Giving credit where none is due?

Imagine what could happen if a company could get your credit-card or bank-account number without ever having to ask you for it. It could bill your credit card or take money from your checking account without your ever agreeing to buy anything.
Sound far-fetched? Well, get used to it -- and learn how to guard your money more carefully. Marketing by companies that already have access to your account number has been happening for years now, and two attempts to clamp down on it haven't stopped the wiliest companies from finding new loopholes.
The best-known examples led to lawsuits by state attorneys general against MemberWorks, a Connecticut telemarketer, and several large banks that provided account numbers to it. A similar suit accused Fleet Mortgage of enabling telemarketers to tack small monthly charges onto mortgage bills of customers who said they never knowingly bought anything.
Both sets of suits were settled, and the MemberWorks cases led Congress to bar the sharing of account numbers in 1999. But the ban was quickly circumvented when bank regulators ruled that the numbers could be shared so long as they were encrypted. To decrypt them, all the marketer has to do is tell the bank electronically that it has made a sale.
Phone authorization
This April, the Federal Trade Commission tried a different approach: It amended its Telemarketing Sales Rule to require marketers to take two steps designed to protect you from businesses that call pre-armed with your account numbers:
The entire call has to be recorded -- not just the portion in which they obtain your consent.
You have to give at least the last four digits of your account number to the marketer.
Is that enough? "It's an important change," says Prentiss Cox, the assistant Minnesota attorney general who led the charge against MemberWorks and Fleet. "Whether it shuts down this sort of marketing remains to be seen."
The jury's still out, in part because of complaints like the ones that prompted my call to Cox recently.
Partnership with AOL
This summer, I told you about Tom Mulqueen, a Downingtown, Pa., engineer who discovered a mysterious $135 charge on his credit-card bill for something called "MKS Privacy Plus." Though the bill didn't say, the company behind it was MemberWorks.
How had MemberWorks obtained Mulqueen's credit-card number? From America Online, his Internet service provider -- a company not governed by telemarketing laws or regulations. MemberWorks is one of AOL's marketing partners, and AOL policies allow it to provide account numbers to vendors when members buy goods or services while online.
Mulqueen got a credit when he called to complain -- MemberWorks says it has a "No questions asked" refund policy when consumers contend that charges were unauthorized.
But other consumers have had a tougher time. I've heard from more than a dozen other unintentional buyers of Privacy Plus, most of whose bills contained no clue of who was behind the charge. Their stories show some of what consumers are up against.
Letting it slide
One challenge might be called the "Hey, nobody notices if it's just a few dollars" factor.
Misha Barney of Traverse City, Mich., says she first let it slide when she was billed $9.95 for Privacy Plus. She only complained when she realized it would be a monthly charge.
Another challenge was encountered by Joni Vanderbilt of Kenab, Utah, whose Chase Manhattan credit-card bill recently bore an $8.95 monthly charge for a MemberWorks membership club called "Essentials."
When Vanderbilt called Chase to dispute the charge, she was told -- incorrectly -- that she couldn't because the company was a Chase affiliate. She says she was advised to call MemberWorks instead.
Cox says such instructions illustrate another common tactic: To avoid having a high percentage of sales canceled by credit-card disputes, which might be a red flag for questionable sales tactics, marketers try to steer complaints back to their own personnel.
That way, a "No questions asked" refund policy protects them, too: Consumers who track down an unauthorized charge get a cheerful refund. Those who don't are gravy.
A loss of control
Cox isn't saying it's always nefarious if you're contacted by a company that knows your credit-card number. "What I can say is that this form of marketing has the inherent potential of being deceptive," he says.
His big concern is that it takes away the consumer's traditional leverage in the marketplace: the ability to decide whether you will, or won't, fork over cash or your credit card.
Until all the loopholes are closed, consumers have to assume they've lost that leverage.
Watch your account statements closely. If there's anything odd, call up and ask about it. If you didn't mean to buy the product or service, file a formal dispute of the charge or debit.
And be wary of marketers who seem to have twisted the old proverb into "Whenever God closes one loophole, he opens another somewhere else."
XJeff Gelles is a columnist for The Philadelphia Inquirer. Write to him at: The Philadelphia Inquirer, P.O. Box 8263, Philadelphia, Pa. 19101 or e-mail consumerwatch@phillynews.com.