The Federal Trade Commission has proposed a $650,000 settlement with Experian Consumer Services (ECS), one of three major US credit bureaus, for violating the CAN-SPAM Act. According to a complaint filed by the Department of Justice on behalf of the FTC, Experian allegedly sent spam emails to consumers without their permission and without providing a “clear and conspicuous” notice of how to opt out of future messages and a mechanism to unsubscribe.

To access, monitor and manage their credit information, consumers have to set up a free membership account on Experian. For example, they would create an account to order their free annual credit report, freeze or remove security freezes from their accounts, monitor credit changes, etc. The basic membership is free. A paid monthly membership option is also available. Experian later sent marketing messages to consumers who created membership accounts without providing a way to opt out of the emails in direct violation of CAN-SPAM.

“Signing up for a membership doesn’t mean you’re signing up for unwanted email, especially when all you’re trying to do is freeze your credit to protect your identity,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection, in an August 14, 2023 news release. “You always have the right to unsubscribe from marketing messages, and the FTC takes enforcing that right seriously.”

Copyright © 2023 Authority Media Network, LLC. All rights reserved. Reproduction without permission is prohibited.

According to the FTC, ECS contacted consumers via email with messages that contained information about the consumers’ accounts. In actuality, they were marketing messages to promote products and services (e.g., credit card offers, discounts, savings, services to improve credit scores, etc.) that were required to provide an opt-out mechanism. The proposed order would require payment of a $650,000 penalty and would prohibit Experian from sending future marketing emails without a way for consumers to opt out. The order is not final until approved by a federal court.

Experian alleges they were not marketing emails

The complaint alleges that the emails are for promotional purposes, though ECS said the emails…

• Were not marketing emails
• Were sent to notify customers of changes to their accounts
• Contained important information about consumer accounts

Even consumers who specifically opted out of marketing emails received the marketing emails.

The complaint outlines three specific types of marketing emails designed to promote Experian products and services: confirm your car, boost your FICO score, and dark web scan emails. In these examples, the marketing campaigns specifically state they are not marketing emails, but are being sent to notify consumers of a recent change to their accounts. The company does not provide an unsubscribe link in any of the examples as required by the CAN-SPAM Act.

In Count II, item 73, of the complaint, the FTC alleges consumer injury.

“Consumers have suffered and will continue to suffer substantial injury as a result of Defendant’s violations of the CAN-SPAM Act and the FTC Act. Absent injunctive relief by this Court, Defendant is likely to continue to injure consumers and harm the public interest,” the complaint said.

Insider Take

The $650,000 penalty seems relatively low given the potential for harm in this case. Experian was hawking its wares unlawfully and could have gained from people who signed up for additional products and services that were never supposed to have received the offers. Considering the CAN-SPAM Act passed in 2004, Experian should have known better. Instead, it skated under the radar. The penalty seems like a slap on the wrist and not one that is likely to have a significant impact to Experian. Rather than ask permission, they asked for forgiveness…and got it.

Want to learn how your subscription business can stay in compliance with the CAN-SPAM Act?
Check out the FTC’s compliance guidance for business.

Copyright © 2023 Authority Media Network, LLC. All rights reserved. Reproduction without permission is prohibited.