January 27 — Epsilon Data Management LLC (Epsilon), one of the largest marketing companies in the world, has entered into a settlement with the Department of Justice to resolve a criminal charge for selling millions of Americans’ information to perpetrators of elder fraud schemes.
Epsilon entered into a deferred prosecution agreement (DPA) with the Consumer Protection Branch of the Justice Department’s Civil Division and the U.S. Attorney’s Office for the District of Colorado in connection with a criminal information charging the company with one count of conspiracy to commit mail and wire fraud.
Under the terms of the DPA, which the parties submitted to the district court in Denver on Jan. 19, 2021, Epsilon agreed to pay a total of $150 million, with $127.5 million of that amount going to compensate victims of the fraudulent schemes that used consumer data sold by Epsilon. Epsilon also agreed to implement significant compliance measures designed to safeguard consumers’ data and prevent its sale to individuals or entities engaged in fraudulent or deceptive marketing campaigns. Further, the DPA requires Epsilon to maintain a procedure for consumers to request that it not sell their information to others.
Headquartered in Irving, Texas, with its principal sales office in Westminster, Colorado, Epsilon used sophisticated data modeling to identify consumers most likely to respond to its clients’ marketing solicitations. As part of the DPA, Epsilon admitted that, from July 2008 through July 2017, employees in its Direct to Consumer (DTC) Unit knowingly sold modeled lists of consumers to clients engaged in fraud. In particular, Epsilon acknowledged that the DTC Unit sold consumer lists to a number of mass-mailing fraud schemes that sent false “sweepstakes” and “astrology” solicitations to consumers. Those solicitations stated that each consumer recipient had won a large prize or individualized psychic service that they could obtain by paying a fee. In reality, the solicitations — as known to DTC Unit employees — were mass-produced mailings and victims who paid a fee received nothing of value. As reflected in the consumer lists sold by the DTC Unit to perpetrators of the fraud schemes, the schemes disproportionately affected the elderly and other vulnerable individuals.
The consumer data sold by the DTC Unit to fraudsters came both from other fraudulent clients and from legitimate Epsilon clients, including non-profit and charitable organizations. DTC Unit employees continued to sell consumer data to clients engaged in fraud despite knowing that those and similar clients had been arrested, charged with crimes, convicted, and otherwise subject to law enforcement actions for false and misleading practices. Epsilon admitted that the DTC Unit sold more than 30 million consumers’ data to fraudulent schemes.
“By allowing clients engaged in fraudulent schemes to buy data on millions of consumers most susceptible to their schemes, Epsilon employees facilitated those schemes with staggering effect,” said Acting Assistant Attorney General Brian Boynton of the Department of Justice’s Civil Division. “We are encouraged by Epsilon’s cooperation since the misconduct was discovered, its remediation efforts, and its commitment to stringent new compliance measures.”
“Companies who sell consumer information have a responsibility to avoid knowingly selling it to those who will use the data to defraud or swindle consumers,” said U.S. Attorney Jason Dunn for the District of Colorado. “I hope other data companies will take note of this outcome and ensure that they don’t likewise help fraudsters.”
“Postal Inspectors have always held consumer protection as a core tenet of our efforts to ensure the integrity of the U.S. Mail,” said Deputy Chief Postal Inspector Craig Goldberg of the U.S. Postal Inspection Service. “When data firms such as Epsilon use their extraordinary access to consumers’ personal information to provide laser-focused marketing lists supporting deceptive practices, more American consumers are placed in harm’s way. Firms that amass big data assume a big responsibility to ensure this data is not used by malicious actors. If you cater to criminals who are exploiting Americans through the U.S. Mail, Postal Inspectors are coming for you.”
The DPA provides that Epsilon must select, and cover the costs of, an independent claims administrator to distribute the $127.5 million to identified victims with established losses caused by fraud schemes that used Epsilon data. The claims administrator will contact identified victims directly. More information about the victim compensation amount and fund distribution will be posted at the following website: https://www.justice.gov/civil/case/united-states-v-epsilon-data-management-llc. Victims of elder fraud schemes may also contact the National Elder Fraud Hotline, which provides services to seniors who may be victims of financial fraud. The hotline is staffed by experienced case managers who provide personalized support to callers. The hotline’s toll-free number is 833-FRAUD-11 (833-372-8311).
The U.S. Postal Inspection Service investigated the case. Trial Attorneys Alistair Reader and Ehren Reynolds of the Department of Justice Civil Division’s Consumer Protection Branch and Assistant U.S. Attorneys Hetal J. Doshi and Rebecca Weber of the U.S. Attorney’s Office for the District of Colorado are prosecuting the case.
For more information about the Consumer Protection Branch, visit its website at http://www.justice.gov/civil/consumer-protection-branch. For information on the U.S. Attorney’s Office for the District of Colorado, visit its website at https://www.justice.gov/usao-co.
Source: U.S. Department of Justice