8

FTC proposes consent order against MoviePass for fraudulent operations and not s...

 3 years ago
source link: https://www.techspot.com/news/89989-moviepass-settles-ftc-consent-order-regarding-fraudulent-operations.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

FTC proposes consent order against MoviePass for fraudulent operations and not securing data

Any future business dealings will be under the watchful eye of the commission

By Cal Jeffrey, Today 4:02 PM

In context: It was a cool experiment, but the theater-subscription service that was MoviePass was a fatally flawed business model. Its lack of sustainability led its executives to try some shady money-saving tactics. The FTC did not take kindly to the shenanigans. It concluded its probe into the company with a stifling consent order.

On Monday, The Federal Trade Commission (FTC) announced that it had concluded an investigation into the now-defunct subscription movie service MoviePass and had reached a settlement for its alleged actions. The FTC charged parent company Helios and Matheson Analytics and operators Mitchell Lowe and Theodore Farnsworth with blocking paying users from accessing the service as advertised and for not securing customer information.

"MoviePass and its executives went to great lengths to deny consumers access to the service they paid for while also failing to secure their personal information," said Daniel Kaufman, the FTC's Acting Director of the Bureau of Consumer Protection. "The FTC will continue working to protect consumers from deception and to ensure that businesses deliver on their promises."

In 2019, the struggling platform allegedly invalidated the passwords of "power users," citing "suspicious activity or potential fraud." Insiders claimed executives knew the move was wrong but were desperate to slow down their losses and blamed Mitch Lowe for the dishonest act.

"Before Mitch [Lowe] came on, it was, 'How do we slow down those users?'" one insider said. "With Mitch, it was just, 'F--- those guys.'"

Operators of MoviePass subscription service agree to settle FTC allegations that they limited usage, failed to secure user data: https://t.co/PAXnBiVzt7

— FTC (@FTC) June 7, 2021

The FTC said the company used a buggy ticket verification system to discourage users from using the service, employing a one-strike rule that allowed the company to cancel subscriptions when users did not submit verification on time.

The commission also found MoviePass guilty of using "trip wires" [sic] to block certain user groups. In general, these were subscribers that viewed more than three movies per month. The tripwires prevented users from using the service whenever the group collectively hit certain company loss levels in a given month.

These tactics violate the Restore Online Shoppers' Confidence Act (ROSCA), which demands truth in advertising over the internet. It also requires user notification and consent when making changes to services in a subscription.

Finally, the FTC ruled that MoviePass failed to properly secure user account information, including credit card numbers. The company allegedly stored all customer-related data in plain text and did not restrict access to the database. The 2019 data breach, which exposed at least 58,000 records, is evidence of this claim. A sample of 1,000 leaked database entries showed more than half included credit and debit card numbers and their expiration dates.

As part of the consent agreement, Lowe, Farnsworth, MoviePass, Helios, and all involved operators are prohibited from misrepresenting any prospective services under strict FTC oversight. They must have "a comprehensive security program" in place for any future businesses, which a third-party firm will audit biennially. Any breaches or security risks encountered must be reported to the FTC immediately upon discovery. A senior executive must annually notify the commission that all security requirements are met.

Unfortunately for disgruntled customers, the proposed order does not contain any monetary compensation. Both MoviePass and Helios have filed Chapter 7 bankruptcy, dissolving both businesses shortly after shutting down the service with very little notice.

Image credit: Piotr Swat


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK