TracFone fined $40M for selling unlimited plans with clear limits

The Federal Trade Commission is putting mobile carriers on notice that if they advertise an unlimited plan they can’t monkey around with speeds — or at least must clearly disclose their throttling practices up front. After suing AT&T in October, the FTC has now come down on TracFone, the country’s largest virtual mobile operator, fining it $40 million.

TracFone is owned by Mexico-based multinational carrier [company]América Móvil[/company], and it operates as a mobile virtual network operator that buys minutes, texts and megabytes wholesale from the big four U.S. carriers. TracFone then resells those services under several names, including Straight Talk, Simple Mobile, Net 10 and Telcel America. Many of those brands have offered considerable deals to consumers, such as Straight Talk’s $45 plan, which offers unlimited voice and text along with what it claims is unlimited data. The problem was the company hasn’t exactly been upfront with its customers about the clear limits in those so-called unlimited plans.

For instance, in 2012 Straight Talk advertised unlimited data with no caveat when in reality it started warning and then cutting users off if they went over a 2 GB limit. Later it started slowing down the speeds of users after they crossed certain thresholds (in 2014, TracFone claimed throttling didn’t kick in until about 3 GBs), but it was still calling its data service unlimited As the FTC pointed out, it wasn’t exactly upfront with customers that their speeds could capped.

Though the FTC reached a settlement with TracFone, it apparently isn’t making it dump its use of the term “unlimited” in its advertising. Instead TracFone “must clearly and conspicuously disclose any limits on the speed or quantity of its data service.”

Customers who have been throttled under one of TracFone’s plans though are eligible for a refund. You can visit the FTC’s website to file a claim.

Uber banned in Delhi after alleged rape by driver

Local authorities in the Indian city of Delhi have banned Uber, following the alleged rape of a woman there by an Uber driver. According to the Economic Times of India, the Delhi Transport Commission says Uber’s drivers are offering point-to-point taxi services without the correct licence.

“In this rape case, the victim was provided an All India Permit Taxi which is not allowed to ferry customers point-to-point in the national capital,” transport department commissioner Satish Mathur told the newspaper on Monday. “Uber is not an authorized radio cab service and has been operating illegally.”

According to the piece, the driver was at the time of the incident out on bail, after being arrested over the rape of another passenger in 2011.

Uber chief Travis Kalanick said in a Sunday statement that “what happened over the weekend in New Delhi is horrific” and the company would “do everything, I repeat, everything to help bring this perpetrator to justice and to support the victim and her family in her recovery.”

“We will work with the government to establish clear background checks currently absent in their commercial transportation licensing programs. We will also partner closely with the groups who are leading the way on women’s safety here in New Delhi and around the country and invest in technology advances to help make New Delhi a safer city for women,” Kalanick said.

Meanwhile, a ban on one of Uber’s services has been upheld in the Netherlands. A court in The Hague ruled on Monday that the UberPop “ride-sharing” service was breaking the law because, while it is presented as a carpooling service, its drivers are charging a fee and therefore need a taxi license.

Despite the fact that UberPop drivers face €10,000 ($12,265) fines if they are caught — and indeed, four have already been fined — Uber has promised that it will continue running the service. This is in keeping with the company’s regular encouragement of people to break laws it does not agree with, with no promise that it will pay their fines. Uber itself now faces a €100,000 fine for continuing to run UberPop in the Netherlands.

Uber is also uging drivers to risk fines in the U.S. city of Portland, Oregon, which has declared the service illegal, and in many other cities around the world. Last week Kalanick said in a blog post that he was eager for Uber to become a “more humble company.”

Retailers can look to healthcare for lessons in security

With retailers destined to stumble from their tightrope walk between privacy and security requirements and the use of new customer information, it is instructive to look at the implications and consequences of HIPAA privacy and EHR mandates and incentives in healthcare. is a veritable legal blog documenting various costs for transgressions by healthcare IT buyers and vendors alike:

Breaches such as one revealed this week can tap both medical and credit card data. A four-year HIPAA breach was also reported in December. As HITN reports:

“HIPAA covered entities and, more recently, business associates can be slapped with up to $50,000 fines per HIPAA violation due to willful neglect that goes uncorrected. Entities could face $10,000 per violation due to willful neglect when the violation is properly addressed.”

Further, the costs of meeting the regulations and requirements can be steep when an implementation simply goes awry, rather than sparking fines or a liability suit. The Maine Medical Center slipped into the red when its Epic EHR implementation went over budget, with nearly $55 million in its latest additional spending required for staff training alone.

Retailers are forced to traffic in sensitive customer data by dictate of the market; healthcare organizations, by the government. But it is likely that laws will be passed to enforce greater penalties for retail transgressions than are paid presently. Both industries will need to further ruggedize systems handling new levels of private customer data.