Companies To Be Held Liable For Selling To Online Criminals

from the seems-a-bit-extreme dept

One of the reasons why various safe harbor rules exist is to protect parties who really have nothing to do with any kind of law breaking from being liable for the activities of others. Thus, we don't blame an ISP for the activities of one of its users, even if that user breaks the law. That's both reasonable and fair. Those who want to blame those providers often do so just because it's easier -- or, more commonly, because they somehow think it's better for that service provider to somehow act in the role of the police to make things easier. Something similar seems to be happening with the FTC placing the onus on small businesses to make sure they don't sell to online criminals. Slashdot points us to the news that, starting November 1st, all companies are supposed to compare customer info with a "red flag" list of online identity fraudsters and money launderers. Firms that fail to check may be liable if they end up doing business with "known" criminals. You can understand the reasoning here. It certainly makes it a lot easier for the FTC to try to crack down on these crimes. But it adds significant expense and liability to small businesses for potential crimes in which they were totally uninvolved.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ftc, identity fraud, liability, online criminals, red flag, safe harbors
Companies: ftc


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Steve, 28 Apr 2008 @ 5:55pm

    Actually, car dealerships have to do this already. They have to check buyers against the known terrorist lists, and they can get slapped with huge fines if they sell stuff to someone on the list.

    link to this | view in chronology ]

  • identicon
    BEN, 28 Apr 2008 @ 6:34pm

    the thought police are coming... watch out.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Apr 2008 @ 6:59pm

    Why is it just small businesses who are probably having some form of trouble or another as is? What about some of those bigger companies as well or did they just throw some cash at the law makers to get cut off the list

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Apr 2008 @ 7:56pm

      Re:

      I understand the theory behind their reasoning.

      That being that a small business doesn't necessarily know or care how to even check that stuff, so more small businesses than large businesses will end up selling the stuff to criminals.


      Its twisted, and very obviously logic that was the first thing to come to their mind and they didn't bother thinking it all the way through.

      If they did the last bit (think it all the way through) they wouldn't a) look like asses b) look like DUMB asses and c) be pushing this law unless it affects everyone.


      Oh and it makes sense for it to affect _all_ businesses. Anyone wanting to do a transaction with a credit card (not on the consumer end of course...got to make it EASY to spend your savings) or something had better play along.

      If/when Microsoft starts tanking they'll have all that information and we wouldnt' want them selling it to criminals anymore than I want Joe from Joe's Footwear selling mine.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Apr 2008 @ 9:27pm

    Yeah, like when some douche goes in to the bank and withdraws all my money under false pretense, the bank is responsible .....

    link to this | view in chronology ]

    • identicon
      Nitro, 29 Apr 2008 @ 9:39am

      Re:

      The bank could be responsible if they didn't follow the proper procedures. (ID check etc. etc...) I get really annoyed when I use my credit card and the person at the register just takes the card and swipes it. It could be anyone's card. I wish there was some kind of law that they are required to check a picture ID. At least you would have to go through some trouble of making a fake picture ID to get away with running someone else's card. Or maybe there is a law, but nobody enforces it. I am sure it would carry a heavier fine if you got caught too. Of course, most places get away with having any liability because you can swipe your own card at the checkout. None the less... as a retailer you still hold a certain amount of responsibility depending on the merchandise you sell, but at the same time there is a fine line of what you can really be blamed for as the retailer. Unfortunately common sense has because rather uncommon so we have to have a law for all the stupid people in the world and sometimes some of those stupid people are the ones making the law. That makes it sound rather depressing doesn't it?

      link to this | view in chronology ]

  • identicon
    Rose M. Welch, 29 Apr 2008 @ 6:16am

    Umm...

    ...I work for, and own a small business. (Two different businesses.) and I have sooooo many question. What are we supposed to do when we get a match?

    All we could provide you with is the shipping/billing address and that should be on the list already because no way I would declare a match because the names are the same.

    I live in a small town surrounded by smaller towns and we have four Vicki Brown's in our customer database. Four of them. We've made sure to get their middle initials so we can tell them apart when they come in to shop.

    You could get the IP address that they used when making the purchase, but that would require that I store that information for that purpose and I am very much not okay with that. Also, it would probably end up being a library or otherwise public computer.

    Imagine my new Privacy Policy.

    Old:
    http://www.grahamjewelry.net/yourprivacy.html

    New:
    We will detect and keep your IP address on file along with with all of the information that you give me just in case your name happens to match that of a criminal, in which case cops will soon be beating down your door because I have to tell them everything like a bitch. So please use a false name and a library computer. Thanks!

    link to this | view in chronology ]

  • identicon
    Rose M. Welch, 29 Apr 2008 @ 6:18am

    Wouldn't it make more sense to talk to Paypal and other online...

    ...credit service providers? We go through PayPal, as do milliosn of other online stores. Bug them, not us. I think they chose small businesses because the larger ones wouldn't stand for it.

    How can they force us to alienate our customers?

    link to this | view in chronology ]

  • identicon
    HADLEY STARKEY, 29 Apr 2008 @ 7:14am

    Businees Owner's Compliance Issues - We have A Solution

    Pre-Paid Legal Services, Inc. (NYSE: PPD) has a solution for Small Businsss Owners Issues with Compliance with these New Red Flag Rules! We can help you show "Good Faith" compliance with all the FTC's Rules and Regulations.

    Please Call HADLEY STARKEY for more info toll-free @ 1.888.201.0077, or 1.800.204.4139 on how we can assist you at little or no cost to your company in meeting the demands for these regulations like FACTA, Hippa, Gramm-Leach Bliley, and SOX. WE've got a comprehensive solution that can be implemented immediately. E-Mail me Hadley@StopTheWorry.com

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 29 Apr 2008 @ 8:37am

      Re: Businees Owner's Compliance Issues - We have A Solution

      SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAM SPAAAAAAAM!

      link to this | view in chronology ]

    • identicon
      alternatives, 29 Apr 2008 @ 8:09pm

      Re: Businees Owner's Compliance Issues - We have A Solution

      If you want to advertise - I'm sure Mike cn arrage for you to pay for the service.

      link to this | view in chronology ]

  • identicon
    dreamflying, 29 Apr 2008 @ 9:33pm

    Weren't the republicans supposed to be getting big government off our backs? I remember when you used to be able to walk into an airport, buy a ticket for cash, and walk onto a plane without being searched. We called it freedom. Need I repeat the tired Ben Franklin quote?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 30 Apr 2008 @ 7:25am

      Re:

      Weren't the republicans supposed to be getting big government off our backs?

      The republicans aren't against big government in general. They're just against big government that they don't control.

      link to this | view in chronology ]

  • identicon
    Beta, 30 Apr 2008 @ 7:25am

    Just imagine if this turns out to be another "no fly" list. Imagine a list of names, some complete and some partial. The mechanism for putting a name on the list is shrouded in mystery, there is no known way of getting off the list, and if you too are named "J. Grimes" then you are forbidden to buy things online.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.