|April 30, 1999
Donald S. Clark, Secretary
Dear Secretary Clark:
On behalf of the State of New York and the Attorneys General of the States of Alabama, Alaska, Arizona, Arkansas, California, Connecticut, Florida, Georgia, Hawaii(1), Illinois, Indiana, Iowa, Kansas, Louisiana, Maryland, Massachusetts, Michigan, Minnesota, New Jersey, North Carolina, Rhode Island, Tennessee, Utah, Vermont, Washington, West Virginia, Wisconsin and the Commonwealth of Puerto Rico, ("the Attorneys General"), I wish to thank you for the opportunity to comment on the subject of consumer protection in the global electronic marketplace that is the Internet. In order to foster the growth of this exciting new medium, it is vital for State and local law enforcement to work together with their federal counterparts, as well as with industry groups and consumer advocates, to ensure that consumers will be protected from fraud while engaged in online commerce.
The Internet represents a stunning technological innovation that is already revolutionizing the way we communicate, learn, and conduct business. Yet although the Internet offers tremendous commercial possibilities, it also opens the door to a dizzying array of new applications for old- fashioned consumer scams, as demonstrated by the substantial volume of Internet-related complaints we receive from the residents of our States.
It is clear that the States can have a meaningful role in policing the Internet. Like the FTC --and often in cooperation with the Commission's staff--many States have initiated law enforcement actions concerning online fraud. What our efforts continue to underscore is that there is nothing so inherently unique about activities which take place online that should exempt them from the coverage of our already-existing State laws. Protecting the health, safety, and welfare of our citizens has historically been, and remains today, a matter of critical local concern. State Attorneys General traditionally act against consumer fraud that adversely affects their citizens, regardless of the violator's place of origin, and have done so effectively vis-a-vis national sellers. Such jurisdiction is concurrent with that of the federal consumer protection authorities. While we favor working in conjunction with the Commission wherever practicable, the fact that a seller is using a new form of media, such as the Internet, will not limit the States' aggressive enforcement of their consumer laws. Wherever unlawful activities threaten the well-being of our citizens--whether these activities take place in the physical world or in the "cyber world"--we will endeavor to stop them, and we firmly believe that such enforcement actions lie squarely within the established police powers of the States. Moreover, we have proven that this can be accomplished without either imposing undue regulatory constraints on what is essentially a boundary-less medium, or interfering with the application of federal law.
Our State courts have agreed with this position. As one New York court held, The Attorney General has clear authority to seek to restrain illegal business practices by a local business in relation to both in-state and out-of-state residents, notwithstanding that these practices occur on the Internet . . . . [Claims of consumer fraud or abuse] are of local concern, as recognized by the nationwide system of state consumer protection laws. There is no compelling reason to find that local legal officials must take a "hands off" approach just because a crook or a con artist is technologically sophisticated enough to sell on the Internet. Invocation of the 'Internet' is not equivalent to a cry of 'sanctuary' upon entry into a medieval church.
People v. Lipsitz, 663 N.Y.S.2d 468, 474-75 (Sup. Ct. N.Y. Co. 1997). A Minnesota trial court considered a matter where the "Defendants [had] crossed the Minnesota borders through Internet advertisements and solicited business for their gaming venture." State v. Granite Gate Resorts, Inc., No. C6-95-7227, 1996 WL 767431 (Minn. Ramsey County Dist. Ct. Dec. 11, 1996), aff'd, 568 N.W.2d 715 (Minn. Ct. App. 1997), aff'd by an equally divided court, 576 N.W.2d 747 (Minn. 1998). In its ruling, which held that jurisdiction was proper in part because of the state's interest in hearing the matter, the court wrote that "[i]f our Attorney General cannot hail them into our Court, then the citizens of Minnesota will not have an adequate Consumer Protection remedy." Id.
We recognize that in some circumstances, constitutional restraints such as the Commerce Clause and Due Process Clause may affect the scope of State enforcement efforts in cyberspace, just as these doctrines define the boundaries of State enforcement in the off-line world. However, within those existing constraints we have thus far, and will continue to, enforce our laws in a manner that fulfills our obligation to protect the safety and welfare of our citizens. In cases relating to Internet jurisdiction, courts have successfully conducted a traditional "minimum contacts" analysis by, for example, examining the level of interactivity and the commercial nature of the online exchange of information that occurs between the defendant and residents of the forum State. See, e.g., Maritz, Inc. v. Cybergold, Inc., 947 F. Supp. 1328 (E.D.Mo.1996)). For example, in the Granite Gate Resorts case mentioned previously, the State of Minnesota was able to successfully assert jurisdiction over a foreign corporation based upon evidence regarding the nature and number of online contacts between the defendant company and Minnesota residents and the level of interactivity provided by the defendant's web site. Granite Gate Resorts, 576 N.W.2d at 747.
We also acknowledge that there may be international approaches to some of the concerns raised by the Commission. Moreover, we agree that self-regulatory initiatives by industry may enhance consumer protection in the realm of electronic commerce. Nevertheless, we strongly believe that the safeguards provided by existing State consumer protection laws are vitally important to the welfare of our citizens, and to the sustained growth of the global electronic marketplace. Consequently, we seek to ensure that the important consumer protection standards articulated by our State legislatures will not be diluted to the detriment of our citizens, whose safety we are charged with protecting.
Among the issues of significant concern to the States is how best to translate the traditional consumer protection standards that are common to both federal and State law, such as clear and conspicuous disclosure of material terms and conditions, to this new medium. This is particularly true where businesses seek to restrict important rights, such as the application of the laws of the consumer's home State, access to the courts of that State, or the ability even to initiate litigation as a method of dispute resolution. We look forward to discussing many of these matters at the Commission's Workshop regarding the application of its rules and guides to new forms of media on May 14, 1999.
Another issue of concern to the State Attorneys General is how best to protect consumers against threats to their privacy while online, including identity theft . Recent surveys demonstrate that consumer concern about online privacy may actually be hampering the continued growth of this new marketplace. A 1998 Business Week/Harris poll revealed that 78% percent of people who already go online would do so more often were there greater privacy protections in place. The same 1998 poll also indicated that 53% of non-computer users, along with 50% of computer users, want government to pass laws now restricting the collection and use of personal information on the Internet. Recent controversies surrounding the information collection practices of certain hardware and software manufacturers may well drive these numbers even higher.
Identity theft presents a related problem. The explosive growth of online commerce has created a need for new mechanisms to ensure the authenticity of one's identity. However, in the absence of widely accepted standards for digital signatures, personal information has been used as proof of identity. This trend, coupled with the widespread availability of high-speed computers, powerful databases, and the Internet, may make possible a dramatic increase in the incidence of identity theft crimes.
Some important steps have already been taken to address these privacy-related issues. In response to consumer concerns and the Commission's commendable efforts, Congress passed and the President signed the Children's Online Privacy Protection Act of 1998 ("COPPA"), which will regulate the online collection and use of personal information from children. We were pleased by the inclusion of a specific cause of action for State Attorneys General to enforce the provisions of the Act and the Commission's regulations. We look forward to working with the Commission on developing the regulations required under the Act, and we believe that this statute can serve as a model for future federal/State cooperation.
We wish to thank the Federal Trade Commission for the opportunity to comment on these important issues, and we expect that the Commission will continue to be among our strongest allies in the battle against fraud, regardless of the underlying medium. In addition, we look forward to actively participating in the Workshop that will address these questions in greater detail.
1. Georgia is represented by both the Attorney General and the Administrator of the Fair Business Practices Act ("Administrator"). The Attorney General represents the State of Georgia in any litigation. The Administrator, who is not part of the state Attorney's General Office, is statutorily authorized to undertake consumer protection functions, including the civil and criminal investigation of Internet and financial identity fraud, and to accept or reject any Assurances of Voluntary Compliance of behalf of the State of Georgia. Hawaii is represented by its Office of Consumer Protection, an agency which is not a part of the state Attorney General's Office, but which is statutorily authorized to undertake consumer protection functions, including legal representation of the State of Hawaii. For the purposes of these comments, the entire group will be referred to as the "Attorneys General", and such designation, as it includes Hawaii, refers to the Executive Director of the State of Hawaii Office of Consumer Protection, and, as it includes Georgia, refers to both the Attorney General and the Administrator of the Fair Business Practices Act.