PayPal Settles FTC Charges About Venmo

By on March 5, 2018

The Federal Trade Commission has reached a settlement with PayPal, Inc. over allegations that the company told users of its Venmo peer-to-peer payment service that money credited to their Venmo balances could be transferred to external bank accounts without adequately disclosing that the transactions were still subject to review and that funds could be frozen or removed.

, the FTC also charges that Venmo misled consumers about the extent to which they could control the privacy of their transactions. In addition, Venmo misrepresented the extent to which consumers’ financial accounts were protected by “bank grade security systems,” and violated the Gramm-Leach-Bliley Act’s Safeguards and Privacy Rules, the complaint alleges.

According to the complaint, Venmo sent its users notifications that money had been credited to their Venmo balances and was available for transfer to an external bank account. However, the FTC says that Venmo failed to disclose that these funds could be frozen or removed based on the results of Venmo’s review of the underlying transaction. As a result, consumers complained that at times, Venmo delayed the withdrawal of funds or reversed the underlying transactions after initially notifying them that the funds were available.

The FTC alleges that many consumers said they experienced financial hardships, such as being unable to pay their rent or other bills, because they could not transfer the money as promised by Venmo. Other consumers who used Venmo to receive payment for event tickets or other valuable items relied on the notifications that money had been credited to their Venmo account, delivered the item to the purchaser, and consequently incurred a financial loss when Venmo removed the funds.

“Consumers suffered real harm when Venmo did not live up to the promises it made to users about the availability of their money,” said Acting FTC Chairman Maureen K. Ohlhausen. “The payment service also misled consumers about how to keep their transaction information private. This case sends a strong message that financial institutions like Venmo need to focus on privacy and security from day one.”

READ  Finder.com Survey Estimates Americans Owe $184 Billion to Friends and Family Annually

The FTC also alleges that Venmo misled consumers about the extent to which they could keep transactions private. By default, some information about transactions between users is displayed on Venmo’s social news feed. Venmo offers privacy settings that enable consumers to limit who can view such transactions, but Venmo misled consumers about how those settings work.

According to the complaint, a Venmo consumer who limits their “default audience” for “future transactions” has not ensured that their transactions will remain private unless they also change a second setting. Unless the consumer changes both settings, certain transactions may still be shared publicly. Also, unless that second setting is changed, where a consumer has specifically chosen to keep a particular transaction private, the other participant in the transaction can override the consumer’s privacy choices and retroactively make a private transaction public. According to the complaint, Venmo at times misrepresented what steps were necessary to keep transactions private and in any case failed to adequately disclose these facts to consumers.

The FTC also alleges that, until at least March 2015, Venmo misrepresented the extent of security it provided to consumer financial accounts, claiming that it utilized “bank-grade security systems.” The FTC alleges, however, that through at least August 2014, Venmo did not have a written information security program. Until at least March 2015, Venmo failed to notify users when their password or email address had been changed, or when a new device had been added to their account. As a result, unauthorized users were able to withdraw funds from consumer accounts – without Venmo notifying consumers. In addition, Venmo lacked adequate customer support to respond to consumer complaints about these incidents.

In addition, the Commission alleges that Venmo violated the Gramm-Leach-Bliley Act’s , which requires financial institutions to implement safeguards to protect the security, confidentiality, and integrity of customer information, and , which requires financial institutions to deliver privacy notices to customers.

READ  Refunds Now Available from Amazon for Unauthorized In-App Purchases

with the FTC, Venmo is prohibited from misrepresenting any material restrictions on the use of its service, the extent of control provided by any privacy settings, and the extent to which Venmo implements or adheres to a particular level of security. Venmo is also required to make certain disclosures to consumers about its transaction and privacy practices, and is prohibited from violating the Privacy Rule and the Safeguards Rule. Consistent with several past cases involving violations of Gramm-Leach-Bliley Act Rules, Venmo is required to obtain biennial third-party assessments of its compliance with these rules for 10 years.

The Commission vote to issue the administrative complaint and to accept the proposed consent agreement was 2-0. The FTC will publish a description of the consent agreement package in the Federal Register shortly. The agreement will be subject to public comment for 30 days, beginning today and continuing through March 29, after which the Commission will decide whether to make the proposed consent order final. Interested parties can by following the instructions in the “Invitation To Comment” part of the “Supplementary Information” section.

This article by the was distributed by the .

Last step, fill out the information below or call us for Priority Assistance.

What problems are you having with your report?

Your first name is required. Your first name is required to be at least 2 characters. Your first name cannot be longer than 50 characters.
Your last name is required. Your last name is required to be at least 2 characters. Your last name cannot be longer than 50 characters.
Your email is required.
Your phone is required. Your 10 digit phone number is required.
Your state is required.
Your age is required. Your age must be greater than 18. Your age must be less than 100.

By clicking on the "Contact Me" button above, you consent, acknowledge, and agree to the following: Our Terms of Use and Privacy Policy and to receive electronic communications. We take your privacy seriously. That you are providing express "written" consent for Debt.com or appropriate service provider(s) to call you (including through automated means; e.g. autodialing, text and pre-recorded messaging) via telephone, mobile device (including SMS and MMS - charges may apply), even if your telephone number is currently listed on any internal, corporate, state or federal Do-Not-Call list. Consent is not required as a condition to utilize Debt.com services and you are under no obligation to purchase anything.

By clicking on the “Contact me” button above, you consent, acknowledge, and agree to the following: (1)That you are providing express “written” consent for Lexington Law Firm, Debt.com or appropriate service provider(s) to call you (including through automated means; e.g. autodialing, text and pre-recorded messaging) via telephone, mobile device (including SMS and MMS – charges may apply), or dialed manually, at my residential or cellular number, even if your telephone number is currently listed on any internal, corporate, state or federal Do-Not-Call list; and (2)Lexington Law’s and and Debt.com’s Terms of Use and Privacy Policy. Consent is not required as a condition to utilize Lexington Law or Debt.com services and you are under no obligation to purchase anything.

About Research Department

Here is where you will find important stories located from around the web which can impact you and your financial life.
profvest.com

Нашел в интернете классный портал с информацией про https://zaraz.org.ua.
узнать больше sledoc.com.ua
%d bloggers like this: