The 2000s Introduced the Internet and Influencers to Ad Law

Sep 16, 2021 by Katherine Armstrong, Deputy Director, National Advertising Division, BBB National Programs

The arrival of Y2K brought with it not only the panic that the internet would freeze because of the new digits marking the start of a new century but also the pivot from traditional advertising (radio/tv/print) to online advertising.

To be sure, the 2000s was a decade of change as online advertising exploded and, as a harbinger of things to come, the online environment became fertile ground for innovative ways to both communicate with consumers or, for the unscrupulous, take advantage of unwary consumers. The low barriers to entry allowed disrupters to enter the digital space and forced traditional marketers to compete in this space or be left behind.  

During this decade, the Federal Trade Commission (FTC) added to the Commission-issued policy statements that were the hallmark of the 1970s and 1980s and published important business guidance documents that described how general principles of advertising law apply to issues arising in digital advertising, as well as industry-specific guidance on advertising claim substantiation. 

In 2000, the FTC published Advertising on the Internet: The Rules of the Road as well as Dot Com Disclosures: Information About Online Advertising, which provided extensive guidance on how to make effective disclosures in the online environment and was updated in 2013 to reflect new trends in advertising and marketing on new platforms, particularly mobile devices. Unlike formal industry guides issued after public notice and comment, Dot Com Disclosures was released as informal business guidance that has proven to be a nimble and instrumental tool laying out rules of the road.  

Without specific laws addressing online advertising, the FTC and the National Advertising Division (NAD) used the general principles of advertising law to protect consumers and provide a level playing field for businesses.  

It was also during this time that privacy and advertising law began to intersect. The online environment became fertile ground both for innovative ways to communicate with consumers but also for the large-scale collection of vast amounts of data from consumers as they surfed the Internet.

Reflecting its concern about the practices of website operators and marketers collecting information directly from children, Congress passed the Children’s Online Privacy Protection Act (COPPA), and in 2000, the FTC rule implementing COPPA went into effect. COPPA regulates the online collection of personal information from children under 13, including requiring verifiable parental consent to the collection of such data. 

Privacy issues caused several reputable companies to stumble. For example, one of the FTC’s first privacy enforcement actions involved pharmaceutical giant Eli Lilly and its monthly email reminders to Prozac customers alerting them that it was time to renew their prescription. Lilly decided to terminate this monthly email reminder and sent an email to all the subscribers alerting them to this change. Because of a coding error, the “To” line was not blinded and all the recipients of the email could view the email addresses of all the subscribers. The FTC determined that this inadvertent coding error violated the FTC Act because Lilly had represented in its privacy policy that it would “protect” its consumers’ personal information.  The FTC determined that the claims in public-facing statements, such as privacy policies, must be truthful, not misleading, and substantiated, just like any advertising claim.   

Another FTC enforcement action was against the National Research Center for College and University Admissions (NRCCUA), a student survey company. The FTC reviewed express statements in the company’s privacy policy, an action that foreshadowed the FTC’s focus on what is now referred to as “dark patterns.” The FTC found that NRCCUA misrepresented that the survey data it collected would only be shared with colleges and universities, when in fact it was sold to advertisers who then marketed their products and services to the students.  

The 2000’s demonstrated the value that self-regulation provides to the advertising industry. NAD decisions during the early 2000s focused on new ways that advertising was used to mislead consumers, also foreshadowing the “dark patterns” that are the focus of current regulatory scrutiny. NAD’s first actions involving online advertising came not from competitor challenges but through its monitoring efforts, as it identified trends in advertising and provided guidance to the industry.  

NAD’s decisions provided guidance on clear and conspicuous disclosures in the new format of banner ads and, relying heavily on FTC guidance and general principles of advertising law, provided updated examples of how to advertise in emerging and new formats, guiding the industry on best practices. 

One of NAD’s earliest monitoring cases in this online environment was of a banner ad dark pattern. In 2005, NAD reviewed advertising promoting spyware services in banner ads that appeared to be a Microsoft Windows warning message. NAD recommended that the ads be modified to clearly and conspicuously disclose that the message was an ad, rather than a technical warning.   

The FTC closed the decade, in 2009, with amended Guides Concerning Use of Endorsements and Testimonials in Advertising, which reflected basic truth-in-advertising principles that endorsements must be honest and not misleading and that a material connection between an endorser and a marketer that consumers would not expect must be disclosed, updated to include examples applying the principles to social media marketing. 

Suggested Articles

Blog

Fifty Shades of Consumer Health Data: Unclear Expectations for Digital Privacy

While momentum continues to build around what a regulated consumer health privacy landscape looks like, the environment remains shrouded in shades of gray. To date, a risk-based approach to consumer health data does not exist, but we believe a sliding scale for the risks carried by consumer health data should.
Read more
Blog

California Privacy Enforcement: Whose Job Is It Anyway?

The California Privacy Rights Act of 2020 went into effect bringing new privacy rights to California consumers and created the California Privacy Protection Agency. CCPA will continue to be enforced by the California Office of the Attorney Genera. Which begs the question: Whose enforcement is it anyway?
Read more
Blog

Unsubstantiated Claims May Lead to Civil Penalties

The U.S. economy is built on a fair and transparent product marketplace. It is the responsibility of companies to have adequate substantiation for health and safety claims and to hold their competitors to the same standard.
Read more
Blog

Data Privacy Advances, Despite Lack Of Federal Privacy Law

An appropriate federal privacy law would level the playing field for all companies and create much-needed uniformity in the digital marketplace to enable enhanced trust in the marketplace for businesses and consumers.
Read more