Remember MoviePass? The $10-a-month service that would let you buy as many movie tickets as you wanted? Well, new reports and details from the U.S. Federal Trade Commission suggest the company changed passwords for power users, making it harder for them to buy tickets.
The FTC said the MoviePass subscription service decided to settle with the commission over allegations that MoviePass limited how much people could use the service and failing to secure each user’s personal data.
- “MoviePass and its executives went to great lengths to deny consumers access to the service they paid for while also failing to secure their personal information,” Daniel Kaufman, the FTC’s acting director of the Bureau of Consumer Protection, said in a statement. “The FTC will continue working to protect consumers from deception and to ensure that businesses deliver on their promises.”
The FTC said MoviePass participated in “three tactics to prevent subscribers from using the service as advertised.”
- MoviePass “invalidated subscriber passwords while falsely claiming to have detected ‘suspicious activity or potential fraud’ on the accounts,” according to the FTC.
- MoviePass operators “launched a ticket verification program to discourage use of the service,” according to the FTC. The program required people to take photos of their ticket stubs for approval. Failing to do so could lead to subscription cancellations.
- MoviePass would use “trip wires” to block “certain groups of users — typically those who viewed more than three movies per month — from utilizing the service after they collectively hit certain thresholds based on their monthly cost to the company,” according to the FTC.
MoviePass, the parent company Helios and Matheson Analytics Inc., and company leaders Mitchell Lowe and Theodore Farnsworth will now be “barred from misrepresenting their business and data security practices,” according to the FTC. This means the companies must be transparent about their business and data in the future and not mislead users about what is happening.
- Any company owned by those parties “must implement comprehensive information security programs,” according to the FTC.