prefer to file your comment on paper, mail your comment to the following address: Federal Trade Commission, Office of the Secretary, 600 Pennsylvania Avenue NW, Suite CC-5610 (Annex B), Washington, DC 20580, or deliver your comment to the following address: Federal Trade Commission, Office of the Secretary, Constitution Center, 400 7th Street SW, 5th Floor, Suite 5610 (Annex B), Washington, DC 20024.

FOR FURTHER INFORMATION CONTACT:

Christopher E. Brown, Attorney, Marketing Practices Division, phone: 202-326-2825, cbrown3@ftc.gov.

SUPPLEMENTARY INFORMATION:

The Commission invites interested parties to submit data, views, and arguments on the proposed Rule on Impersonation of Government and Businesses and, specifically, on the questions set forth in Item IV of this notice of proposed rulemaking (“NPRM”). The comment period will remain open until December 16, 2022. To the extent practicable, all comments will be available on the public record and posted at the docket for this rulemaking on https://www.regulations.gov. If interested parties request to present their position orally, the Commission will hold an informal hearing, as specified in Section 18(c) of the FTC Act, 15 U.S.C. 57a(c). Persons interested in making a presentation at an informal hearing must file a comment in response to this document containing a statement explaining why they believe an informal hearing is warranted, how they would participate in an informal hearing, their interests in the proceeding, whether there are any disputed issues of material fact necessary to be resolved during an informal hearing, and a summary of their anticipated testimony. If an informal hearing is held, a separate document will issue under 16 CFR 1.12(a) (“initial notice of informal hearing”).

The Commission elects not to provide a separate, second comment period for rebuttal comments. See16 CFR 1.11(e) (“The Commission may in its discretion provide for a separate rebuttal period following the comment period.”).

I. Background

On December 23, 2021, the Commission published an advance notice of proposed rulemaking (“ANPR”) under the authority of Section 18 of the FTC Act, 15 U.S.C. 57a(b)(2); the provisions of part 1, subpart B, of the Commission's Rules of Practice, 16 CFR 1.7-1.20; and 5 U.S.C. 553. This authority permits the Commission to promulgate, modify, or repeal trade regulation rules that define with specificity acts or practices that are unfair or deceptive in or affecting commerce within the meaning of Section 5(a)(1) of the FTC Act, 15 U.S.C. 45(a)(1). The ANPR described the Commission's history of taking law enforcement action against and educating consumers about the impersonation of government and businesses, and it asked questions about the prevalence of impersonation fraud and whether and how to proceed with an NPRM. The Commission took comment for 60 days, and it received 164 unique comments, which it has thoroughly considered.

Fed. Trade Comm'n, ANPR: Trade Regulation Rule on Impersonation of Gov't and Businesses, 86 FR 72901 (Dec. 23, 2021), https://www.federalregister.gov/documents/2021/12/23/2021-27731/trade-regulation-rule-on-impersonation-of-government-and-businesses.

See id.,86 FR 72901-04.

See id. at 72904.

Based on the substance of these comments, as well as the Commission's history of enforcement and other information discussed below, the Commission has reason to believe that the impersonation, including affiliation or endorsement claims, of government, businesses, and their officials or agents is prevalent and that proceeding with this rulemaking is in the public interest. This document discusses the comments and explains its considerations in developing the proposed rule. The Commission also poses specific questions for comment. Finally, the NPRM provides the text of its proposed rule.

See15 U.S.C. 57a(b)(3) (“The Commission shall issue a notice of proposed rulemaking pursuant to paragraph (1)(A) only where it has reason to believe that the unfair or deceptive acts or practices which are the subject of the proposed rulemaking are prevalent.”).

II. Summary of Comments to ANPR

The Commission received 164 unique comments in response to the ANPR, which are publicly available on this rulemaking's docket at https://www.regulations.gov/docket/FTC-2021-0077/comments. Of the total comments received, 113 expressly support the Commission's proceeding with the rulemaking. Another 35 comments did not express a clear view on the merits of proceeding, and another 16 comments did not address the question. No commenter expressed the view that the Commission should not commence this rulemaking. Most comments came from individual consumers, with 140 total comments. Ten comments were submitted by businesses, eleven by trade associations, and three by government or law-enforcement organizations.

The docket lists 168 comments, but four of these were submitted by AVIXA, Inc. (“Audio Visual and Integrated Experience Association”) and two by the National Association of Attorneys General (“NAAG”), accounting for four total duplicates. See AVIXA Cmts., https://www.regulations.gov/comment/FTC-2021-0077-0089, https://www.regulations.gov/comment/FTC-2021-0077-0085, https://www.regulations.gov/comment/FTC-2021-0077-0126, https://www.regulations.gov/comment/FTC-2021-0077-0128; NAAG Cmts., https://www.regulations.gov/comment/FTC-2021-0077-0152, https://www.regulations.gov/comment/FTC-2021-0077-0164.

See Pub'rs Clearing House, Cmt. on ANPR (Feb. 8, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0008 (“PCH Cmt.”); YouMail Inc., Cmt. on ANPR (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0148 (“YouMail Cmt.”); WMC Global, Cmt. on ANPR (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0154 (“WMC Cmt.”); DIRECTV, LLC, Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021- 0077-0167 (“DIRECTV Cmt.”); Somos, Inc., Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0162 (“Somos Cmt.”); Microsoft Corp., Cmt. on ANPR (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0135 (“Microsoft Cmt.”); Apple, Inc., Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0159 (“Apple Cmt.”); Cotney Attorneys & Consultants, Cmt. on ANPR (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0140 (“Cotney Cmt.”); Erik M. Pelton & Associations, Consultants, Cmt. on ANPR (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0156 (“Pelton Cmt.”); Informa PLC, Cmt. on ANPR (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0166 (“Informa Cmt.”).

See Exhibitions & Conferences Alliances, Cmt. on ANPR (Feb. 15, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0009 (“ECA Cmt.”); AVIXA, Inc., Cmt. on ANPR (Feb. 17, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0085 (“AVIXA Cmt.”); Experiential Designers & Producers Association, Cmt. on ANPR (Feb. 16, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0073 (“EDPA Cmt.”); Association of Equipment Manufacturers, Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0168 (“AEM Cmt.”); The American Apparel & Footwear Association, Cmt. on ANPR (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0141 (“AAFA Cmt.”); NCTA—The internet & Television Association, Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0169 (“NCTA Cmt.”); USTelecom, Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0160 (“USTelecom Cmt.”); International Housewares Association, Cmt. on ANPR (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0144 (“IHA Cmt.”); National Association of Broadcasters, Cmt. on ANPR (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0146 (“NAB Cmt.”); CTIA, Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0161 (“CTIA Cmt.”); Consumer Tech. Ass'n, Cmt. on ANPR (Feb. 17, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0091 (“CTA Cmt.”).

See Broward Cnty., Fla., Cmt. on ANPR (Feb. 16, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0075 (“Broward Cmt.”); NAAG, Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0164 (“NAAG Cmt.”); Nat'l Ass'n of State Charity Officials (“NASCO”), Cmt. on ANPR, at 1 (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0165 (“NASCO Cmt.”).

The 140 individual consumers who commented expressed deep concern about the harmful effects of both government and business impersonation. One representative consumer comment declared: “Citizens of the USA should be able to answer the phone and not have to worry about what type of spam, coercion, or trickery is about to assault them.” Many consumers expressed concern that impersonation scams target specific populations, such as older consumers. Another consumer, who fell victim to an impersonator of a contractor company, described lasting and serious harm: “We are lost and devastated. I live in fear daily because someone has sensitive information about my home, its location, and the people I love who reside in it.”

Coni Limpert, Cmt. on Trade Regulation Rule on Impersonation of Government and Businesses (“Cmt. on ANPR”) (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0121 (“Limpert Cmt.”).

Yroctonya Williams, Cmt. on ANPR (Jan. 6, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0004 (“Williams Cmt.”).

A. Comments About the Impersonation of Government

In its ANPR, the Commission cited public data from the Consumer Sentinel Network database and its enforcement record to conclude that “government impersonation scams are highly prevalent and increasingly harmful.” The comments received about the impersonation of government bolster this conclusion.

ANPR, 86 FR 72901; see also Fed. Trade Comm'n, Explore Government Imposter Scams, TABLEAU PUBLIC, https://public.tableau.com/app/profile/federal.trade.commission/viz/GovernmentImposter/Infographic (last visited Mar. 17, 2022).

Six commenters explicitly addressed the widespread nature of the impersonation of government entities, citing common scams perpetrated by fraudsters pretending to be Federal, State, and local governments. For example, USTelecom, a trade association of telephone and broadband industry companies, and YouMail, Inc. (“YouMail”), a communications and cybersecurity company, cite their own data regarding the prevalence of Social Security Administration impersonation scams, which echo the Commission's findings that these schemes are among the most common government impersonation complaints. Broward County, Florida, and NAAG note the incidence of government impersonation at the local level, giving particular emphasis to scams offering consumers official-looking government documents at a significantly marked-up price. Commenters also cite evidence of other common government impersonation frauds, such as schemes impersonating the Internal Revenue Service and Department of Homeland Security or targeting public-sector employees entitled to benefits and businesses seeking to comply with regulatory reporting requirements.

See USTelecom, Cmt. at 2; Broward Cmt. at 1; NAAG Cmt. at 3; YouMail Cmt. at 3WMC Cmt. at 2; Somos Cmt.

See USTelecom Cmt. at 1; YouMail Cmt. at. 3.

See Broward Cmt. at 1; NAAG Cmt. at 4.

See Broward Cmt. at 1.

See USTelecom Cmt. at 1.

See NAAG Cmt. at 5-6.

See id. at 5; see also Fed. Trade Comm'n, NPRM: Telemarketing Sales Rule, 87 FR 33677, 33683 n.77 (June 3, 2022), https://www.federalregister.gov/documents/2022/06/03/2022-09914/telemarketing-sales-rule (collecting cases of business-to-business fraud that impersonated the government and violated the Telemarketing Sales Rule).

The Commission also takes notice of additional indications of the prevalence of government impersonation scams, which came after the ANPR's publication: The Federal Bureau of Investigation issued a Public Service Announcement on March 7, 2022, “warning the public of ongoing widespread fraud schemes in which scammers impersonate law enforcement or government officials in attempts to extort money or steal personally identifiable information.” Similarly, the Social Security Administration's Office of the Inspector General spearheaded a scam alert issued by multiple Federal law enforcement agencies on May 20, 2022, warning the public of government impersonation scams involving the reproduction of Federal law enforcement credentials and badges. Additionally, the Commission recently noted that, in some impersonation scams, fraudsters have instructed consumers to convert cash into cryptocurrency under false threats of government investigations or fraud.

Public Service Announcement, Fed. Bureau of Investigation, Alert No. I-030722-PSA, FBI Warns of the Impersonation of Law Enforcement and Government Officials (Mar. 7, 2022), https://www.ic3.gov/Media/Y2022/PSA220307 .

Scam Alert, Soc. Sec. Admin. Off. of Inspector Gen., Federal Law Enforcement Agencies Warn of Impersonation Scam Involving Credentials and Badges (May 20, 2022), https://oig.ssa.gov/assets/uploads/scam-alert-law-enforcement-credentials.pdf.

See Press Release, Fed. Trade Comm'n, New Analysis Finds Consumers Reported Losing More than $1 Billion in Cryptocurrency to Scams since 2021 (June 3, 2022), https://www.ftc.gov/news-events/news/press-releases/2022/06/new-analysis-finds-consumers-reported-losing-more-1-billion-cryptocurrency-scams-2021 (“After cryptocurrency investment schemes, the next largest losses reported by consumers were on . . . Business and Government Impersonation Scams[.] Reports show these scammers often target consumers by claiming their money is at risk because of fraud or a government investigation and the only way to protect their cash is by converting it to cryptocurrency.”).

Several commenters discussed how a rule addressing impersonation should be drafted. For example, Broward County offered specific recommendations, including but not limited to prohibiting advertising that creates the impression of government affiliation or endorsement without express consent and requiring advertisers to prominently disclaim government affiliation or endorsement where it could be reasonably construed from silence. YouMail suggested that the proposed rule “not be so prescriptive as to put a damper on private cybersecurity businesses' ability to develop and refine new, market-based tools to prevent electronic communications fraud, including impersonation fraud.”

See Broward Cmt. at 2.

YouMail Cmt. at 11.

Two commenters, NAAG and USTelecom, explicitly addressed the Commission's questions regarding individuals or entities that provide the means and instrumentalities for impersonators to conduct such practices. NAAG asserted that impersonators “often use other companies' products and services to execute their scams,” such as “marketing companies, call centers, attorneys, third-party mailing services, payment processors, lead list providers, remote offices . . . [d]ating websites, and social media . . . .” It also addressed the Commission's question regarding the circumstances under which the provision of means and instrumentalities should be considered deceptive or unfair, remarking that “when an entity provides substantial assistance or support to impersonators and knows or should have known that their products [or] services are being used in a fraudulent impersonation scheme, that company could also be held liable under the proposed impersonation rule.” Similarly, USTelecom also recommended liability for “individuals or entities that provide the means and instrumentalities for impersonators . . . such as how the FTC has used the [Telemarketing Sales Rule] against robocall enablers,” but noted that the proposed rule “should make clear that liability . . . requires proof of knowledge of such fraud or conscious avoidance of it, consistent with FTC precedent and [Telemarketing Sales Rule] and Section 5 jurisprudence.” Somos, Inc., which manages registry databases for the telecommunications industry, similarly encourages the “[p]rosecution of . . . those knowingly aiding and abetting” impersonated toll-free numbers.

NAAG Cmt. at 8.

Id. at 10.

USTelecom Cmt. at 3-4.

Somos Cmt. at 3, 5.

Several commenters recommended additional action to a proposed rulemaking, including the development of educational workshops and materials, and increased collaboration between the Commission and other government agencies, businesses, and trade associations to combat impersonation fraud. For example, WMC Global, a cybersecurity company, recommended that government agencies invest in “phishing kit intelligence”—one of the tools the company states it uses to identify impersonators responsible for credential phishing attacks. YouMail encourages the Commission to work with industry groups “that develop methods, techniques, and standards that advance the fight against robocalls and related fraud,” which can serve to “help educate the public about how those tools can be used for self-protection against impersonation.” Somos expressed a willingness to assist law enforcement's prosecution of impersonators that spoof a company's Toll-Free Number (TFN) for their CallerID, but use a different TFN as a call back number, which leads consumers to believe they are communicating with an honest business. Somos states that it can always provide the identity of the entity that reserved the TFN, which law enforcement, using subpoenas, can traceback to the subscriber or U.S. point of entry that likely committed the fraud or knowingly aided and abetted the activity.

See USTelecom Cmt. at 3; NAAG Cmt. at 13; YouMail Cmt. 9-10; WMC Cmt. at 5; NCTA Cmt. at 2; CTIA Cmt.; Pelton Cmt. at 5; ECA Cmt. at 2-3; AAFA Cmt. at 3; CTA Cmt. at 3-7; YouMail Cmt. at 10; DIRECTV Cmt. at 2.

See YouMail Cmt. at 10; WMC Cmt. at 5; Somos Cmt. at 6.

WMC Cmt. at 1, 5.

YouMail Cmt. at 10.

See Somos Cmt. at 3, 6.

Id.

B. Comments About the Impersonation of Businesses

The ANPR noted that business impersonation scams cause an “enormous amount of financial harm to the public” and are widespread: “From January 1, 2017, through September 30, 2021, consumers reported being defrauded of roughly $852 million in 753,555 business impersonation incidents.” The comments received about the impersonation of businesses bolster this conclusion.

ANPR, 86 FR 72901.

The Commission received 15 comments that specifically addressed the widespread impersonation of businesses from consumers, trade associations, and businesses. Consumers submitted comments about various business impersonators they encountered, including impersonators of Microsoft and Apple. Several of these impersonated companies submitted their own comments relaying that impersonation of their businesses causes severe harm to consumers as well as to their own business.

See ECA Cmt.; AVIXA Cmt.; EDPA Cmt.; AEM Cmt; AAFA Cmt.; NCTA Cmt.; US Telecom Cmt.; NAAG Cmt.; PCH Cmt.; YouMail Cmt; WMC Cmt; IHA Cmt.; DIRECTV Cmt.; Somos Cmt.; NAB Cmt..

See, e.g., Betty Hanley, Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0163 (“Hanley Cmt.”).

See, e.g., Maximo Estebar, Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0157 (“Estebar Cmt.”); Anonymous, Cmt. on ANPR (Feb. 16, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0044 (“0044 Cmt.”).

See Microsoft Corp., Cmt. on ANPR (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0135 (“Microsoft Cmt.”); Apple, Inc., Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0159 (“Apple Cmt.”).

The Commission received several comments from trade associations that represent groups engaged in the face-to-face business events industry. Five trade associations representing businesses partaking in conferences, trade shows, and other face-to face business events submitted comments noting that they are frequently targets of business impersonation. These comments outlined two prevalent types of business impersonation fraud: hotel reservation scams and attendee list-sale scams. A hotel reservation scam involves scammers impersonating housing providers of a particular conference or event and tricking consumers into purchasing bogus hotel rooms. Perpetrators of attendee list-sale scams contact face-to-face exhibitors and sell fake attendee lists. They often use the event organizer's name and logo to bolster the illusion that they are, or are affiliated with or endorsed by, the event organizer.

See EDPA Cmt.; ECA Cmt.; AEM Cmt.; AVIXA Cmt.; NAB Cmt.

See ECA Cmt. at 2; EDPA Cmt.; AEM Cmt. at 1; AVIXA Cmt.

See ECA Cmt. at 2; EDPA Cmt.; AEM Cmt. at 1; AVIXA Cmt.

See ECA Cmt. at 2; EDPA Cmt; AEM Cmt. at 1; AVIXA Cmt.

The National Association of Broadcasters (“NAB”) also expressed its support for the initiation of a rulemaking to address impersonation because of its experience hosting an annual convention. NAB states that business impersonation harms numerous small businesses that often do not have the resources to properly protect themselves.

See NAB Cmt. at 1-2.

See id.

The American Apparel & Footwear Association (“AAFA”) states that the AAFA and the roughly 1,000 brands it represents are frequent targets of business impersonation. The impersonators use company or organization trademarks and logos in the signature blocks of fraudulent email solicitations to help perpetrate these schemes. The AAFA comment notes that impersonation is a widespread issue in the non-profit trade association industry. Another trade association, the International Housewares Association, and a consulting firm for construction companies, Cotney Attorneys & Consultants, submitted comments that also expressed concern about rampant impersonation fraud surrounding trade shows and conferences.

See AAFA Cmt. at 1.

See id.

See id. at 2.

See IHA Cmt. at 1.

See Cotney Attorneys & Consultants, Cmt. on ANPR, at 1 (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0140 (“Cotney Cmt.”).

Four trade associations that represent businesses in the telecommunications and technology industries submitted comments noting that these industries are frequently targeted for business impersonation fraud. The internet & Television Association (“NCTA”), a trade association for the United States cable television industry, states that its members provide television service to almost 80% of the nation's cable television customers. NCTA does not explicitly take a position on the proposed rulemaking, but states that it stands “ready to assist the FTC with its educational efforts.” NCTA identified two common types of business scams, a payment scam and unauthorized reselling scam. A payment scam involves scammers impersonating employees or vendors and calling customers or prospective customers in an effort to gain their personal information, such as credit card information, bank account numbers, Social Security numbers, and passwords. An unauthorized reselling scam involves scammers fraudulently using member brands to collect customer or employee information or unlawfully reselling access to the company's network. NCTA states that it takes considerable action to fight these scams, including communicating regularly with customers and providing educational materials online, engaging with the communities at town halls, and directing consumers to FTC resources.

See NCTA Cmt. at 2.

Id.

See id.

See id.

See id.

USTelecom states that it supports the efforts of Federal agencies, including the FTC, to hold impersonators accountable for fraud, including impersonators using telephone networks to perpetrate their scams. It notes that, every day, these impersonators spam the U.S. telephone network with robocalls and voice phishing calls pretending to be private companies. USTelecom's Industry Traceback Group tracks these calls and identifies the percentage of bank scams, health insurance scams, and Amazon impersonators, among others. According to USTelecom, most of these calls originate from outside of the United States, from countries such as India, Pakistan, Mexico, the United Kingdom, and Australia.

See USTelecom Cmt. at 1.

See id.

See id. at 2.

See id.

Consumer Technology Association (“CTA”) states that it is North America's largest technology trade association. CTA and its members are frequently targeted for impersonation fraud. CTA states that it has seen a growing number of impersonation fraud through email solicitations, including impersonation attempts of CTA representatives. CTA also states that business impersonation victimizes non-profit organizations, such as the CTA Foundation. CTA supports an FTC rule that would prohibit deceptive impersonation of for-profit and non-profit businesses alike. It recommends that the FTC not focus rulemaking efforts on communication channels; instead, it encourages the FTC to work with the private sector to improve detection and reporting mechanisms to prevent impersonation schemes. Finally, CTA suggests that the FTC consider partnership with other Federal agencies, the private sector, and non-profits to gather information and help prevent impersonation fraud.

Consumer Tech. Ass'n, Cmt. on ANPR, at 1 (Feb. 17, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0091 (“CTA Cmt.”).

See id.

See id. at 4.

See id. at 5-6.

See id.

Id. at 9.

See id.

CTIA, a trade association for wireless-service providers, proposes that the FTC continue to use its existing tools to combat impersonation fraud. CTIA suggests that, if the FTC proceeds with a new rule to address impersonation fraud, the rule should “narrowly” target bad actors and continue to coordinate with government partners and the private sector. CTIA lists various industry efforts to help prevent robocalls from reaching consumers and discusses its implementation of “Messaging Principles and Best Practices” to help stop bad actors. CTIA states that its members have been assisting Federal and State enforcement actions against impersonation frauds.

See CTIA, Cmt. on ANPR (Feb. 23, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0161 (“CTIA Cmt.”).

Id.

Id. at 7-10.

See id.

The Commission received 11 comments from businesses or trade associations that are frequently impersonated; six of these comments were from companies in the telecommunications and technology industries.

See YouMail Cmt.; WMC Cmt.; DIRECTV Cmt.; Microsoft Cmt.; Apple Cmt.; Somos Cmt.; PCH Cmt.; Informa Cmt.; AAFA Cmt.; NAB Cmt.; CTA Cmt.

For example, DIRECTV submitted a comment supporting the Commission's effort to fight impersonation fraud and states that many impersonators pose as representatives of DIRECTV in an effort to commit prepaid card fraud, which causes significant harm to both consumers and businesses. According to DIRECTV, impersonators falsely offer consumers discounts on its service in exchange for the consumer's providing a prepaid credit card or gift card to a third-party e-commerce website. This conduct can result in significant financial loss for consumers. DIRECTV cites a YouMail, Inc. estimate that Americans received millions of calls over the course of one month in late 2021 from scammers claiming to be from companies, such as Amazon, Apple, PayPal, and Wells Fargo, and making false claims about the consumers' accounts or information with these companies. DIRECTV states that impersonation fraud harms its business by forcing it to dedicate resources to fighting the scams and also states that the scams hurt its ability to interest consumers in legitimate services.

See DIRECTV Cmt. at 1.

See id. at 2-4.

See id. at 4-6.

See id. at 2.

See id.

See id. at 3-4.

Apple, Inc., submitted a comment that urges the Commission to adopt a rule targeting bad actors (and their “facilitators” that are engaging in impersonation fraud) without stifling legitimate business activity. Apple states that it has worked cooperatively with the FTC and other Federal agencies to protect consumers from impersonation fraud. Apple notes the prevalence of fraud in which impersonators steal money from consumers through gift card scams. Apple states that, as a result of aggressive civil and criminal enforcement, impersonation fraud levels have decreased. Apple states that impersonators who have obtained stolen gift cards use gray markets to sell the items purchased with those cards, making it harder for consumers to detect the fraud. Apple maintains that gray markets are primary “means and instrumentalities” that impersonators use to conduct their scams. One consumer submitted a comment describing how he had had fallen prey to Apple employee impersonators. Another commenter, a former Apple employee, described the many stories she had heard of customers falling victim to Apple employee impersonators.

Apple Cmt.

See id.

See id.

See id. Apple notes that complaints about unauthorized calls by individuals listed on the FTC's Do Not Call Registry decreased after the Commission sued a VoIP provider for originating illegal robocalls.

Gray markets “allow consumers to sell physical and digital goods at a discounted price. Impersonators who have obtained stolen gift card funds utilize gray markets to sell items purchased with those funds to other consumers who may be unaware of the fraudulent source of the items they are purchasing.” Id.

See id.

Id.

See Estebar Cmt.

See 0044 Cmt.

Microsoft Corporation strongly supports the Commission's decision to proceed with rulemaking to combat government and business impersonation fraud. Microsoft states that it is frequently impersonated in the form of technical support scams, in which individuals impersonate Microsoft employees to trick consumers into purchasing technical support services to fix non-existing software or device issues. Such impersonators often steal personal information from consumers and frequently install malware or other programs to do so. Microsoft's comment discusses its commitment to protecting customer privacy through its Digital Crimes Unit. Microsoft states that it has a database of roughly 600,000 consumer complaints regarding technical support scams. It also states that it has conducted consumer surveys regarding the prevalence of technology scams. In 2021, Microsoft commissioned YouGov to conduct an online survey of more than 16,000 adult internet users in 16 countries. Microsoft maintains that the survey results demonstrate the strong need for additional protection of consumers from technical support scams.

See Microsoft Cmt. at 1.

See id.

See id.

See id. at 2.

See id. at 3.

See id.

See id.

According to Microsoft, the YouGov survey shows that 67% of U.S. consumers have encountered a technical support scam in the previous year. The study did show that marginally fewer consumers have been exposed to technical support scams in recent years than in 2018. The YouGov survey also showed that consumers have been targeted with impersonation scams involving Facebook, Apple, Google, and Amazon.

See id.

See id.

See id. at 3-4.

Microsoft states that consumers often lose hundreds and sometimes thousands of dollars to technical support impersonation scams. According to Microsoft, the YouGov survey shows that the Millennial Generation and Generation Z have the highest losses from technical support scams: One in 10 members of these demographics fell victim to such a scam and lost money. The survey data shows that men are more likely to fall prey to a technical support scam.

See id. at 4.

See id.

See id.

Microsoft states that there has been a shift from the traditional “cold-call” model that scammers use, often by using spoofed numbers and claiming to be a Microsoft employee, to deployment of automated pop-ups/malware on websites to redirect consumers to scam websites. It states that technical support scams typically make strong claims via pop-up websites, email and other online platforms, in addition to telephone calls where callers falsely represent themselves as Microsoft employees. According to Microsoft, technical support impersonators often share resources, which allows them to copy each other's business models and limit risk of enforcement action.

See id. at 5-6.

See id. at 6.

See id.

See id.

Addressing means-and-instrumentalities liability, Microsoft states that scammers typically rely on payment processors to receive money from victims of these scams. The scammers also utilize affiliate marketing services to advertise to consumers through malicious ads and pop-up windows.

See id.

See id.

Microsoft states that a systematic approach is critical to address these scams, especially because private actors are limited in their ability to recover money for victims. Microsoft notes that the FTC's new rule would “clarify and strengthen the FTC's authority to address these scams, building upon the FTC's existing authority under the FTC Act and existing regulation, including the Telemarketing Sales Rule.”

See id.

Id. The Commission also received a comment from a consumer who fell prey to Microsoft impersonators. See Hanley Cmt.

Somos, Inc. states in its comment that, when scammers use Toll-Free Numbers (TFNs) to execute their scams, it causes consumers to lose confidence in TFNs. It reports that, since 2017, Somos and partner organizations have shut down more than 18,000 TFNs used by impersonation scammers. Somos discusses anecdotal evidence based on experience with companies that have asked Somos to help shut down TFNs utilized by scammers. Somos states that it works with more than 80 companies whose customers have been targeted by impersonation scams—65 utility companies, four tech companies, three retailers, and 10 miscellaneous entities. Somos states that there has been an increase in the number of TFNs reported as impersonation scams.

See Somos Cmt. at 1.

See id. at 2.

See id.

See id.

See id. at 4.

The Commission received a comment from Erik M. Pelton & Associates, a trademark law firm in Virginia, requesting that it include trademark scams in its definition of impersonation scams. The comment states that trademark scams have become widespread. Specifically, the comment states that a Pakistan-based company used over 200 fake websites to impersonate the United States Patent and Trademark Office (USPTO) and offer trademark filing services. The law firm urges transparency from the FTC, USPTO, and United States Postal Inspection Service about the pervasiveness of trademark scams and the measures being taken to address these scams. The comment also recommends that the FTC investigate the means used to collect the money unlawfully taken from victims. The comment also suggests that the FTC adopt a more robust impersonation scam reporting system for consumers and businesses.

See Erik M. Pelton & Associations, Consultants, Cmt. on ANPR, at 1 (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0156 (“Pelton Cmt.”).

See id. at 3.

See id.

See id.

See id. at 5.

Id.

C. Other Comments

The Commission received a number of comments that advocated for “non-profit” entities to be included in the proposed rule's definition of businesses that can be impersonated. For example, The National Association of State Charity Officials (“NASCO”), an association of state charity officials, state attorneys general, and other state officials who regulate charities, submitted a comment urging the Commission to consider including impersonation of charitable organizations in the rule. NASCO states that “fraudulent practices of impersonating legitimate charitable causes and charitable organizations persist across the country.” It urges the FTC to ensure that the impersonation rule would cover individual and professional fundraiser impersonators. NASCO notes that the FTC worked with 38 state charity regulators to help shut down a telemarketing scam that involved over 100 million donations.

Nat'l Ass'n of State Charity Officials (“NASCO”), Cmt. on ANPR, at 1 (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0165 (“NASCO Cmt.”); ECA Cmt. at 2; Cotney Cmt. at 2; CTA Cmt. at 3-7.

See NASCO Cmt. at 1.

Id. at 2.

See id. at 3.

See id.

III. Reasons for the Proposed Rule on Impersonation of Government and Businesses

The Commission believes that the proposed rule will substantially improve its ability to combat the most prevalent impersonation fraud and may also strengthen deterrence against this fraud in the first instance. While government impersonation and business impersonation are already unlawful under Section 5 of the FTC Act, which prohibits unfair or deceptive acts or practices, the proposed rule will allow the Commission to seek civil penalties against the violators and more readily obtain monetary redress for their victims. The rule would not impose new burdens on honest businesses and instead provide benefits to businesses whose brands are harmed by business impersonators.

A. Need for and Objectives of the Proposed Rule on Impersonation of Government and Businesses

The Commission's objective in commencing this rulemaking is to expand the remedies available to it in combatting common and injurious forms of fraud. In the ANPR, the Commission described how a recent U.S. Supreme Court decision, which overturned 40 years of precedent from the U.S. Circuit Courts of Appeal uniformly holding that the Commission could take action under Section 13(b) of the FTC Act to return money unlawfully taken from consumers through unfair or deceptive acts or practices, has made it significantly more difficult for the Commission to return money to injured consumers. Without Section 13(b) as it had historically been understood, the only method the Commission has to return money unlawfully taken from consumers is Section 19, which provides two paths for consumer redress. The longer path requires the Commission to first win a case in—and any appeal arising from—its administrative court. Then, to recover money for consumers, the Commission must prove that the violator engaged in fraudulent or dishonest conduct in a second action in Federal court. The shorter path, which allows the Commission to recover directly through a Federal court action or obtain civil penalties directly from a Federal court, is available only when a rule has been violated.

See AMG Cap. Mgmt., LLC v. FTC, 141 S. Ct. 1341, 1352 (2021).

See ANPR, 86 FR 72901 & n.24 (discussing AMG Cap. Mgmt.).

See15 U.S.C. 57b(a)(2) (“If the Commission satisfies the court that the act or practice to which the cease and desist order relates is one which a reasonable man would have known under the circumstances was dishonest or fraudulent, the court may grant relief.”).

Compare15 U.S.C. 57b(a)(1) (rule violations), with id. 57b(a)(2) (Section 5 violations).

The proposed rule will make available the shorter path in a broader set of Commission enforcement actions. Currently, the Commission can directly pursue in Federal court Section 19 remedies, including civil penalties and consumer redress, for impersonation fraud only if that fraud violates the Commission's Telemarketing Sales Rule, Mortgage Assistance Relief Services Rule, or R-Value Rule, which expressly prohibit impersonation fraud but apply only in specific contexts. Outlawing impersonation of government and business by rule no matter what the context expands the Commission's enforcement toolkit and allows it to stop and deter harmful conduct and make American consumers whole when they have been wronged. Because impersonation fraud is so prevalent and so harmful, the unlocking of additional remedies through this rulemaking, particularly the possibility of seeking civil penalties against violators as well as obtaining redress for their victims, will allow the Commission to more effectively police impersonation scams that plague consumers.

See TSR, 16 CFR 310.3(a)(2)(vii) (prohibiting misrepresentations with respect to a “seller's or telemarketer's affiliation with, or endorsement or sponsorship by, any person or government entity”); R-Value Rule, 16 CFR 460.21 (“Do not say or imply that a government agency uses, certifies, recommends, or otherwise favors your product unless it is true. Do not say or imply that your insulation complies with a governmental standard or specification unless it is true.”); Regulation O (Mortgage Assistance Relief Services), 12 CFR 1015.3(b)(3) (prohibiting misrepresentations that “a mortgage assistance relief service is affiliated with, endorsed or approved by, or otherwise associated with: (i) The United States government, (ii) Any governmental homeowner assistance plan, (iii) Any Federal, State, or local government agency, unit, or department, (iv) Any nonprofit housing counselor agency or program, (v) The maker, holder, or servicer of the consumer's dwelling loan, or (vi) Any other individual, entity, or program”).

B. Overview and Scope of Proposed Rule on Impersonation of Government and Businesses

The Commission's proposed rule is straightforward. It borrows from existing rules and statutory definitions by declaring that impersonation of government and businesses is unlawful. As noted above, case law and the Commission's experience, as well as the comments and other evidence cited herein, are replete with examples of such impersonation.

See id.

The prohibition against impersonating government in proposed § 461.2 would cover unlawful conduct by persons who misrepresent that they are or are affiliated with a government or government officer by, including but not limited to: (1) calling, messaging, or otherwise contacting an individual or entity while posing as a government or an officer or agent or affiliate or endorsee thereof, including by identifying a government or officer by name or by implication; (2) sending physical mail through any carrier using addresses, government seals or lookalikes, or other identifying insignia of a government or officer thereof; (3) creating a website or other electronic service impersonating the name, government seal, or identifying insignia of a government or officer thereof or using “.gov” or any lookalike, such as “govusa.com”; (4) creating or spoofing an email address using “.gov” or any lookalike; (5) placing advertisements that pose as a government or officer thereof against search queries for government services; and (6) using a government seal on a building, letterhead, website, email, vehicle, or other physical or digital place.

The prohibition against impersonating businesses in § 461.3 would cover a variety of similarly unlawful conduct, including but not limited to: (1) calling, messaging, or otherwise contacting an individual or entity while posing as a business or an officer or agent or affiliate or endorsee thereof, including by naming a business by name or by implication, such as “card member services” or “the car dealership”; (2) sending physical mail through any carrier using addresses, seals, logos, or other identifying insignia of a business or officer thereof; (3) creating a website or other electronic service impersonating the name, logo, insignia, or mark of a business or a close facsimile or keystroke error, such as “ntyimes.com,” “rnicrosoft.com,” “microsoft.biz,” or “carnegiehall.tixsales.com”; (4) creating or spoofing an email address that impersonates a business; (5) placing advertisements that pose as a business or officer thereof against search queries for business services; and (6) using, without authorization, a business's mark on a building, letterhead, website, email, vehicle, or other physical or digital place.

The rule, in proposed § 461.4, also makes it unlawful to provide the means and instrumentalities for violations of proposed §§ 461.2 and 461.3. Some commenters suggested that the Commission impose liability on a broader set of actors, namely those who assist and facilitate violations. The Telemarketing Sales Rule (“TSR”) does so, but the Commission cannot do so here. The TSR provides express statutory authorization for assisting-and-facilitating liability, a form of indirect liability. Sections 5 and 18 of the FTC Act contain no such express authorization. Instead, the case law describes a form of direct liability for a party who, despite not having direct contact with the injured consumers, “passes on a false or misleading representation with knowledge or reason to expect that consumers may possibly be deceived as a result.” In other words: “One who places in the hands of another a means of consummating a fraud or competing unfairly in violation of the Federal Trade Commission Act is himself guilty of a violation of the Act.” Accordingly, the Commission proposes expressly to impose liability on those who provide the means and instrumentalities of violations of the prohibitions against impersonation of government and businesses, but it declines to seek to impose assisting-and-facilitating liability. An example of a violation of proposed § 461.4's prohibition on providing the means and instrumentalities for impersonation is a person who fabricates official-looking Internal Revenue Service (IRS) Special Agent identification badges for sale. In this example, the person does not actually impersonate an IRS Special Agent, so does not violate proposed § 461.2's prohibition against impersonating government officers but does provide the means and instrumentalities for others to do so, which violates proposed § 461.4.

See15 U.S.C. 6102(a)(2) (“acts or practices of entities or individuals that assist or facilitate deceptive telemarketing”).

Shell Oil Co., 128 F.T.C. 749 (1999).

C. Howard Hunt Pen Co. v. FTC, 197 F.2d 273, 281 (3d Cir. 1952).

Several commenters raised questions about jurisdiction. The proposed rule is subject to all existing limitations of the law: of unfair or deceptive acts or practices under the FTC Act; of the FTC's jurisdiction; and of the U.S. Constitution—the Commission cannot bring a complaint to enforce the rule if the complaint would exceed the Commission's jurisdiction or offend the Constitution. One important jurisdictional subject for discussion is not-for-profit entities. The Commission is authorized to sue a corporation (including any company, trust, or association, incorporated or unincorporated) only when it is “organized to carry on business for its own profit or that of its members.” Nevertheless, the proposed rule's definition of “business” includes entities that are organized as not-for-profit entities. The reason is that persons, partnerships, or corporations that are organized for profit (including illicit profits) may impersonate a business that is not. For example, a scammer might impersonate a charity. Whether organized as a person, partnership, or corporation, this hypothetical scammer is within the jurisdiction of the FTC, even if the impersonated charity is not. Accordingly, the rule, in proposed § 461.1, defines a “business” that may be impersonated to include non-profits.

State laws likely forbid impersonation by a bona fide non-profit organization even if would not be subject to FTC jurisdiction.

One commenter worried that the rule, if applied literally in an unanticipated way, could chill legitimate speech. The proposed rule, however, sweeps no more broadly than the existing prohibition against unfair and deceptive practices in Section 5 of the FTC Act. Because misrepresentations must be “material” and “in or affecting commerce,” a communication that is not material to a commercial transaction, such as impersonation in artistic or recreational costumery or impersonation in connection with political or other non-commercial speech, is not prohibited by the proposed rule.

See Cason Reilly, Cmt. on ANPR, at 1-3 (Feb. 22, 2022), https://www.regulations.gov/comment/FTC-2021-0077-0136.

C. The Rulemaking Process

The Commission can decide to finalize the proposed rule if the rulemaking record, including the public comments in response to this NPRM, supports such a conclusion. The Commission may, either on its own initiative or in response to a commenter's request, engage in additional processes, which are described in 16 CFR 1.12 and 1.13. If the Commission on its own initiative decides to conduct an informal hearing, or if a commenter files an adequate request for such a hearing, then a separate notice will issue under 16 CFR 1.12(a). Based on the comment record and existing prohibitions against impersonation of government and businesses under Section 5 of the FTC Act, the Commission does not here identify any disputed issues of material fact necessary to be resolved at an informal hearing. The Commission may still do so later, on its own initiative or in response to a persuasive showing from a commenter.

IV. Preliminary Regulatory Analysis

Under Section 22 of the FTC Act, the Commission, when it publishes any NPRM, must include a “preliminary regulatory analysis.” 15 U.S.C. 57b-3(b)(1). The required contents of a preliminary regulatory analysis are (1) “a concise statement of the need for, and the objectives of, the proposed rule,” (2) “a description of any reasonable alternatives to the proposed rule which may accomplish the stated objective,” and (3) “a preliminary analysis of the projected benefits and any adverse economic effects and any other effects” for the proposed rule and each alternative, along with an analysis “of the effectiveness of the proposed rule and each alternative in meeting the stated objectives of the proposed rule.” 15 U.S.C. 57b-3(b)(1)(A)-(C). This NPRM already provided the concise statement of the need for, and the objectives of, the proposed rule in Item III.A above. It addresses the other requirements below.

A. Reasonable Alternatives and Anticipated Costs and Benefits

The Commission believes that the benefits of proceeding with the rulemaking will significantly outweigh the costs, but it welcomes public comment and data (both qualitative and quantitative) on any benefits and costs to inform a final regulatory analysis. Critical to the Commission's analysis is the legal consequence that any eventual rule would allow not only for monetary relief to victims of rule violations but also for the imposition of civil penalties against violators. Such results are likely to provide benefits to consumers and competition, as well as to the agency, without imposing any significant costs on consumers or competition. It is difficult to quantify with precision what all those benefits may be, but it is possible to describe them qualitatively.

It is useful to begin with the scope of the problem the proposed rule would address. As discussed in the ANPR, consumers reported 1,362,996 instances of government impersonation and associated total losses of $922,739,109 from January 1, 2017 through September 30, 2021. Since then, consumers reported another 46,606 instances of government impersonation in the fourth quarter of 2021 and 46,950 in the first quarter of 2022. For business impersonation, the ANPR noted that, from January 1, 2017 through September 30, 2021, consumers reported being defrauded of roughly $852 million in 753,555 incidents. Since then, consumers reported another 96,341 instances of business impersonation in the fourth quarter of 2021 and 79,057 in the first quarter of 2022. For the time period discussed in the ANPR, average annual total consumer losses reported from business impersonation were roughly $180 million, and average annual total consumer losses reported from government impersonation were roughly $190 million. With all the 2021 data in, total reported consumer losses last year due to government impersonation topped $445 million over 396,601 reported incidents.

See ANPR, 86 FR 72901, 72902.

See Fed. Trade Comm'n, Fraud Reports: Subcategories over Time, Tableau Public, https://public.tableau.com/app/profile/federal.trade.commission/viz/FraudReports/SubcategoriesOverTime (last visited June 24, 2022). See also Fed. Trade Comm'n, Consumer Sentinel Network Data Book 2020, 4 (2022), https://www.ftc.gov/system/files/ftc_gov/pdf/CSN%20Annual%20Data%20Book%202021%20Final%20PDF.pdf.

See ANPR, 86 FR 72901.

See Fed. Trade Comm'n, Fraud Reports: Subcategories over Time, Tableau Public, https://public.tableau.com/app/profile/federal.trade.commission/viz/FraudReports/SubcategoriesOverTime (last visited June 24, 2022).

See Fed. Trade Comm'n, Explore Government Imposter Scams, Tableau Public, https://public.tableau.com/app/profile/federal.trade.commission/viz/GovernmentImposter/Infographic (last visited June 24, 2022).

Reports of government and business impersonation remain high. The consumer losses remain large, with, for government impersonation scams alone, a median loss of $1,322 and total losses of $103 million reported for government impersonation in the first quarter of 2022. If the trends from the first quarter of 2022 continue, the annual consumer loss reported just for government impersonation will again exceed $400 million. And these figures cover only those incidents that are reported to the Commission; plainly, the prevalence of government and business impersonation in reality is higher than what gets reported to the Commission.

See id.

It follows that, qualitatively, government and business impersonation cases have recently constituted and are likely to constitute in the future a meaningful share of Commission enforcement actions, and in many of those actions a rule against impersonation may prove to be the only or the most practicable means for achieving consumer redress. As such, the most significant anticipated benefit of a final rule is the ability to obtain monetary relief, especially consumer redress, as well as civil penalties. While such relief could also be obtained with an existing rule, such as the TSR, in many cases, by no means do all impersonation scams implicate an existing rule, and there is no reason to expect them all to do so in the future.

Impersonation scams overall, including those that are not covered by the proposed rule's scope of government and business impersonation, constitute 17.16% of all consumer complaints received in the Consumer Sentinel Network in 2021. See Fed. Trade Comm'n, Consumer Sentinel Network Data Book 2020, 6 (2022), https://www.ftc.gov/system/files/ftc_gov/pdf/CSN%20Annual%20Data%20Book%202021%20Final%20PDF.pdf.

The Commission has brought many impersonation cases in which no existing rule was violated or no relief under a rule was sought. See, e.g., Compl. at 12-13, FTC v. Modern Tech. Inc., No. 13-cv-8257 (N.D. Ill. filed Nov. 18, 2013) (only counts under Section 5); Compl. at 9-10, FTC v. Gerber Prods. Co., No. 2:14-cv-06771-SRC-CLW (D.N.J. filed Oct. 30, 2014) (only counts under Sections 5 and 12(a)); Compl. at 17-19, 22, FTC v. DOTAuthority.com, Inc., No. 16-cv-62186 (S.D. Fla. filed Sept. 13, 2016) (seeking relief only for counts under Section 5); Compl. at 8-9, FTC v. Moore, No. 5:18-cv-01960 (C.D. Cal. filed Sept. 13, 2018) (only counts under Section 5); Compl. at 21-22, FTC v. Forms Direct, Inc. ( Am. Immigr. Ctr.), No. 3:18-cv-06294 (N.D. Cal. filed Oct. 16, 2018) (only counts under Section 5); Am. Compl. at 8-9, FTC v. Starwood Consulting, LLC, No. 4:18-cv-02368 (S.D. Tex. filed Mar. 27, 2019) (only counts under Section 5 from FTC); Compl. at 8-9, FTC v. Ponte Invs., LLC, No. 1:20-cv-00177-JJM-PAS (D.R.I. filed Apr. 17, 2020) (only counts under Section 5).

To succeed at obtaining consumer redress without a rule violation, the Commission must first file a complaint alleging that the impersonator violated Section 5 and prevail in securing a cease-and-desist order. Then, to secure consumer redress for victims of the impersonator, the Commission must file follow-on litigation under Section 19, and without a rule this second litigation requires the Commission to allege and persuade a court in each case that the conduct at issue is “one which a reasonable man would have known under the circumstances was dishonest or fraudulent.” Although this standard is likely to be met in impersonation cases, having to do so in each case requires a greater expenditure of Commission resources than in cases with a rule violation, which do not require a second litigation or separate proof of knowledge that the conduct was dishonest or fraudulent.

15 U.S.C. 57b(a)(2). Depending on the egregiousness of the misconduct and the harm it is causing, the Commission also may seek preliminary injunctive relief in federal court. 15 U.S.C. 53(b).

Accordingly, without a rule, the Section 19 path often requires consumer victims to wait many years before the Commission can deliver redress to them, even six years or more. Although the Commission does not have extensive experience pursuing Section 19 cases without a rule violation, its limited experience supports a reasonable estimate that such litigation can take at least twice as long as litigation with a rule violation. Because of the prevalence of impersonation scams, the Commission will not have a shortage of bad actors to investigate, and it could invest the savings of enforcement resources from having a rule into investigating and, where the facts warrant, bringing enforcement actions in additional impersonation matters. In sum, the significant potential consumer-redress benefits of a rule are that the Commission could put a stop to more impersonation scams, return money to more victims, and win that redress more quickly.

See, e.g., Press Release, Fed. Trade Comm'n, Marketers of Ab Force Weight Loss Device Agree to Pay $7 Million for Consumer Redress (Jan. 14, 2009), https://www.ftc.gov/news-events/news/press-releases/2009/01/marketers-ab-force-weight-loss-device-agree-pay-7-million-consumer-redress (describing a 2009 settlement of a follow-on Section 19 action against Telebrands Corp. that was brought after litigation finally concluded of a 2003 administrative complaint alleging violations of Section 5—in this case, the Section 19 action settled instead of being litigated to judgment, which would have taken more time).

A secondary potential benefit is deterrence of impersonation scams. The potential deterrence from a rule should not be overstated; because impersonation scams are already clearly unlawful, deterrence would affect only bad actors who are comfortable breaking the law under the existing set of consequences but would opt not to break the law if potentially subject to civil penalties and swifter redress. Scholarship on deterrence suggests that the potential severity of consequences, such as high civil penalties, is less likely to influence behavior than the perceived likelihood of detection and punishment. Still, an eventual rule that makes it less likely that impersonators get to keep their ill-gotten gains and more likely that they have to pay civil penalties can have only helpful deterrence effects, whatever their magnitude. And the publicity around this rulemaking process and any eventual rule could have the salutary effect of complementing the Commission's consumer education work by elevating public awareness of these prevalent forms of fraud, which could increase how often they are detected and reported.

See, e.g., Aaron Chalfin & Justin McCrary, Criminal Deterrence: A Review of the Literature, 55 J. Econ. Lit. 5 (2017), https://doi.org/10.1257/jel.20141147 (reviewing twenty years of studies, albeit in criminal rather than civil context, and finding stronger evidence for deterrent effect of perceived risk of detection than for severity of punishment).

If a final rule succeeds in deterring unlawful behavior, another potential benefit is that businesses that are frequently impersonated may have to spend less money to monitor the market for impersonators of their brand. Several businesses filed comments indicating that monitoring for impersonation required significant expenditures of funds and personnel. Quantifying the savings those companies might achieve from deterrence of impersonation activity, however, would require substantial speculation. At the same time, the proposed rule is unlikely to impose costs on honest businesses, and no commenter suggested it would. Thus, even a marginal increase in deterrence is a likely benefit of the rule, although not its primary benefit.

See Microsoft Cmt.; Apple Cmt.

Some rough math may help illustrate these qualitatively described benefits: Between January 1, 2018, and June 30, 2022, Consumer Sentinel received 338,393 complaints regarding business or government impersonation scams that expressly reported the initial contact method used by the impersonator as being email, social media, online or pop-up advertisement, website, or mobile application. These complaints referenced aggregate consumer losses of $599,270,000. Because these initial contact methods typically are unlikely to be covered by the TSR or other rules, the Commission currently cannot redress such fraud other than by using its Section 19 authority. The Commission cannot predict the volume of future government and business impersonation scam complaints, their contact methods, or the losses those complaints will report, but if even a small percentage of similar complaints the Commission receives in the future are redressed or deterred by the proposed rule, the marginal effect from rule implementation (relative to not implementing the rule) would have had economically significant consequences. For example, assume that the annualized rate of consumer injury from government and business impersonation scams initiated through email, social media, online or pop-up advertisements, websites, or mobile applications over the past 4.5 years is $133,171,000 (or $599,270,000 divided by 4.5 years). If that annualized rate continues over the next 10 years, consumer losses over that period would be $1,331,710,000. Even a five per cent reduction in such losses through redress or deterrence would result in a benefit to consumers of over $66.5 million (without adjusting for inflation or discounting any of these figures).

This is a conservative estimate of the number of Consumer Sentinel complaints received over this period that reference such initial contact methods. Complaints referencing a sub-category of business complaints, related to “technical support” scams, are excluded because such complaints may also be reported under business impersonations and because many were submitted to Consumer Sentinel from the impersonated business with the initial contact method information omitted.

One potentially reasonable alternative to the proposed rule is to terminate the rulemaking and rely instead on the existing tools that the Commission currently possesses to combat government and business impersonation fraud, such as consumer education and enforcement actions brought under Sections 5 and 19 of the FTC Act. Termination of the rulemaking would offer the benefit of preserving some Commission resources that would be required to continue the rulemaking in the short term, but it would come at a significant cost. The cost that is most significant is the failure to strengthen the set of tools available in support of the Commission's enforcement program against impersonation fraud, depriving it of the benefits outlined above. The alternative of terminating the rulemaking would not sufficiently accomplish the Commission's objectives. The Commission seeks comment on this and other potentially reasonable alternatives.

B. Paperwork Reduction Act

In addition to the requirements of Section 22, the Commission must provide in any NPRM the “information required by the Regulatory Flexibility Act, 5 U.S.C. 601-612, and the Paperwork Reduction Act, 44 U.S.C. 3501-3520, if applicable.” 16 CFR 1.11(c)(4).

The Paperwork Reduction Act requires the Commission to engage in additional processes and analysis if it proposes to engage in a “collection of information” as part of the proposed rule. 44 U.S.C. 3506. The Commission states that the proposed rule contains no collection of information.

C. Regulatory Flexibility Act—Initial Regulatory Flexibility Analysis

The Regulatory Flexibility Act requires the Commission to prepare and make available for public comment an “initial regulatory flexibility analysis” (“IRFA”) in connection with any NPRM. 5 U.S.C. 603. An IRFA requires many of the same components as Section 22 of the FTC Act and the Paperwork Reduction Act, which the Commission incorporates into its IRFA. The IRFA must furthermore contain, among other things, “a description of and, where feasible, an estimate of the number of small entities to which the proposed rule will apply.” 5 U.S.C. 603(b)(3). This and other requirements do not apply, however, whenever “the agency certifies that the rule will not, if promulgated, have a significant economic impact on a substantial number of small entities.” 5 U.S.C. 605(b).

The Commission certifies that the proposed rule will not have a significant economic impact on a substantial number of honest, small entities, and this document serves as notice to the Small Business Administration of the Commission's certification. Because the impersonation of government and businesses is already prohibited by Section 5 of the FTC Act, the rule does not change the state of the law in terms of what is legal and what is illegal. Furthermore, the proposed rule would impose no recordkeeping requirement. The main changes arise for entities that are currently violating Section 5 but would, after its finalization, also be violating the rule: instead of being immune from civil penalties (at least for first offenses) and more capable of evading consumer redress, the violators could be ordered by a court to pay significant civil penalties and to provide full redress to their victims. This change could constitute a significant economic impact for law violators, but it will not affect a substantial number of small entities. The Commission believes that the vast majority of small entities do not impersonate government or other businesses. Furthermore, the Commission does not consider those small entities that are violating existing law to be among those Congress protected in enacting the additional procedural protections for small entities when agencies consider rulemaking.

V. Request for Comments

Members of the public are invited to comment on any issues or concerns they believe are relevant or appropriate to the Commission's consideration of the proposed rule. The Commission requests that factual data on which the comments are based be submitted with the comments. In addition to the issues raised above, the Commission solicits public comment on the specific questions identified below. These questions are designed to assist the public and should not be construed as a limitation on the issues on which public comment may be submitted.

Questions

(1) Should the Commission finalize the proposed rule as a final rule? Why or why not? How, if at all, should the Commission change the proposed rule in promulgating a final rule?

(2) Please provide comment, including relevant data, statistics, consumer complaint information, or any other evidence, on each different provision of the proposed rule. Regarding each provision, please include answers to the following questions:

(a) How prevalent is the act or practice the provision seeks to address?

(b) What is the provision's impact (including any benefits and costs), if any, on consumers, governments, and businesses, both those existing and those yet to be started?

(c) What alternative proposals should the Commission consider?

(3) Does the proposed rule contain a collection of information?

(4) Would the proposed rule, if promulgated, have a significant economic impact on a substantial number of small entities? If so, how could it be modified to avoid a significant economic impact on a substantial number of small entities?

(5) The proposed rule contains a one-sentence prohibition against impersonation of government in § 461.2 and another against impersonation of businesses in § 461.3. Are these prohibitions clear and understandable? Are they ambiguous in any way? How if at all should they be improved?

(6) The proposed rule, in § 461.4, prohibits providing the means and instrumentalities to commit violations of § 461.2 or § 461.3. Should any final rule contain this prohibition against providing the means and instrumentalities for violations of the prohibitions against government or business impersonation? Why or why not?

(7) The proposed rule, in § 461.1, defines “business” to include non-profit organizations. Should any final rule keep the prohibition against impersonating non-profit organizations? Why or why not?

(8) Should the proposed rule be expanded to address the impersonation of individuals or entities other than governments and businesses in interstate commerce? For example, should the proposed rule be expanded to prohibit impersonation of individuals for the purpose of seeking monetary payment or contribution, such as in romance or grandparent impersonation scams? In your answer to this question, please provide the following information:

Cf. ANPR, 86 FR 72901; see also, Emma Fletcher, Reports of romance scams hit record highs in 2021, FTC Data Spotlight (Feb. 10, 2022), https://www.ftc.gov/news-events/data-visualizations/data-spotlight/2022/02/reports-romance-scams-hit-record-highs-2021.

(a) How prevalent is the act or practice?

(b) What would be the impact, including benefits and costs, of including individual impersonation in the proposed rule on consumers, governments, and businesses?

(c) What alternative proposals should the Commission consider?

VI. Comment Submissions

You can file a comment online or on paper. For the Commission to consider your comment, we must receive it on or before December 16, 2022. Write “Impersonation NPRM, R207000” on your comment. Your comment—including your name and your state—will be placed on the public record of this proceeding, including, to the extent practicable, on the website https://www.regulations.gov.

Because of the public health emergency in response to the COVID-19 outbreak and the agency's heightened security screening, postal mail addressed to the Commission will be subject to delay. We strongly encourage you to submit your comments online through the https://www.regulations.gov website. To ensure that the Commission considers your online comment, please follow the instructions on the web-based form.

If you file your comment on paper, write “Impersonation NPRM, R207000” on your comment and on the envelope, and mail your comment to the following address: Federal Trade Commission, Office of the Secretary, 600 Pennsylvania Avenue NW, Suite CC-5610 (Annex B), Washington, DC 20580.

Because your comment will be placed on the public record, you are solely responsible for making sure that your comment does not include any sensitive or confidential information. In particular, your comment should not contain sensitive personal information, such as your or anyone else's Social Security number; date of birth; driver's license number or other state identification number or foreign country equivalent; passport number; financial account number; or credit or debit card number. You are also solely responsible for making sure your comment does not include any sensitive health information, such as medical records or other individually identifiable health information. In addition, your comment should not include any “[t]rade secret or any commercial or financial information which . . . is privileged or confidential”—as provided in Section 6(f) of the FTC Act, 15 U.S.C. 46(f), and FTC Rule § 4.10(a)(2), 16 CFR 4.10(a)(2)—including, in particular, competitively sensitive information such as costs, sales statistics, inventories, formulas, patterns, devices, manufacturing processes, or customer names.

Comments containing material for which confidential treatment is requested must be filed in paper form, must be clearly labeled “Confidential,” and must comply with FTC Rule 4.9(c), 16 CFR 4.9(c). In particular, the written request for confidential treatment that accompanies the comment must include the factual and legal basis for the request and must identify the specific portions of the comment to be withheld from the public record. See FTC Rule 4.9(c). Your comment will be kept confidential only if the General Counsel grants your request in accordance with the law and the public interest. Once your comment has been posted publicly at https://www.regulations.gov —as legally required by FTC Rule 4.9(b), 16 CFR 4.9(b)—we cannot redact or remove your comment, unless you submit a confidentiality request that meets the requirements for such treatment under FTC Rule 4.9(c), and the General Counsel grants that request.

Visit the FTC website to read this document and the news release describing it. The FTC Act and other laws that the Commission administers permit the collection of public comments to consider and use in this proceeding as appropriate. The Commission will consider all timely and responsive public comments it receives on or before December 16, 2022. For information on the Commission's privacy policy, including routine uses permitted by the Privacy Act, see https://www.ftc.gov/siteinformation/privacypolicy.

VII. Communications by Outside Parties to the Commissioners or Their Advisors

Under Commission Rule 1.18(c)(1), 16 CFR 1.18(c)(1), the Commission has determined that communications with respect to the merits of this proceeding from any outside party to any Commissioner or Commissioner advisor will be subject to the following treatment: written communications and summaries or transcripts of all oral communications must be placed on the rulemaking record. Unless the outside party making an oral communication is a member of Congress, communications received after the close of the public-comment period are permitted only if advance notice is published in the Weekly Calendar and Notice of “Sunshine” Meetings.

List of Subjects in 16 CFR Part 461

  • Consumer protection
  • Impersonation
  • Trade Practices

For the reasons stated above, the Federal Trade Commission proposes to amend 16 CFR chapter I by adding part 461 to read as follows:

PART 461—RULE ON IMPERSONATION OF GOVERNMENT AND BUSINESSES

Sec.
461.1
Definitions.
461.2
Impersonation of government prohibited.
461.3
Impersonation of businesses prohibited.
461.4
Means and instrumentalities prohibited.

Authority: 15 U.S.C. 41-58.

§ 461.1
Definitions.

As used in this part:

Business means a corporation, partnership, association, or any other entity that provides goods or services, including not-for-profit entities.

Government includes Federal, State, local, and tribal governments as well as agencies and departments thereof.

Officer includes executives, officials, employees, and agents.

§ 461.2
Impersonation of government prohibited.

It is unlawful to falsely pose as or to misrepresent, directly or by implication, affiliation with, including endorsement or sponsorship by, a government entity or officer thereof.

§ 461.3
Impersonation of businesses prohibited.

It is unlawful to falsely pose as or to misrepresent, directly or by implication, affiliation with, including endorsement or sponsorship by, a business or officer thereof.

§ 461.4
Means and instrumentalities prohibited.

It is unlawful to provide the means and instrumentalities for a violation of § 461.2 or § 461.3.

By direction of the Commission.

April J. Tabor,

Secretary.

[FR Doc. 2022-21289 Filed 10-14-22; 8:45 am]

BILLING CODE 6750-01-P