RegImpact
ftcenforcement· Published 12/6/2024

IntelliVision Technologies Corp.; Analysis of Proposed Consent Order To Aid Public Comment

The consent agreement in this matter settles alleged violations of Federal law prohibiting unfair or deceptive acts or practices. The attached Analysis of Proposed Consent Order to Aid Public Comment describes both the allegations in the complaint and the terms of the consent order--embodied in the consent agreement--that would settle these allegations.

What this rule actually says

The FTC settled a case against IntelliVision Technologies for making false claims about their AI product's capabilities and for collecting user data in ways they didn't disclose upfront. The consent order requires them to back up AI performance claims with real evidence and to be transparent about what data gets collected and how it's used.

Who it applies to

  • If you claim your AI achieves specific accuracy rates, detection capabilities, or performance metrics — this applies to you (e.g., "99% accuracy at medical transcription" or "detects hiring bias")
  • If you collect customer data, employee data, or end-user data to train, test, or improve your model — this applies to you
  • If you operate in the US — FTC enforcement covers US-based companies and US customers
  • If you're vague about data retention, sharing with third parties, or deletion policies — this applies to you
  • If you use data for purposes beyond what customers initially agreed to — this applies to you
  • Data scope: Health information, employment records, and behavioral data get extra scrutiny, but the rule applies broadly to any personal data collection

What founders need to do

  1. Audit your marketing claims (2-3 days). List every performance metric, accuracy rate, or capability claim you make in landing pages, pitch decks, and demos. Do you have real test results backing them up? If not, remove or soften the claims now.
  1. Document your evidence (1-2 days). If you do make performance claims, create a simple file showing how you tested them—benchmark dataset, methodology, sample size. You don't need a published paper, but you need *something* defensible.
  1. Write a clear data privacy policy (1-2 days). Explain in plain English: what data you collect, why, how long you keep it, who you share it with (if anyone), and how users can delete it. Post it publicly and get customer consent before collecting data.
  1. Check your data handling practices (ongoing). If you're using customer data to train future models, disclose that explicitly and get permission. Don't sell or share data without clear authorization.
  1. Review any third-party integrations (1 day). If you use vendors for storage or processing, make sure their practices align with what you've promised customers.

Bottom line

Monitor and act now if you make specific performance claims or collect meaningful customer data—get evidence and disclosures in place before the FTC comes looking, but this isn't a mandatory compliance overhaul for basic founders.