The 2000s Introduced the Internet and Influencers to Ad Law

Sep 16, 2021 by Katherine Armstrong, Deputy Director, National Advertising Division, BBB National Programs

The arrival of Y2K brought with it not only the panic that the internet would freeze because of the new digits marking the start of a new century but also the pivot from traditional advertising (radio/tv/print) to online advertising.

To be sure, the 2000s was a decade of change as online advertising exploded and, as a harbinger of things to come, the online environment became fertile ground for innovative ways to both communicate with consumers or, for the unscrupulous, take advantage of unwary consumers. The low barriers to entry allowed disrupters to enter the digital space and forced traditional marketers to compete in this space or be left behind.  

During this decade, the Federal Trade Commission (FTC) added to the Commission-issued policy statements that were the hallmark of the 1970s and 1980s and published important business guidance documents that described how general principles of advertising law apply to issues arising in digital advertising, as well as industry-specific guidance on advertising claim substantiation. 

In 2000, the FTC published Advertising on the Internet: The Rules of the Road as well as Dot Com Disclosures: Information About Online Advertising, which provided extensive guidance on how to make effective disclosures in the online environment and was updated in 2013 to reflect new trends in advertising and marketing on new platforms, particularly mobile devices. Unlike formal industry guides issued after public notice and comment, Dot Com Disclosures was released as informal business guidance that has proven to be a nimble and instrumental tool laying out rules of the road.  

Without specific laws addressing online advertising, the FTC and the National Advertising Division (NAD) used the general principles of advertising law to protect consumers and provide a level playing field for businesses.  

It was also during this time that privacy and advertising law began to intersect. The online environment became fertile ground both for innovative ways to communicate with consumers but also for the large-scale collection of vast amounts of data from consumers as they surfed the Internet.

Reflecting its concern about the practices of website operators and marketers collecting information directly from children, Congress passed the Children’s Online Privacy Protection Act (COPPA), and in 2000, the FTC rule implementing COPPA went into effect. COPPA regulates the online collection of personal information from children under 13, including requiring verifiable parental consent to the collection of such data. 

Privacy issues caused several reputable companies to stumble. For example, one of the FTC’s first privacy enforcement actions involved pharmaceutical giant Eli Lilly and its monthly email reminders to Prozac customers alerting them that it was time to renew their prescription. Lilly decided to terminate this monthly email reminder and sent an email to all the subscribers alerting them to this change. Because of a coding error, the “To” line was not blinded and all the recipients of the email could view the email addresses of all the subscribers. The FTC determined that this inadvertent coding error violated the FTC Act because Lilly had represented in its privacy policy that it would “protect” its consumers’ personal information.  The FTC determined that the claims in public-facing statements, such as privacy policies, must be truthful, not misleading, and substantiated, just like any advertising claim.   

Another FTC enforcement action was against the National Research Center for College and University Admissions (NRCCUA), a student survey company. The FTC reviewed express statements in the company’s privacy policy, an action that foreshadowed the FTC’s focus on what is now referred to as “dark patterns.” The FTC found that NRCCUA misrepresented that the survey data it collected would only be shared with colleges and universities, when in fact it was sold to advertisers who then marketed their products and services to the students.  

The 2000’s demonstrated the value that self-regulation provides to the advertising industry. NAD decisions during the early 2000s focused on new ways that advertising was used to mislead consumers, also foreshadowing the “dark patterns” that are the focus of current regulatory scrutiny. NAD’s first actions involving online advertising came not from competitor challenges but through its monitoring efforts, as it identified trends in advertising and provided guidance to the industry.  

NAD’s decisions provided guidance on clear and conspicuous disclosures in the new format of banner ads and, relying heavily on FTC guidance and general principles of advertising law, provided updated examples of how to advertise in emerging and new formats, guiding the industry on best practices. 

One of NAD’s earliest monitoring cases in this online environment was of a banner ad dark pattern. In 2005, NAD reviewed advertising promoting spyware services in banner ads that appeared to be a Microsoft Windows warning message. NAD recommended that the ads be modified to clearly and conspicuously disclose that the message was an ad, rather than a technical warning.   

The FTC closed the decade, in 2009, with amended Guides Concerning Use of Endorsements and Testimonials in Advertising, which reflected basic truth-in-advertising principles that endorsements must be honest and not misleading and that a material connection between an endorser and a marketer that consumers would not expect must be disclosed, updated to include examples applying the principles to social media marketing. 

Suggested Articles

Blog

Independence Day Edition: CBPR Framework Offers “Checks & Balances”

Going, Going, Gone Global, a webinar on the CBPR Global Forum, delved into how privacy impacts businesses’ brand reputation and builds trust with key stakeholders, discussed the purpose of the Global CBPR, and its value to Global Forum members.
Read more
Blog

Industry Self-Regulation: Part of the Solution for Governing Generative AI

The spotlight on generative AI remains bright. The benefits and risks continue to be ever-present in the minds of business and political leaders. No matter the timing or the setting, the creation of transparency, accountability, and collaboration among stakeholders is key to successful industry self-regulation as is the importance of setting standards and best practices.
Read more
Blog

The Demise of “Chevron Deference”: Who Will Fill the Regulatory Gaps?

The Supreme Court's 1984 ruling in Chevron v. NRDC held that courts should defer to federal agencies’ interpretations of ambiguous federal laws so long as those interpretations are reasonable. So given the court’s decision to overturn it, where does that leave companies that want a level playing field and perhaps even to raise the bar, instead of racing to the bottom?
Read more
Blog

Robust Dispute Resolution: A Quiet Enforcer for Privacy Compliance

ICYMI, a procedural rule change to update the GDPR has been agreed upon by the European Parliament to provide EU citizens with greater legal certainty regarding enforcement of GDPR, improve the dispute resolution process, and streamline the handling of cross-border cases.
Read more