Old MacDonald Had an Engagement Farm: Lessons Learned from FTC v. NGL

Capturing user engagement is the foundation of internet commerce. In many ways, online competition could be characterized as an arms race for user engagement and the data and network effects that come with it. 

While the incentives to prompt greater engagement are certainly understandable, the recent NGL Labs case from the Federal Trade Commission (FTC) and the LA County District Attorney raises important questions about the ethical and legal ramifications when companies try to artificially generate engagement among their userbase (sometimes referred to as “engagement farming” tactics). 

The NGL case indicates that misleading engagement farming practices are likely illegal when used deceptively to prod consumers along a subscription funnel. Additionally, the FTC found that NGL’s co-founders violated the law by marketing an anonymous messaging application to teens and children even in the face of evidence that the company was aware of substantial harms faced by minors on competitor apps as well as its own app. 

Some practitioners in online privacy and safety may index this case as part of the long line of children’s privacy cases brought by the FTC under the Children’s Online Privacy Protection Act (COPPA), but the FTC’s allegations go beyond the scope of a traditional privacy case by articulating important considerations for companies that offer anonymous messaging apps, negative option subscriptions, and experiences that (like most of the internet) rely on user engagement.

The FTC’s Allegations

NGL (ironically named after the popular abbreviation for “not gonna lie”) is a popular mobile app that stands out from other social media services for its ability to send and receive anonymous messages with existing Instagram or Snapchat connections. However, the FTC’s Complaint alleges that, after low user engagement within the first six months on app stores, NGL Labs, the app’s publisher, concocted a plan to send users computer-generated messages with salacious, harassing, inflammatory, and intrusive language to prompt greater user engagement. 

In total, the FTC alleges, an inventory of over 1,000 unique messages were drafted and sent regularly to convince users that their friends and acquaintances were active users of the platform. After NGL integrated these messages into the application’s design, consumer engagement on the app and adoption of the app began to grow exponentially.

While the application was free to download, NGL Labs also offered a subscription add-on, NGL Pro.

• Pro users had additional functionalities to see “Sender Info” (sender’s location, device info, ngl ID, etc.), hints that could help identify the sender of any given anonymous message. 
• Whenever users received a message—including a computer-generated message—they had the option of clicking a “who sent this” button and revealing sender info.
• Upon clicking this button, unsubscribed users would be prompted to subscribe for NGL Pro, regardless of whether the message was sent by a true user or NGL Labs itself as part of the engagement prompting scheme. Even anonymous messages from actual users appeared to provide false Sender Info. 

The FTC alleged that many users complained in reviews that they were induced to purchase NGL Pro by inflammatory or invasive messages only to find, once they subscribed, that the messages were fake.

The FTC complaint also details the ways that NGL targeted its service to children and teens despite being aware of substantial bullying and harassment faced by minors on NGL and competitor apps. 

• NGL Labs affirmatively sought an audience from minors in various ways (promoting the application as a safe space for teens, social media marketing that emphasized minor-focused discussion topics, targeting schools with micro-influencer strategies, etc.). This targeting continued despite complaints from children and parents about inappropriate and harassing user behavior on the platform. 
• In representing its service as safe for users, NGL Labs made claims about “world class AI content moderation” to mask harmful content or emojis. The FTC alleges these AI claims are false and that harmful content remained on the site despite these representations.

Despite having actual knowledge of children on the platform, NGL Labs failed to take steps towards compliance under the COPPA Rule. In fact, the NGL application did not comply with any of COPPA’s substantive requirements, failing to provide parental notice, seek verifiable parental consent, act on parental requests, or delete data in accordance with COPPA’s data minimization requirement.

Misrepresentations and ROSCA Violations

The alleged engagement farming and subscription schemes gave rise to two out of the six counts brought by the FTC.

Count I was brought under the FTC Act and deals specifically with deceptive and misleading practices regarding the NGL app and NGL Pro, including misrepresentations that:

• Anonymous messages were from friends or social media contacts, 
• Pro subscribers would receive the identity of message senders, and
• AI content moderation was used to filter out harmful language and bullying. 

Many have already noted that this is one of the first times the FTC has brought an enforcement action for misrepresentations involving AI, but also notable is that Count I focuses on the company’s own independent statements made to induce consumers to engage on the platform in various ways, describing social functionalities and subscriber perks without disclosing the deceptive and misleading engagement farming techniques or billing practices. 

Beyond the inherent deception of prompting users to subscribe when computer-generated messages were sent, the FTC alleges in Count III that NGL Labs violated the Restore Online Shoppers Confidence Act (ROSCA) by failing to disclose material terms related to NGL Pro subscriptions that were billed for as much as $9.99 on a weekly basis. The company’s in-app language prior to a subscription appeared to indicate a Pro member could see who sent the message rather than limited “sender info” (the FTC also alleges that some sender info provided by the app was also demonstrably false even when a real user sent the message). Additionally, screenshots of the subscription page demonstrate that inconspicuous off-white and gray text were the only indication that Pro subscribers would be charged weekly. 

According to the FTC, due to illegible font, many consumers were not properly informed, nor did they understand that NGL Pro was a negative option recurring subscription that would charge the user automatically on a recurring basis rather than a one-time purchase. Accordingly, the FTC alleges that NGL Labs failed to seek express consent required for negative option marketing under the ROSCA statute.

Privacy and Safety Protections for Minors

Much like the bombshell U.S. v. Epic case from late 2022, this case is both a COPPA case and a case that goes beyond the requirements of COPPA by impacting teens.

While COPPA’s requirements explicitly protect minors under 13 years of age, Section 5 of the FTC Act gives the Commission some leeway when it uncovers unfair or deceptive business practices that are substantially likely to harm teenage consumers. 

The FTC brought two counts against NGL related to children, Count II and Count IV. Count II alleges that it was an unfair practice to market an anonymous messaging app to children and teens knowing that it was likely to cause them substantial injury.

Regarding Count II, recently appointed FTC Commissioners Anderew N. Ferguson and Melissa Holyoak wrote concurring statements to clarify their understanding that the unfairness allegation should be narrowly read to apply to the types of facts at hand, where the company allegedly knew of the harm it was causing. Cautioning against reading the FTC’s complaint broadly to indicate that marketing an anonymous messaging application to minors is a per se unfair business practice, Commissioner Ferguson states in his concurrence “I vote to approve this complaint because I agree that it was unfair to market this anonymous messaging app to teenagers in the way that the defendants marketed it…I write separately to make clear, however, that it does not follow that Section 5 categorically prohibits marketing any anonymous messaging app to teenagers.”  

He states further that the First Amendment to the US Constitution protects anonymous speech for all Americans, including children and teens. 

The Count IV COPPA issues involved are not novel; many companies fail to follow COPPA even in the face of actual knowledge that children are using an online service. However, this case, like U.S. v. Epic before it, indicates that COPPA is not the only tool the FTC will turn to when scrutinizing online business models that seek children and teen users.

Don’t Cross the Line

As we enter an era where online ecosystems will be managed by the predictive capabilities of machine learning and where much online content may come directly from the editorial perspective of generative AI, this case should be read closely to ensure that—regardless of the technology employed—engagement prompting techniques are not designed in a manner that crosses the clear line that the FTC has articulated on deceptive and unfair business practices related to user engagement, especially in the children’s space.

Because compliance is a constantly moving target, BBB National Programs is always looking to update its offerings to better reflect the needs of consumers and market participants. Our efforts to promote best practices concerning teen privacy have been ongoing through our Center for Industry Self-Regulation's incubation of the TeenAge Privacy Program and the Children’s Advertising Review Unit, the nation’s first approved COPPA Safe Harbor Program has been continuing to follow FTC guidance to better assist companies with child-centered business models and compliance philosophies.

Please reach out to us if you have any questions about these or any of our other programs.