Spies and Robocallers Are Trying to Reach You
Let’s start with a disclaimer. This month’s blog is not about the National Security Agency tapping your cell phone or about the movie “Robocop.” Instead, it is about two types of devilishly annoying and illegal business practices by private companies and individuals who are trying to get into your personal space.
Aaron’s Rent-To-Own is a national retailer based in Georgia. It operates through more than 1,300 corporate and nearly 750 franchise stores located in the U.S. and Canada. Aaron’s offers consumer electronics, residential furniture, and household appliances to customers on a “rent-to-own” (“RTO”) basis in which customers rent with an option to purchase.
In 2013 the Federal Trade Commission (“FTC”) brought a case against Aaron’s, alleging that beginning at least in 2010 and continuing throughout 2011, Aaron’s knowingly played a direct role in the use by many of its franchisees of software known as “PC Rental Agent.” Although the software was not used in Aaron’s own corporate stores, franchisees secretly installed the software on computers they rented to consumers. The software monitored people in their homes without their knowledge or permission. When activated, it tracked the customers’ locations, captured images of adults, including images of their intimate activities, and minor children through the computers’ webcams, and activated key loggers that captured login credentials and passwords for email accounts, financial sites, and social media. Screenshots captured medical information, applications containing Social Security numbers, and bank and credit card statements. In addition, the software presented deceptive registration screens that were used to get users to provide personal information. The FTC asserted that the evidence would show that the franchisees could not have used the software without the knowledge, assistance, and active support of Aaron’s, including the use of company-provided, Aaron’s.com email addresses, Aaron’s server space, and trouble-shooting advice Aaron’s provided relating to the installation of the software on rental computers.
Aaron’s entered into a settlement in 2013, in which it agreed not to use monitoring technology that captures screenshots or keystrokes or activates the camera or microphone on a customer’s computer without the customer’s permission. An exception allowed Aaron’s to obtain permission to provide technical support that the customer requests, but Aaron’s must notify customers at the time the tracking technology is activated. It was required to destroy any data obtained improperly and is prohibited from using any information it received in violation of these provisions. Finally, it must conduct annual monitoring of its franchisees, hold them to the same requirements that apply to Aaron’s, and end its relationship with any franchisee that violates the requirements. The order will remain in effect for twenty years, with certain exceptions.
A year before the Aaron’s case was filed the FTC filed cases against the developer of the software and several rent-to-own stores, including Aaron’s franchisees.
Let’s start with a definition. A robocall is a commercial, pre-recorded telephone call. Unless it is made for a charity, a political campaign or a few other specifically permitted uses, it is an unwanted telemarketing invasion of your space. These calls are disruptive, wasteful of your time, and extremely annoying. They also are illegal. Having said that, it is quite evident that they are on the increase and that thus far the efforts to stop them have had only a minimal effect. In the interest of full disclosure, I received at least two robocalls while I was preparing this blog.
More than ten years ago Congress passed a law authorizing a national Do Not Call registry. The national list is administered by the FTC in cooperation with the Federal Communications Commission. If you are not already registered, you can list both your home and cell phone numbers at www.donotcall.gov. If you want to register by telephone, you can call 1-888-382-1222 1-888-382-1222 or, for TTY, call 1-866-290-4236 1-866-290-4236. You must call from the phone number you wish to register.
The Do Not Call registry does not prevent all unwanted calls. The following categories of calls are permitted:
- calls from organizations with which you have established a business relationship, (but if you can ask them not to call, relief may be available);
- calls for which you have given prior written permission;
- calls which are not commercial or do not include unsolicited advertisements;
- calls by or on behalf of tax-exempt non-profit organizations;
- calls from political organizations;
- calls for the sole purpose of taking a survey;
- calls from debt collectors, but beware of debt collection scams;
- some calls from banks, pharmacies, certain health care providers, airlines, and other businesses that provide purely information to you, such as cancelled flights, reminders about appointments, prescription refill notices, and the like.
Telemarketers and sellers are required to search the registry at least once every 31 days and drop from their call lists the phone numbers of consumers who have registered. In addition, the rules provide:
- telephone solicitation calls to your home before 8 am or after 9 pm are prohibited; and
- anyone making a telephone solicitation call to your home must provide his or her name, the name of the entity on whose behalf the call is being made, and a telephone number or address at which you may contact that person or entity.
A number of states have their own Do Not Call Programs. Since August of 2000 the Tennessee Regulatory Authority has enforced Tennessee’s Do Not Call Program. To enroll you can register at www.tn.gov/tra/donotcall/dnccitizenregistrationform.html, or you can call 1-877-TRA-7030 1-877-TRA-7030 from your home phone. There is also a Tennessee Do Not Fax program.
The federal and state Do Not Call and Do Not Fax programs have had some effect on reducing the volume of unwanted telephone calls. In July of 2013 an FTC official told a Senate Committee that more than 221 million telephone numbers were included on the national Do Not Call Registry and that the Registry has protected consumers from receiving unwanted calls from tens of thousands of legitimate telemarketers each year.
The catch is that these programs only work when telemarketers follow the rules or when they are caught in violation. Two weeks before the July 2013 Congressional testimony the FTC announced that it had obtained the largest civil penalty ever for violations of the Registry. Mortgage Investors Corporation, one of the major refinancers of veterans’ home loans, agreed to pay $7.5 million for calling numbers that were on the Registry. At that time it was the 105th Do Not Call action brought by the FTC since 2004. In those actions the FTC had received court orders totaling more than $741 million in restitution or disgorgement and had obtained $126 million in civil penalties.
While the enforcement authorities have been vigilant, there are a large number of people and telemarketing companies who simply do not care that their calls violate the law and the rules. Among the worst of these offenders are robocallers.
Rachel from Cardholder Services
Has this ever happened to you? You are eating dinner when your telephone rings. Despite your better judgment, you answer and you hear a recorded voice that says, “Hello. This is Rachel from Cardholder Services” with an “important message” about your eligibility to reduce your high credit card interest rates. You are urged to “press 1” to speak to a “live representative” or “press 2” to stop further calls.
If you press “1,” you get a telemarketing representative who tries to convince you that Cardholder Services wants to help you get your credit card interest rates reduced to a low interest rate or even a zero interest rate. The representative may name several major banks and credit card issuers, such as Visa and MasterCard, and claim that Cardholder Services has a relationship with them. You will be encouraged to give the representative your personal and financial information for an “audit,” purportedly to see if you qualify. The FTC says the “audit” typically is used instead to see if the consumers have enough available credit on their credit cards to pay the telemarketing company’s fee. If you are “approved,” the representative then will ask for an up-front fee, which can range from several hundred dollars to more than $3,000, sometimes promising that that there is no risk involved and that the fee is refundable. Suffice it to say, people are unlikely to ever see a refund.
After people pay the fee, the FTC says that the telemarketing company does little or nothing that brings about lower credit card interest rates. It may set up a three-way call with the consumer’s credit card issuer and ask for a rate reduction, a step the consumer could do on his or her own without the company. The almost certain response from credit card companies is to deny the request. In other instances the telemarketing company may apply in the consumer’s name for a low or no interest credit card, which is unlikely to help the consumer even if the card is issued, because the credit limits on the new cards are low and the interest rates typically go up after a few months or a year.
The first and best advice for dealing with “Rachel” is to hang up. Do not push any buttons and do not talk to the representative. If you push “1,” you expose yourself to the scam. If you push “2,” instead of getting off the call list, you confirm that there is a person at the number called. By doing that you are likely to get even more telemarketing calls.
This type of robocall is illegal if you are registered on the Do Not Call Registry, but it is also illegal even if your telephone number is not registered, because it violates the FTC’s Telemarketing Sales Rule. The sales practices used in the “Rachel” pitch are further and separate violations.
How common are these practices? The FTC gets more than 200,000 complaints each month about these telemarketing robocalls. While it is hard to get a precise number, it was estimated that the FTC received more than 2,000,000 complaints last year about robocalls, and that the most frequent complaints were about “Rachel.” During his term in office former FTC Chairman Jon Leibowitz said, “At the FTC, Rachel from Cardholder Services is public enemy number one…. We’re cracking down on illegal robocalls by bringing law enforcement actions and pursuing technical solutions to the problem.”
In mid 2013 the FTC settled a case against a group of defendants associated with the A+ Financial Center, who were charged as part of an enforcement sweep against five companies that made millions of illegal pre-recorded robocalls claiming to be from “Rachel” and “Cardholder Services.” The FTC charged the companies and individuals with misleading consumers, calling telephone numbers on the Do Not Call Registry, illegally collecting up-front fees, and making illegal robocalls. The settling defendants were banned from making robocalls, continuing to offer debt relief services, misrepresenting their financial products and services, misrepresenting their relationship with any bank, credit card issuer, credit reporting agency, lender, or government entity, and calling numbers on the Do Not Call Registry. The A+ defendants were prohibited from collecting or trying to collect money from any consumer who had bought their service. Finally, the settlement imposed a judgment of $9,238,155, which would be suspended after the defendants transferred all of their assets (except $25,000), including a 2007 Mercedes Benz CL, a 1999 boat valued at approximately $17,000, and a 2002 boat worth about $45,000.
Unfortunately, it is a long, difficult process to make any impact on this form of abuse. Enforcement alone will not solve the problem, so the FTC got creative. It hosted a public meeting on the issue and asked for input from experts including technologists, industry, policymakers, and other stakeholders. At the meeting experts described how new technologies made robocalls extremely inexpensive and made it easier for the telemarketers to hide their identities, a process called “spoofing” which uses telephone and internet technology to disguise the location and identity of the caller. Telemarketers like the Rachel companies usually operate from telephone boiler rooms. “Dialing companies” place the robocalls for the telemarketers and then transfer the calls to them. An FTC official said that in 18 months one company the FTC sued had made 2.6 billion illegal robocalls. The cost of each call is very little. As I was researching this blog, I found an advertisement from a company offering robocall services that offered to make calls from prices that started at $0.03 a call and went to $0.02 for volumes of 2.5 million to 3.5 million calls. Recognizing that there are legitimate uses for robocalls under the law, it still struck me as ironic that the ad was on the same webpage as an article about the FTC actions against illegal robocallers.
At the end of the public meeting, the FTC took an unprecedented and innovative step when it announced its first-ever public contest, the “Robocall Challenge,” in which it offered a $50,000 prize for the individual or small team that could propose a workable technical solution to help consumers block robocalls. The FTC received 798 eligible submissions. On April 2, 2013, the FTC announced three winning solutions. Aaron Foss won the Robocall Challenge with a program known as Nomorobo. The winning contestants and others were encouraged to further develop their ideas and introduce them to the marketplace.
The FTC has also used innovative law enforcement techniques. One example is the creation of a telephone “honeypot” that receives incoming robocalls. The information it gathers helps the agency act on the problem as quickly as possible.
So, how effective is all this? At this point, the impact on the scofflaw callers is not stopping them. The “Rachel” scheme was not one company. Many separate operators use it. They download the basic robocall message and hire people to run the marketing. They are shielded by their separation from the hands-on work. It is hard to find them, but the FTC and the State Attorneys-General are on the trail.
P.S. These scammers are very much in your face operators. A couple of years ago the FTC warned the public that robocallers were impersonating the FTC and trying to trick consumers into disclosing their bank account information. The robocalls were directing consumers to a web site, www.ftcrefund.com , trying to make consumers think they could get a refund from the FTC by filling out a form on the website. For official information about the FTC’s refund process, the FTC advised consumers to visit Getting Your Money Back: Consumer Refunds
Join the AARP Fraud Watch Network and receive watch dog alerts about current fraud schemes and scams.
Alan Marx is a volunteer blogger for AARP in Tennessee.