The Federal Trade Commission illegally published the private financial data of William H. Isely, the 84-year-old target of a recently dismissed FTC complaint, on the agency’s website (www.ftc.gov) sometime in the past few days. Isely submitted the confidential information to the FTC as part of an application to recover over $130,000 in attorney fees, expenses, and lost business arising from the agency’s malicious prosecution.
FTC employees posted Isely’s entire application for attorney fees without redacting more than eighty pages of confidential information detailing the finances of Isely and his wife, who was not a defendant in the case. The FTC published the Iselys’ social security numbers, bank account numbers, credit card numbers, and federal income tax returns for the past five years, among other items.* FTC rules required the Iselys to provide this information as a precondition to receive an award of attorney fees due to the Commission’s wrongdoing; the FTC will not compensate wrongfully-prosecuted defendants if their net worth exceeds a certain value.The illegal publication was discovered late Wednesday afternoon. The FTC and Isely’s attorney were notified about 4:45 p.m. yesterday, but the document was not removed from www.ftc.gov until approximately 9:45 a.m. this morning – seventeen hours later. It’s unknown exactly how long the document was publicly available. The fee application was dated December 1 and marked-as-received by the FTC the next day. It’s likely the document had been on the website since at least Monday, December 7.
FTC Secretary Donald S. Clark is responsible for posting the fee application to the agency’s website. In a telephone interview, Clark blamed Isely’s attorney, Matthew Van Horn, for failing to label his fee application as “confidential,” and not requesting permission to file separate public and non-public versions. Clark declined to comment on whether the FTC broke any laws.
However, 5 U.S.C. Â§ 552a expressly prohibits a government agency from disclosing records containing an individual’s financial transactions, name, or “identifying number,” among other items. Government employees who “willfully” disclose confidential records are subject to misdemeanor charges and a maximum fine of five thousand dollars.
And while FTC rules may specify a procedure for separately filing non-public documents, those rules do not govern whether and how Clark’s office publishes documents at www.ftc.gov. Here, the fee application was apparently filed by Van Horn in paper form and then converted by Clark’s office into an electronic PDF that was posted to the website. Although a quick review of the fee application revealed the existence of clearly private information, nobody in Clark’s office either caught this or thought it might be a problem.
Not surprisingly, the FTC does not accept such excuses at face value when regulating private businesses. For example, in February 2009, CVS Caremark settled FTC charges that the company “failed to take reasonable and appropriate security measures to protect the sensitive financial and medical information of its customers and employees.” The FTC alleged that CVS pharmacies “discarded materials containing personal information…in unsecured, publicly-accessible trash dumpsters on numerous occasions.” The company was cited for both failing to adopt adequate privacy policies and failing to train employees on how to handle sensitive information. (In addition to the FTC settlement, CVS also paid a $2.25 million fine to the Department of Health and Human Services.)
As the CVS case demonstrates, the FTC views itself as the nation’s primary defender of “consumer privacy.” Just this past Monday, FTC Chairman Jon Leibowitz convened the first in a series of “exploring privacy” roundtables. Leibowitz has previously said, in regard to businesses that collect consumer information for advertising purposes, “If we see problems…the commission won’t hesitate to bring cases, or even break thumbs.”
Unlike CVS or an online advertiser, however, the FTC didn’t mishandle data obtained from customers; it exposed the personal finances of a man who recently defeated the FTC before its own administrative law judge. As reported on Mises.org last month, the FTC falsely accused Isely, of running a website, www.agaricus.net, that supposedly contained false and misleading statements related to the health benefits of certain dietary supplements. The case is part of a larger FTC campaign to censor the Internet by outlawing personal testimonials and other statements regarding the medicinal use of natural products like herbs and mushrooms.
Isely was not the owner or operator of the website in question, but FTC prosecutor Barbara Bolton and her investigator, Michael Liggins, deliberately ignored evidence that another individual, a non-U.S. resident outside the FTC’s jurisdiction, was the actual owner.
D. Michael Chappell, the FTC’s chief administrative law judge, filed an initial decision on September 16 dismissing the complaint against Isely. On Monday, Secretary Clark filed notice that there would be no appeal of Chappell’s decision, which is now the FTC’s final decision.
In his application to recover attorney fees and expenses, Isely said he “was taken advantage of” by FTC staff, who “used the power and resources of the Federal Trade Commission in attempt to coerce [him] to admitting liability.” He described how his “business was destroyed” by the FTC’s false charges. Isely, whose reported net worth is less than fifty thousand dollars, seeks $89,330.19 to pay his legal bill to Van Horn, $6,000.06 for travel and related expenses, and $36,902.11 for “loss of business income” – a total of $132,232.36.
If approved by Judge Chappell, taxpayers would be on the hook for the full amount; neither Barbara Bolton, the FTC attorney who prosecuted the case, nor any of her superiors at the Commission can be held personally liable for their misconduct. Additionally, it is unknown how much Bolton and her staff spent to prosecute Isely; the FTC has illegally refused to answer a Freedom of Information Act request filed more than two months ago seeking disclosure of the agency’s expenditures in this case.
* Isely and his wife disclosed their home address; telephone numbers; social security numbers; the names, locations, and numbers of their safe deposit boxes; cash-on-hand; the names, locations, and full numbers of their personal and business bank accounts; information regarding a life insurance policy; a list of all personal property; the identity, registration, and assessed value of their personal vehicles; the location and assessed value of real property solely in Mrs. Isely’s name; the names, full account numbers, and current balances of several credit cards; a list of any taxes owed; a list of federal tax returns, and expected refunds, for the past three years; a list of all asset transfers completed within the past three years; and complete bank account and credit card statements. Isely also provided his complete federal tax returns for the past five years in support of his request for reimbursement of lost business income.