Well, thanks for having me, Derek. Looking forward to kicking some of these issues around involving the FTC compliance and online businesses.

Well, the take is you’re right. There is a lot of news, relative to what’s happened in the fairly recent past, but before we get into that, which is obviously very, I think, important, let’s just take a minute to understand exactly what the FTC is. What do they do? What are they about? Why are they there? Why do we even need to think about them and have this call about FTC compliance, right?

Here’s the question that your listeners need to answer, and I’m guessing that most of them will answer “yes” to that, if they’re involved … To the question, if they’re involved in an online business.

The question is this. Do you sell products or services to consumers who are located in the United States? Or, if you’re not selling to them, do you simply collect information from them, such as a squeeze page where you collect typically a first name and an email address? Are you selling or collecting information to consumers? That would include anyone who has a home based business, because the FTC views them as consumers, right?

If you’re selling to consumers located in the US, then you are subject to the jurisdiction of the Federal Trade Commission, and their efforts to protect consumers from deceptive marketing practices. A very important point to be made is that it doesn’t matter where you’re located, where the seller is located. You can be in Vancouver, you can be in Europe, you can be anywhere, and FTC compliance is necessary.

As long as you’re selling into the US to consumers, then the FTC has jurisdiction.

That’s an important fact to understand, as a beginning point when discussing FTC compliance. Then, to your question, yes, there has been a big upswing in new regulations and also aggressive enforcement of pre-existing and new regulations.

The key year, the key date to remember is 2009, because prior to that time, there wasn’t a lot of regulation and enforcement. The primary idea was that industry self regulation would take care of things with their own privacy policies and website policies, and we didn’t want to over regulate the internet because it might harm the entrepreneurial nature of it, right? Well, in 2009, the Federal Trade Commission decided that that approach was not working.

I mean, to their satisfaction. In fact, as I think you mentioned, prior to ’09, a lot of people regarded it as the Wild Wild West. In ’09, everything changed, it’ll never be the same.

We see a huge upswing in new regulations and of course, the FTC follows the development of technology, particularly the predominance of social media and mobile devices. They discover all sorts of things happening that they don’t like, consumers are scammed, and so they jump in and try to figure out a way to regulate. They’re chasing along behind the technology development, and what marketers are doing.

Beginning in ’09, we’ve had this, what I call a “tsunami” of new laws and regulations, and then more recently, probably around the 2014 time frame, there was a different focus where the FTC started drilling down to the smaller online businesses.

Prior to that time, they were going after Google and Facebook, and Twitter, and the bigger guys for FTC compliance issues. Those are the basic trends.

You know, I really don’t know. They have a number of regional offices. Their main office, of course, is in Washington DC. The Federal Trade building. They’ve got a standalone building there, and they have a number of offices.

I lived in Atlanta for 30 years and there’s a regional office there. I’m guessing there’s probably 5 or 6 regional offices, just the way you see … The Securities and Exchange Commission has regional offices, but I don’t really know. That’s a good question. I’ll just have to look it up after the call, but I don’t know how many staff lawyers they have. I know this. They claim that they’re understaffed.

I remember, I guess it was 3 years ago, after a legal conference that I attend every year to keep up with all the changes in FTC compliance, one of the speakers was Peter Miller, who at that time was the chief of the privacy division of the Federal Trade Commission.

He had just given a presentation to this group of probably 300 attorneys who all practiced in the internet area, and so I followed him out into the area outside the speaking room and asked him a bunch of questions about FTC compliance and he said, “Gosh, we’re swamped. We’re underfunded, and overworked.”

That’s the typical bureaucrats … “Nobody loves us. We’re underfunded, and overworked.” At that time, I might mention, though, I said, “You’re the privacy guy.” Now, he’s not there anymore. He left and he’s in private practice, I think with a big firm in Washington DC, but I said, “What is your biggest concern right now?”

I was expecting him to say something about privacy policies and FTC compliance. Privacy policies are too complicated, blah, blah, blah. Whatever. He shocked me when he started saying the biggest FTC compliance concern at that time, this was what? 2014, is affiliates.

He said they go crazy. “They’re compensated only based on conversions, and they have no discipline. They’re over the top. They say anything, and we’ve got to find a way to regulate them,” and they’ve done that. I’ll tell you about that a little bit later if you’re interested about how they’re going about doing it.

Both. Great questions. Here’s what happened. Obviously the Federal Trade Commission doesn’t have specific statutory guidance and regulations. They’ve got principles involved in the Federal Trade Commission Act.

They’ve established precedent about what a deceptive marketing practice is, and certain general principles, and then they have to apply these to very specific situations and win cases to get precedent to then go after other people, so they have to slowly build their precedents by applying preexisting principles to new things, like marketing on social media, for example, or affiliate marketing.

That sort of thing, but getting closer to your point, obviously at the time I spoke to Peter Miller in 2014, they were pulling their hair out with what was happening at the lowest level of this chain of distribution involving affiliates, which are the affiliates themselves.

They were suing them, but it was not satisfactory in terms of how do you regulate affiliate marketing overall? You can chase these little guys around for FTC compliance issues, some of them aren’t so little, and you can nail some of them, but there’s just a lot going on.

The only way that they can regulate is to regulate throughout the chain, and when I say the “chain,” I mean affiliate platforms at the very top of the chain. Online platforms that bring merchants and affiliates together, and I’m not going to name them, but you probably know 2 or 3 that are fairly well known that bring affiliates and merchants together.

There are certain FTC compliance responsibilities now based on a case that was decided only last year, that the affiliate platform can be liable for the affiliates that work in the platform.

Then, down the line or the chain is the affiliate manager, or the merchant, whoever’s managing these affiliates. This party is also responsible for FTC compliance monitoring for what his or her affiliates are doing, and if they are out of line, they need to be told what to do, or if they won’t get in line with FTC compliance, they need to be terminated.

They’re looking for management from the top down to solve the problem, and if they can force that on the affiliate marketing community, then they can affect what they believe to be fair regulation. But the problem is, they’ve got to get the message out throughout the chain that behavior has to change.

Affiliate managers have to monitor their affiliates for FTC compliance, they have to discipline them, and the same goes for the platforms.

Right now, very few managers know this, and very few, if any, platforms know it, because I talk to these guys. I talked to one just the other day and I said, “Look, what I’m telling you now, 3 or 4 years ago was a best practice. It was a best practice to monitor your affiliates.”

The guy sort of laughed. “You’re kidding me?” I said, “Okay, it was a best practice 3 or 4 years ago. Now, it’s a legal requirement. You probably don’t know it, but it is.”

It’s all happened in the last 2 or 3 years where the FTC has chipped away, and now has the legal precedent to bring these lawsuits. There’s an FTC compliance education problem here, that a lot of players need to understand that the game has changed.

Yeah. They have a website, and they issue statements. They have all sorts of things that they believe are intended and rightfully intended to educate the public, but we all know that it’s not adequate. It’s just not.

One of the things they do is they discover what they think is a potential FTC compliance issue or set of issues, and they hold conferences and they invite industry people in to discuss what possible regulation might be reasonable and what might be unreasonable, and then they sit around and figure out what they think they want to do, and then they issue a report.

This happened very recently in the area of lead generation. It happened a few years ago in the area of native ads. Then, not long after that you start having a report issued about exactly what the rules are in native ads, but it all started with an industry conference where industry leaders came in and could make their case about what was reasonable or not, and then based on that information, they made decisions.

It also is now in process in the area of big data and re-targeted ads. There’ve been a couple of reports on that, and so we can look forward to some pretty serious FTC compliance regulation, I believe, coming down at the top of the chain which are data brokers up there.

They’re basically unregulated now, and one of the concerns of the Federal Trade Commission is that very few people understand that data brokers even exist. In fact, there’s hardly anybody at the consumer level who’s ever heard of them when I talk to them, in fact.

I’ve written a book about it, and I was speaking to a group about 2 weeks ago when I described what the data brokers do, and how they use data mining to create inferences and target people and sell these inferences to marketers for re-targeted ads purposes, they were shocked that their data is being bought and sold at that level.

The FTC is now working its way. It had a conference, it’s issued a couple of reports, and the next year or 2, there’s going to be some pretty serious FTC compliance regulation coming down, so that’s how it happens.

But to your point, and your question, all of it’s going to be published on the FTC website. They do issue press releases when these reports come out. You can download them, they’re PDF files.

It also trickles down into the trade press. You go online and there are people that follow advertising, particularly FTC compliance developments, and they’ll write an article about something new that’s come down, but in the final analysis, it still takes time for it to really trickle down.

The problem is there are a lot of players who don’t get the word, or still think it’s the Wild Wild West, or don’t want to know.

They’re the ones who are most at risk, because the FTC, once they decide to start bringing cases, they’re relentless about it. If you don’t know what you don’t know, or don’t want to know, you’re setting yourself up for a potential claim.

Well, sometimes they actually bring FTC compliance cases against a group of offenders. They’ve done it in the weight loss area, they’ve done it in biz ops and work at home offers, but you’re right.

I mean, they are just not staffed up to the point to be consistent in their FTC compliance enforcement, but sooner or later, they may get you, and I guess one of the big points to be made here is you’re basically right. It’s like a lottery.

What are the chances that they’re going to sue you? I would say not really good, but then, it happens, right? When it does, the consequences are so horrible. I mean, it’s not like a normal civil action lawsuit that you might generally be familiar with.

I mean, if you’re in the business, you’re always subject to maybe a competitor suing you or a former employee, or something like that. The plaintiff, one of the general rules is that the plaintiff has the burden to prove this claim, and if the plaintiff is suing you and you’re operating in an entity such as an LLC or a corporation, then generally speaking, the plaintiff, they carry the burden of proof, can only go to the assets in the entity.

They cannot pierce that entity easily. It’s possible, but very difficult to pierce it, and to go after your home and your bank accounts, and your car and all of that stuff.

Another thing is, there have been some cases recently where the defendants, there’s 1 in particular, a principal of a company called “Commerce Planet,” involved in a membership site with a continuity billing plan.

The FTC, when they file a lawsuit like this, they make an unnegotiable demand, and one of his partners I think took … I think it was almost a couple of hundred thousand dollars, but this other guy said, “I’m going to fight it,” and he lost.

Now, he’s hung with an 18.2 million dollar judgement that goes to all of his personal assets, everything. He finally decides, “Well, there’s no way to get out from under this, so I’m going to declare bankruptcy and discharge it all and start over.”

Last year, the court ruled that he couldn’t discharge it in bankruptcy, because it’s essentially a fraud claim, and you cannot discharge fraud claims. It’s going to hang around him for a long time. Here’s the deal. If a lot of people do a lot of bad things, and they haven’t been sued yet, that doesn’t mean they’re not going to get sued.

You don’t know, and again, it’s probably not likely to happen soon. It could, but if it happens, it’s terrible. It ruins your life. I mean, you cannot … It’s personal liability. Because it’s so bad and so onerous, the reasonable and rational thing to do is to make an effort at FTC compliance.

Everything they’ve got, and we do webinars at FTC Guardian, and one of the things I say, towards the end I say, “Look, guys. You can agree to assume certain risks. You’re intelligent people, and people have different tolerance for risk.”

The example I use is, let’s say you’re going on Spring Break and you’re riding down the expressway, and you’re headed to your destination, and you make a decision that the speed limit is 70, but you’re going to set cruise control at 80. You know that you might get a speeding ticket, but you’ve decided that if you do, it’s going to cost you probably a couple of hundred bucks, but it’s not going to ruin your vacation, and you may have to pay a little more in your car insurance, but it’s no big deal, and it’s certainly not life changing.

You’ve made the decision to take the risk. That’s just a risk, but the consequences of an FTC compliance claim are so incredibly horrible. I mean, you’re basically put down. You need to consider compliance, basically.

That’s right. In the final order, which is in most cases, done by agreement, by settlement, or even if it’s contested, the final order of the court usually has fines that are very, very hefty.

They also have an injunction enjoining you from ever doing the things that they complained of in the original complaint that was the lawsuit.

Then, the third one, and a lot of people have no idea what this one’s all about. They impose on you what is known as “FTC compliance reporting.” The time span in the last few years, Frank Kern was nailed back in the Wild Wild West, 2001, and I think they only imposed 5 years of FTC compliance reporting on him.

But now, since we’ve gotten into this new era, since ’09, it’s 10 to 20 years. People say, “Well, wait. What’s involved in that?” I say, “It’s like you get audited by the Internal Revenue Service in the United States every year for 20 years.”

Come on. I mean, it’s so bad. It’s so terrible. When you look at the horrible consequences, even though it might not happen to you, FTC compliance is really the way to go.

Well, list building, generally speaking, involves a squeeze page or squeeze pages where you’re giving away something for a name and an email address to build a list.

There is a privacy issue, and the reason there’s a privacy issue is that whenever you collect a single element of personal information, then you’re required to have a privacy policy. That means, simply an email address or a name, or both, which is typically what you do on a squeeze page. That triggers the FTC compliance obligation for a privacy policy.

Now, there are some other requirements for website policies that don’t fall within that little logical sequence.

For example, if you’re involved in re-targeted ads, there’s some other disclosures that the Federal Trade Commission requires, in addition to the major platforms like Google and Facebook. They have their own requirements, and if you don’t follow them and don’t have your privacy policy up to speed, they can ban you. All that sort of stuff.

You see the whole chain? You collect the personal information, you’ve got to have a privacy policy, but if you don’t keep your promises in the privacy policy, you can get sued, right?

That’s important. Here is a tip that I see violated a lot, and it sort of goes back to a tradition that started back in the Wild Wild West days, and that is at the very bottom of a squeeze page where the person is putting in their first name and their email address, and there’s a submit button, right under that submit button is usually, “We respect your privacy. We will never sell or rent your” … “We will never sell your information.”

Well, that’s not really true … I mean, you certainly share it with joint venture partners. I mean, if you sell your online business, you’re going to sell it, right?

There have been cases where businesses were not allowed to be sold because of statements like this. You should never say, “We’re going to never sell your information.” It sounds good below the submit button.

What you should do is simply put a link to your privacy policy and let it speak for itself. Don’t get out on the limb and say, “We’re not going to ever sell your information,” because it can really come back to haunt you. There are all sorts of ways you could end up selling.

That’s one FTC compliance example. Then, of course, once you’ve built the list, then you use email to a certain extent, and the Can Spam law in the US is fairly easy to comply with, and if you use any of the major platforms, they comply for you.

They have the unsubscribe and all of that, but in Canada, the Canadian AS Spam Laws, CASL, has some requirements for affirmative consent to be on the list, which is not the case with the US approach.

The US approach is you can opt out by unsubscribing. In Canada, you’ve got to, even to be on the list, you’ve got to give consent, so that’s a whole different approach, and it’s going to get some US marketers in trouble. One thing US marketers need to do is to separate out people from Canada, and either comply with CASL or don’t send them email.

I think most double opt ins would comply, probably with their affirmative consent.

So yeah. That’s a tough one compared to US. US FTC compliance is easy. You can send the email as long as there are certain rules followed and there’s an unsubscribe link. You’ve got that, and then you’ve got … Well, I’m not even going to get into text and telephone. That’s a separate issue.

Of course, once you start marketing with that email list, then you get into advertising because you’re making claims about a product or service that are hopefully going to lead people to taking you up on a call to action. That’s what it’s all about, isn’t it? Is the claim deceptive? That’s another FTC compliance issue.

That’s the whole, a real quick summary of what we’re talking about from the very beginning of the process of collecting and building names and email addresses, and building lists to actually using the list in an outbound marketing campaign.

I think we probably covered enough on list building at this juncture. What else do you …

If you are the affiliate, you are regarded as an endorser by the Federal Trade Commission. You are basically pitching things to the public. Then, you have an obligation to disclose what the FTC says is a quote, “material relationship with the merchant that you represent.”

The idea is that if the merchant is paying you an affiliate commission, or even if you’re not being paid, if you’re a blogger who does reviews, and you’ve gotten a free iPad, or a free iPhone to review and say nice things about, then you need to disclose it.

The idea is that if you are a consumer, you would probably want to know if an endorser might have been influenced by payment, or receiving some sort of benefit. That has to be disclosed, and there’s really no magic disclaimer that … It can be pretty simple, and if you read the FTC compliance rules, I mean, it’s basically, you can just, “Apple gave me a free iPad to review.” Pretty simple, right? Or, just the words, “Compensated affiliate.”

Yeah. I mean, obviously it doesn’t hurt to have this notice at the bottom of every page, and at the bottom of every email you send out that’s promoting something if you’re an affiliate, but the FTC wants you to be very careful about being conspicuous so that a consumer doesn’t have to hunt for this disclaimer.

The concept that I think they want, and that I see, is that if you look at native ads, and I read articles a lot online, and the middle of an article, there’ll be an ad. A little video, or something, and it always says, “Advertisement,” or, “Sponsored Ad.” See what I’m saying?

Just 1 or 2 words that make it very, very clear that this is not content. You’re reading an article which is supposed to be content, and now you’re seeing in the middle of it, or every other paragraph you see an ad but it says, “Sponsored ad. Advertisement, sponsored content,” and so it’s right there on top of that ad is where you see it, right?

In many cases, like on BuzzFeed, it’s hard to spot their ads in their feed sometimes. They’ve got this, I think a little yellow thing that says “Ad.” I think it might need to be a little larger in some cases, but it’s there. All you have to do is just puts the words “compensated affiliate,” because the word “compensated” is pretty much enough.

The person’s eye can see it. “Okay, the guy’s been paid.” Compensated affiliate right next to the promotional piece, is probably going to be what they require for FTC compliance, and if you’re trying to get away with just putting the general notice at the bottom of the page and they see that, they may go find the guy who doesn’t have any notice and sue him, but it’s not what they want.

They want to see it very closely related in terms of spacing to the actual endorsement.

There’s sort of some traditional areas of FTC compliance. One of the hottest areas in the last few years has been membership or subscription sites that have a continuity billing plan which is a plan usually charged on a monthly basis until the customer opts out.

If you really want to make a lot of money, and violate the statute, what you do is you create a free product that then tricks people into a transition into a paid continuity plan, and they don’t know they’re in the plan if they don’t review their credit card statement carefully. They don’t notice it for a pretty good while, right?

The classic case is to give a book away for free which is physical, it’s not downloadable, right? They say the book is free, but “We need a credit card to take care of shipping and handling.” You have the credit card number, and then the fine print you say, “We also are going to give you a free membership.”

This is the Commerce Planet case. The book was how to make money selling stuff on eBay, and then the coaching program or the membership is, “We’ll give you more information on a paid membership basis on how to do it,” but the fact that the free membership turned into a billed membership after 30 days was hidden. Jumped in on the free thing, and didn’t realize.

The US Congress passed the Ruska statutes and now there’s some very serious disclosure requirements up front, so that people know that they’re getting into something like that. All this “work at home” stuff, biz ops, that’s been regulated, as well.

Then, anything involving weight loss and health claims, that sort of thing, has been well litigated.

Those are the more traditional hot spots in FTC compliance, but the newer hot spots involve online influencers on social media where you don’t have the right disclosure. I mean, somebody might think it’s just a comment, but it’s really an ad without proper disclosure. That sort of thing.

Native ads, it’s hot. There’s just some new FTC compliance regulation out on that.

The internet in using influencers, there was a big case that was decided last year where Microsoft had an advertising agency who then hired another agency below them who then hired some guys who were influencers to create YouTube videos touting the launch of the Xbox One by Microsoft.

You have all these guys, these game guys doing all these terrific videos on YouTube, but they didn’t disclose that they were paid to create the videos. Gave rise to the lawsuit against the company that hired them, but didn’t monitor and manage them and tell them they had to provide the notice. See what I’m saying?

It’s interesting that the FTC did not sue Microsoft and its ad agency at the top of the chain, because they, the FTC said that these two, Microsoft and Starcom (the agency), had in place a very … They used the word “robust” FTC compliance program that had educated their employees and the people they outsource to about compliance, and therefore, they weren’t liable.

Yeah. What the FTC is doing, this is really interesting and it’s all very new, is that they’re going all the way up the chain.

We talked about it in terms of affiliates just a few minutes ago, and now we’re talking about it in terms of endorsements in social media. In this case, YouTube. They look up at the top of the chain. They would like to have sued Microsoft. I mean, deep pockets, you can nail them for multiple millions of dollars and it’s pocket change to Microsoft.

You could do that, but then, the FTC is saying, “Look, if you get religion, so to speak, about FTC compliance, and educate your employees, and if you outsource some of your online marketing, particularly social media marketing, if you also advise your ad agency that you expect them to follow the rules, if you’re doing all of these things, if you basically create a culture of compliance, then if people below you screw up and we sue them, we’re not going to hold you responsible for every screw up, if you have the program in place and it’s robust.”

It’s almost like an insurance policy. If you get serious about FTC compliance, you’re almost bulletproof.

Well, they love suing the big guys.

They do. They kick Google around a lot. They love those. The bigger companies have finally gotten religion, so to speak, and they are doing what the FTC wants done.

It’s the smaller and the middle sized guys who haven’t figured it out yet that need to understand that if they create this culture and do the things that are the new regulations, then they’re almost insulated from claims, because if somebody below them gets caught, they’re not going to be sued.

There’s a letter from the FTC complimenting Microsoft and Starcom and saying, “We didn’t bring an action because they had compliance programs.” Very interesting, and all this is really new stuff in the last year. We’re not talking about 3 or 4 years ago. This is all 2015, basically. 2015 and 2016.

Well, the best thing in my humble opinion is to be a member of FTCGuardian.com. I’m a co-founder, along with my partner, Allyn Cutts, who’s a marketer guy.

It’s great for me as an attorney who does the content. I do webinar presentations and on stage, and I write articles, et cetera. But there needs to be a marketer guy that’s managing things and marketing things. He’s really good at it, so it’s a great partnership.

But here’s the deal. This is really the only cost effective way that a small business can get access to what is going on and the tools and the training in FTC compliance. This is it.

I mean, it used to be that there were some websites out there where you could download a privacy policy and the watchword was “set it and forget it.” Just put these disclaimers up there, slap this privacy policy on the site, and you’re good to go. You don’t have to think about it. That was before ’09.

That’s the Wild Wild West mindset, if you want to even think about FTC compliance at some low level.

Now, set it and forget it is going to get you sued, probably. At FTC Guardian, we’ve got all of the documents with a generator that I created. It’s not cookie cutter, and it uses the technology known as rule based document assembly which I use in my law practice.

I make it available to members. It’s 85-86 documents. It’s not 4 or 5. We’ve got the documents, we’ve got the training videos and some other materials, but one thing we have that really, really is getting us rave reviews from members is twice a month, in fact we had one last night, for members, we have a Google Hangout live where I present an FTC compliance topic very focused, usually about 20 minutes.

It’s not one of these long, long webinar things. It’s not an hour and a half. It’s 20 minute presentation on a very narrow topic, and then we open the line up for Q&A for 20 or 30 minutes. As long as people have questions about FTC compliance, we’ll stay on the line.

It’s a great opportunity for just very, very little cost and expense to have a shot at me, a full time internet attorney live twice a month, to ask me questions, not only about the topic, but if you have questions outside the topic we allow that as well.

It’s a great way to stay current on FTC compliance, because we talk a lot about new developments in those hangouts. That’s a real valuable aspect. It’s not just, “Here’s some documents and here’s some stuff.” It’s a great way to keep up with what’s going on.

We do twice a month, usually about the second week. We had one last night. We’ll have one the third or fourth week of the month, and then we just keep rolling. Members love it, and we do obviously replay videos of those, so we post those in the members area so that you can review them at your leisure.

That is the recommendation because it’s not just about documents. “Just put that privacy policy up there.” That’s good if it’s a good one, but you need to know these rules, some of which we’ve talked about. What are the rules regarding testimonials and endorsements? What is the rule about if you’re an affiliate manager? How do you manage them? What are you supposed to do?

It’s the knowledge of the rules of the road, the strategies that you need to have in addition to the documents, and that’s what we give you, particularly with the live hangouts at FTC Guardian.

One of the things we might mention here is that we offer a free blueprint that you can get that gives you all the steps neccessary that we believe are important to becoming compliant, and so the link is FTCGuardian.com/blueprint.

If you go there, you can download that, and that’ll get you started.

Well, you can always check me out on LinkedIn. I’m a big LinkedIn … I’m a premium member. I really like it. I think it’s great for what I do, and I don’t go by my real name.

In fact, no one … I mean, my name is Frederick L. Cooper the third.

I mean, I’ve been known as Chip Cooper all of my life. My entire life, so just look for, search for “Chip Cooper” on LinkedIn, and you’ll see my profile there, and ask to be connected and I’ll be happy to accept that.

Yeah, connect with me on LinkedIn. Just search for “Chip Cooper,” and I don’t even think the word “Frederick L. Cooper” is on the profile. No one would know who that person is, anyway.

Well, thanks for having me, Derek. Appreciate it.