
    FEDERAL TRADE COMMISSION, Plaintiff, v. NEOVI, INC., d/b/a Neovi Data Corporation and Qchex.com, et al., Defendants.
    Case No. 06CV1952 JLS (JMA).
    United States District Court, S.D. California.
    Sept. 16, 2008.
    
      Deborah Matties, Lara S. Kaufmann, Patricia Poss, Arturo A. Decastro, Russell Deitch, Sana Coleman Chriss, Federal Trade Commission, Washington, DC, John D. Jacobs, Federal Trade Commission, Los Angeles, CA, for Plaintiff.
    James C. Stevens, Law Office of James C. Stevens, John H. L’Estrange, Jr., Wright and L’Estrange, San Diego, CA, for Defendants.
   ORDER: GRANTING PLAINTIFF’S MOTION FOR SUMMARY JUDGMENT IN PART AND DENYING DEFENDANTS’ MOTION FOR SUMMARY JUDGMENT

JANIS L. SAMMARTINO, District Judge.

Presently before the Court are Defendants’ motion for summary judgment [Doc. No. 82], Plaintiffs opposition [Doc. No. 94], Defendants’ reply [Doc. No. 96], Plaintiffs motion for summary judgment [Doc. No. 89], Defendants’ opposition [Doc. No. 98], and Plaintiffs reply [Doc. No. 100.] For the following reasons, the Court DENIES Defendants’ motion for summary judgment and GRANTS Plaintiffs motion for summary judgment in part.

BACKGROUND

I. Parties

Defendant Neovi is a California corporation. From 2000 through 2006, Neovi marketed a series of software programs that operated on an internet website known as “Qchex.com.” Qchex users would enter their check and bank account information and use the site in order to send checks to third parties via email or the United States Postal Service. Consumers receiving the checks could take them to their banks for deposit. The Qchex system is no longer in operation. Neovi shut the website down on or about October 3, 2006. Neovi offered a similar service, called GoChex, in early 2007. In October 2007, Neovi filed for bankruptcy under Chapter 11.

Defendant G7 Productivity Systems Inc. (“G7”) is a California corporation. G7 produces check software, ink, and paper for sale to U.S. retailers and consumers. G7 participated in the Qchex service by printing checks at its warehouse, among other things. G7’s products, VersaCheck paper and Versalnk, were marketed by Neovi and on the Qchex website. G7 sold the GoChex service on its website, G7ps.com. In its bankruptcy filing, Neovi identified Defendant G7 as one of its largest creditors for monies owed in the amount of $996,699.

Defendant Thomas Villwock is the owner, President, and Chief Executive Office (“CEO”) of Neovi. For G7, Villwock worked as a “business consultant,” but employees of both companies considered him President of G7. Villwock, among other things, designed the Qehex business model.

Defendant James M. Danforth is Neovi’s Vice President, Chief Operating Officer (“COO”), Chief Financial Officer (“CFO”), Treasurer, Secretary, and registered service agent. In addition to his positions at Neovi, Danforth is also G7’s Executive Vice President (“EVP”), CFO, Secretary, and, as with Neovi, its registered service agent. Among other things, Danforth managed Qehex.

After Neovi declared bankruptcy in October 2007, Defendants Villwock and Dan-forth established iProlog Corporation, which hired all Neovi employees and conducts Neovi’s former business activities. Defendant Villwock is the President of iProlog and Defendant Danforth is the Chief Operating Officer. In late December 2007, Defendants Danforth and Villwock launched another website, FreeQuickwire.com (“FQW”). FQW is a check delivery service that is similar to Qehex and GoChex. Defendant Danforth is the Chief Operating Officer of FQW and Defendant Villwock is the President.

II. Qehex System

To use Qehex, a user visited Qchex.com and established a Qehex account by entering his or her purported name and email address, and created a password for the Qehex account. Qehex generated a message to the email address that the user entered, and the user then activated the account by clicking on a link in the email. After activation of the account, the user was prompted to visit the Bank Account Setup Wizard page of the Qehex website to provide information on the bank account on which he or she wished to draw checks, including the bank account routing number and account number.

To request that Qehex create and send a check, the user input the check amount and payee name on Qehex web pages and picked a delivery option. Depending on whether the user requested delivery by email or U.S. Mail, at the prompting of the Qehex website, the user entered information about the intended check recipient’s email address or mailing address. After the user completed the fields in the Qehex check template and clicked the “FINISH” button, Qehex informed the user that Qehex had sent the check.

For e-mail checks, Qehex managed, recorded, and monitored all aspects of the delivery of the Qehex check. When a user submitted a request for an electronic check, the Neovi computer system processed the request and sent the recipient an e-mail from the address “member-services@qchex.com,” which informed the recipient that he or she had received a check payment. The notification e-mail also explained the features of Qehex and advertised paper and ink to purchase for printing of the check. Qehex required the recipient of an e-mail check to have a Qehex account and to download and install “Check Messenger” software from the Qehex website to print the check.

Once the recipient printed the check, the Check Messenger software communicated information about the printing progress and success from the recipient’s computer to the Qehex server. Neovi then sent the user confirmation of when the recipient had printed the e-mail check that the user had requested.

In order to manage these deliveries and delivery notifications, all of the Qehex check data was stored on the Neovi server. Villwock explained that Neovi stored the data on its server because Qehex was a web browser-based system and users did not have databases on their own personal computers that could perform these delivery tasks.

If the user requested delivery by U.S. Mail, the check recipient received the Qchex check in the mail from Defendants. Neovi had a “print service center” where it printed Qchex checks for U.S. mail delivery. The “print service center” was a warehouse operation staffed almost entirely by G7 employees. G7 employees did everything necessary to physically make the check and get it to its intended destination. They printed the checks on blank check stock using a G7 laser printer, folded them, stuffed them in envelopes, ran the envelopes through the Cass (address verification) system, applied postage, and brought them to the post office. G7 performed quality control by scanning checks and looking for duplicates.

As described above, using an interrogative process, Qchex obtained transaction data from the user and then generated and sent checks. Qchex customers provided only the raw data-names addresses, and bank account numbers. Defendants promoted their checks as being negotiable instruments and added elements to the data supplied by the user to generate a negotiable instrument. Defendants converted users’ raw data into a negotiable instrument by taking information from users’ checking accounts and composing a check document that matched U.S. banking regulations when printed. If the Qchex user chose not to upload a signature for Qchex to place on the checks, Qchex automatically inserted bank accepted legal language in the signature field to tell a recipient that the check issuer authorized the check being deposited.

The format of a Qchex check was determined by Neovi and G7, and in fact, Neovi asserted a copyright over the design. Danforth acknowledged that the Qchex website determined the placement of all information on the checks. Qchex users could not make changes to Qchex check formats; they could only choose from a handful of preselected designs made by Neovi. Specifically, Neovi determined that the bank code line would appear at the bottom of a Qchex check. A Qchex user could not change the image of the Qchex check, including the placement of the words “memo,” “to the order of,” or “pay,” or the placement of the signature or bank account lines, the font, or the appearance of a Qchex logo.

III. Security Failures

From the beginning, many “fraudsters” using Qchex began to request checks without having authority over the bank account upon which it was to be drawn. The FTC is alleging that Defendants substantially assisted these fraudsters by failing to take adequate steps to verify that they had actual authority over the bank accounts that they stated belonged to them.

Defendants stated that they tried four different fraud reduction procedures before 2005. First, starting in 2002 or 2003, Neovi utilized a “Qchex Monitor,” which allowed Qchex employees to look for unusual activity in its U.S. Mail service, such as large volumes of high-denomination checks. However, no employee or employees had responsibility for checking it regularly and no specific resources were devoted to using it to detect fraud.

Second, Defendants stated that they encrypted check data and transmitted it using “Check Messenger,” the software program that check recipients downloaded from Qchex. Defendants also offered a product called “CheckScape,” which replaced the bank account and routing number line at the bottom of the check with the bar-coding to hide check data on the face of the check. Neither form of encryption did anything to verify that the person who had requested the check had authority over the bank account.

Third, Neovi claims it blacklisted Internet Protocol (“IP”) addresses that were associated with fraudulent transactions. However, the blacklisting apparently had a low level of efficacy. Fourth, Defendants placed warnings on many of the checks that stated:

This check was created and delivered to you on order of a third party using the Qchex.com service. Qchex.com is NOT a financial institution and cannot validate whether this check was duly authorized by the “payor” (bank account holder) mentioned on the check and whether it will clear. If you are uncertain regarding this check please contact the payor’s bank and/or the payor directly to verify and confirm authenticity, before depositing this check.
Qchex.com is NOT a financial institution and cannot validate whether this check was duly authorized by the “payor” (bank account holder) mentioned on the check and whether it will clear.

Finally, when notified of possible fraudulent use, Neovi froze accounts, on a case-by-case basis, based upon certain criteria. Most often, Neovi required the complainant to provide proof of ownership of a bank account on which a Qchex check had been drawn before it would freeze a Qchex account. The FTC claims that freezing fraudulent accounts was reactive, not proactive, and alone could not effectively combat fraud.

During the first five years of operation Neovi was using these general fraud protection procedures, but fraudsters continued to send bogus checks and consumers continued to complain. Defendants also became victims because some Qchex users started to pay them for services with bogus Qchex checks.

IV. Qchex Validation System

On or about September 5, 2005, Qchex implemented the “Qchex Validation System” (“QVS”). Qchex stated that through QVS a customer would have to demonstrate access to the statements for bank accounts on which a check would be drawn. When a new customer attempted to pay the required fees to draw a Qchex check on an identified bank account, Qchex told the customer that he or she first would have to “validate” the identified bank account using QVS. In the first step of QVS, Qchex made a nominal “micro-deposit” (approximately 3-20 cents) in the bank account identified by the customer. The customer would then have to look at the statement for the identified bank account, or access the account online, and report to Qchex the amount of the micro-deposit. Under this procedure, only after the customer entered the correct amount of the micro-deposit on Qchex.com would Qchex accept payment from the customer for its services, and, subsequently create and deliver checks for that customer. If a user made three failed attempts to enter the amount of the micro-deposit through QVS, the system “froze” the Qchex account and would not permit it to be used to request checks.

Neovi contracted with a payment processor called ACH Direct to allow Neovi to make micro-deposits to bank accounts using the Automated Clearing House (“ACH”) system. However, this QVS system had multiple flaws and ultimately proved unsuccessful. As early as January 2006, ACH Direct notified Neovi that about one-third of Qchex micro-deposits made through ACH under QVS were being rejected. ACH documents now show that about 50% of Qchex micro-deposits through ACH transactions under QVS were rejected. On May 5, 2006 ACH effectively terminated their contract with Neovi thereby rendering QVS ineffective.

V. Consumer Complaints

Not long after Qchex began operating, Defendants started receiving numerous complaints about fraud resulting from operation of the Qchex system. The complaints came from a multitude of sources. For example, Defendants received complaints from at least 186 federal, state, and local law enforcement agencies. They also received as many as 26 subpoenas for docüments or testimony in various state and federal cases. Approximately 281 other consumers, businesses, and banks sent letters or faxes demanding information about fraudulent checks. Prior to 2005, Defendants received approximately 176 of these complaints — 40 of which were from law enforcement agencies. In 2003 alone, 123 of these complaints reached Defendants. Employees of both Neovi and G7 received and responded to complaints about Qchex.

Among these complaints, numerous consumers and businesses complained that they had their bank accounts accessed or had checks drawn on their accounts without authorization. Indeed, Defendant Danforth acknowledged as much. Well known companies, institutions, and even government agencies such as the University of Chicago, Goldman Sachs, and the Federal Communications Commission complained asserting that a Qchex check was created by Defendants in their names and with their account numbers. At a time, roughly 62% of the greater than 18,000 telephone calls Defendants received from Qchex concerned fraud. Yet, when consumers requested help from Defendants in dealing with fraudulent Qchex activity, Defendants provided little, if any, information.

Many consumers had no opportunity or ability to avoid the fraudulent unauthorized debiting of their bank accounts by unverified Qchex checks. They were not Qchex customers, had never requested goods or services from Qchex, and only learned about the unauthorized access after the injury had occurred. Qchex checks were drawn on their accounts — about 37,-369 bank accounts — without their knowledge or consent. Presumably, because not all consumers carefully review their bank statements, some number of consumers never even realized that they were victims of unauthorized withdrawals. Frequently, these consumers turned to their banks for help in contesting the checks, in protecting their accounts, and if funds were withdrawn, in getting their money back.

According to the Qchex database, from 2000 to 2006, Qchex sent nearly 155,000 checks from 13,770 Qchex accounts that later were frozen for fraud. Those 13,770 frozen Qchex accounts had supplied 37,369 discrete bank account numbers on which these checks were drawn. Those checks represented $402,753,276 of value, more than half of the entire $803,565,391 worth of Qchex checks produced overall. However, there is not sufficient information in the record to definitively quantify the number of fraudulent items Defendants fraudulently created. Finally, the FTC alleges that Defendants had cost-effective verification methods available to them that would not have impacted any purported benefits of the Qchex system. [Pl.’s Motion at 8-25.]

As a result, the FTC is now seeking an injunction that, in part: (1) “prohibits defendants from creating and delivering checks without adopting reasonable verification procedures;” (2) “restrains Defendants from failing to respond to consumer complaints;” (3) prohibits Defendants from failing to protect consumers’ private financial account information; (4) orders Defendants to disgorge $535,358; and (5) orders Defendants to comply with monitoring and reporting requirements. [Pl.’s Motion at 42-45.]

PROCEDURAL BACKGROUND

On September 19, 2006, Plaintiff filed a complaint against Defendants. [Doc. No. 1.] On January 18, 2007, Judge Hayes denied Plaintiffs motion for a preliminary injunction. [Doc. No. 32.] On October 2, 2007, the case was reassigned to this Court. On January 11, 2008, 2008 WL 131361, this Court granted Plaintiffs 56(f) motion and denied Defendants’ motion for summary judgment without prejudice. [Doc. No. 71.]

LEGAL STANDARD

Summary judgment is appropriate under Rule 56 of the Federal Rules of Civil Procedure if the moving party demonstrates the absence of a genuine issue of material fact and entitlement to judgment as a matter of law. Celotex Corp. v. Catrett, 477 U.S. 317, 322, 106 S.Ct. 2548, 91 L.Ed.2d 265 (1986). A fact is material when, under the governing substantive law, it could affect the outcome of the case. Anderson v. Liberty Lobby, Inc., 477 U.S. 242, 248, 106 S.Ct. 2505, 91 L.Ed.2d 202 (1986); Freeman v. Arpaio, 125 F.3d 732, 735 (9th Cir.1997). A dispute is genuine if a reasonable jury could return a verdict for the nonmoving party. Anderson, 477 U.S. at 248, 106 S.Ct. 2505.

A party seeking summary judgment always bears the initial burden of establishing the absence of a genuine issue of material fact. Celotex, 477 U.S. at 323, 106 S.Ct. 2548. The moving party can satisfy this burden in two ways: (1) by presenting evidence that negates an essential element of the nonmoving party’s case; or (2) by demonstrating that the nonmoving party failed to establish an essential element of the nonmoving party’s case on which the nonmoving party bears the burden of proving at trial. Id. at 322-23, 106 S.Ct. 2548. “Disputes over irrelevant or unnecessary facts will not preclude a grant of summary judgment.” T.W. Elec. Serv., Inc. v. Pacific Elec. Contractors Ass’n, 809 F.2d 626, 630 (9th Cir.1987).

Once the moving party establishes the absence of genuine issues of material fact, the burden shifts to the nonmoving party to set forth facts showing that a genuine issue of disputed fact remains. Celotex, 477 U.S. at 321, 106 S.Ct. 2548. The non-moving party cannot oppose a properly supported summary judgment motion by “resting] on mere allegations or denials of his pleadings.” Anderson, 477 U.S. at 256, 106 S.Ct. 2505. When ruling on a summary judgment motion, the court must view all inferences drawn from the underlying facts in the light most favorable to the nonmoving party. Matsushita Elec. Indus. Co. v. Zenith Radio Corp., 475 U.S. 574, 587, 106 S.Ct. 1348, 89 L.Ed.2d 538 (1986).

ANALYSIS

I. The FTC Has Shown that Defendants’ Business Practice was Unfair

A. The FTC Has Demonstrated that Defendants’ Business Practice Caused Consumers Substantial Injury

A practice is unfair under the FTC Act if: (1) it causes or is likely to cause substantial injury to consumers, (2) the injury is not reasonably avoidable by consumers themselves, and (3) the injury is not outweighed by countervailing benefits to consumers or to competition. 15 U.S.C. § 45(n); FTC v. J.K. Publs., Inc., 99 F.Supp.2d 1176, 1200 (C.D.Cal.2000); FTC v. IFC Credit Corp., 543 F.Supp.2d 925, 945 (N.D.Ill.2008). The law does not require the FTC to prove that Qchex intended to defraud its customers. FTC v. Accusearch Inc., No. 6:CV105-D, 2007 WL 4356786, at *6-7 (D.Wyo. Sept. 28, 2007).

The Supreme Court has stated that “courts are to give some deference to the Commission’s informed judgment that a particular commercial practice is to be condemned as ‘unfair[J ” and that the “standard of ‘unfairness’ under the FTC Act is, by necessity, an elusive one, encompassing not only practices that violate the Sherman Act and the other antitrust laws, but also practices that the Commission determines are against public policy for other reasons.” FTC v. Indiana Federation of Dentists, 476 U.S. 447, 454, 106 S.Ct. 2009, 90 L.Ed.2d 445 (1986). Finally, in related cases, district courts have found unauthorized billing practices “unfair.” FTC v. J.K Publ’ns. Inc., 99 F.Supp.2d 1176, 1201-03 (C.D.Cal.2000); FTC v. Windward Marketing, 1997 WL 33642380, at *12-13, 1997 U.S. Dist. LEXIS 17114, at *37-38 (N.D.Ga. Sept. 30, 1997).

1. Causation

The parties disagree as to whether Defendants’ actions actually caused the consumers’ injuries. Plaintiffs argue that Defendants’ creation and implementation of the Qchex system and their failure to maintain reasonable verification measures caused consumers harm. Defendants maintain that they merely offered a “morally neutral” software program and that third-party fraudsters manipulated their services to cause consumers harm. The Court finds that the fraudsters and the Defendants caused consumers substantial harm and that they should all be held accountable.

Several cases show that the FTC has established causation under the FTC Act. First, in FTC v. Accusearch, the court found Defendants liable for obtaining and selling confidential consumer phone records without the affected customers’ authorization. Defendant Accusearch did business as “Abika.com,” a website that offered a variety of information products, including GPS traces disclosing the exact location of a cell phone at a given time, Social Security verification, utility records, DMV records, e-mail look-ups, and records of telephone call details. The court noted that federal law makes consumer phone records confidential and prohibits their unauthorized release. It stated that the only way a third party could obtain a consumer’s phone records without the consumer’s permission, or as otherwise authorized by law, is through theft or deception. In the FTC’s complaint, it did not allege that the defendants themselves contacted the telephone companies or directly obtained the telephone records at issue. Instead, the FTC sought to hold the defendants liable for obtaining those confidential phone records from outside “vendors,” and then selling them to its website users. Accusearch, 2007 WL 4356786, at *1-3.

Defendants argued that because there was no evidence that they engaged in false or fraudulent tactics to obtain consumer phone records, the FTC was really seeking to hold them vicariously liable for the acts of third parties over whom they had no control. They further argued that their independent conduct did not rise to the level of an unfair business practice. The court disagreed and noted:

In this regard, Defendants fundamentally misapprehend the nature of the FTC’s complaint. The FTC’s cause of action is based on unfairness, not deception, and the absence of proof that Defendants directly engaged in deception is completely irrelevant. The wrongdoing at the heart of the FTC’s Complaint is that the Defendants obtained and sold consumers’ confidential phone records, causing those consumers substantial harm.... Additionally, the FTC seeks to hold Defendants liable solely for their own conduct, not anyone else’s. The plain language of the Complaint charges that Defendants’ actions in obtaining and selling confidential phone records caused substantial injury and was unfair. That charge is supported by uncontradicted evidence of the Defendants’ direct acts. It is for these acts and the resulting injury they caused for which the FTC seeks to hold Defendants liable.

Next, the court explained those direct acts:

Defendants advertised the availability of phone records for sale, took orders from customers and were paid by those customers at a price set by Defendants. Defendants sent its customer order information to its vendors for fulfillment, for which it paid the price set by the vendor. Defendants received the phone records, handled customer service inquiries, paid refunds to customers, and sent the ordered requests to customers. Importantly, Defendants ignored indications from its customers and vendors that the consumers whose phone records were being ordered wanted to keep those records private.

Accusearch, 2007 WL 4356786, at *6-7.

Another case, FTC v. Windward Marketing, Ltd., 1997 WL 33642380, at *12-13, 1997 U.S. Dist. LEXIS 17114, at *37-38 (N.D.Ga. Sept. 30, 1997), also supports finding Defendants liable. There, the FTC brought suit against multiple defendants, some of whom initiated and operated a deceptive telemarketing scheme, while others, Defendant Wholesale and its officers, deposited unauthorized bank drafts into bank accounts. Defendant Wholesale and its officers did not make misrepresentations to consumers and they did not initiate the fraudulent scheme. Instead, the court found Defendant Wholesale facilitated and provided substantial assistance to the other defendants who initiated the fraudulent scheme. Id. at *11-12, 1997 U.S. Dist. LEXIS 17114 at *33. Wholesale had argued that it had “no reason” to believe that the bank drafts it was depositing were not authorized, but the court credited evidence that Wholesale continued to deposit drafts despite receiving notice of consumer complaints and being aware that approximately forty percent of the bank drafts were returned unauthorized. Id. at *12, 1997 U.S. Dist. LEXIS 17114 at *34-35. The court granted summary judgment in favor of the FTC and against Defendant Wholesale and its officers. It ultimately found Defendant Wholesale liable for its own unfair practices committed during the telemarketing operation because Wholesale’s acts satisfied the three prong statutory test for unfairness. Id. at *12-13, 1997 U.S. Dist. LEXIS 17114 at *37-38.

Here, the circumstances are similar in that Defendants’ business practice significantly facilitated fraudulent activity. Defendants used their website and check creation expertise to convert consumers’ raw data into a negotiable instrument that matched U.S. banking regulations when printed. Defendants also e-mailed the checks, printed the checks using Neovi’s “print service center,” and mailed the checks. Further, as the FTC alleged, they created and delivered checks without a reasonable level of verification at the request of Qchex customers — in many instances, fraudsters. The evidence shows that the launch of Qchex.com was a “dinner bell” for fraudsters and resulted in a high number of accounts frozen for fraud, and the large number and high value of checks (about fifty percent of the value of all Qchex checks) written on those accounts. Defendants knew of the high level of fraud from their own files and the complaints, and, like Defendant Wholesale, who knew of unauthorized deposits, they chose to continue to operate without sufficient verification measures. Therefore, after reviewing the evidence and the case law, and giving “some deference” the FTC’s theory of liability under the Act, the Court finds that the FTC has satisfied the element of causation.

2. Substantial Harm

To establish substantial injury under Section 5 of the FTC Act, the FTC must show that “consumers were injured by a practice for which they did not bargain.” J.K. Publ’ns., 99 F.Supp.2d at 1201. “Injury is sufficiently substantial even if it causes a small harm to a large class of people.” Id. (citing Windward, 1997 WL 33642380 at *11, 1997 U.S. Dist. LEXIS at *31-32); see also F.T.C. v. Pantron I Corp., 33 F.3d 1088, 1102 (9th Cir. 1994). Furthermore, the type of harm need not be monetary to qualify as an injury. Accusearch, 2007 WL 4356786 at *18 (finding that the resources expended changing phone carriers and addressing upgrades to the security accounts are cognizable injuries). In this instance, Defendants’ own records show that their failure to employ and maintain adequate verification procedures, over approximately six years, led to substantial losses for consumers that had unauthorized checks drawn on their bank accounts.

Consumers not only lost the use of funds withdrawn from their accounts, but they often spent a considerable amount of time and resources contesting the checks at their banks, protecting their accounts, and attempting to get their money back. As Danforth conceded, the time consumers spent in these efforts was valuable. Account holders who decided to close their compromised bank accounts also expended a considerable amount of time, effort, and money in opening new bank accounts. This step usually required the consumer to incur additional expenses in purchasing new checks and changing various existing payment arrangements with creditors. Based on this evidence, there is no genuine issue of material fact that consumers suffered substantial injury as a result of Defendants’ operation of the Qchex system. [Pl.’s Motion at 19-20, 35-36.]

B. Consumers Could Not Reasonably Avoid the Substantial Injury

The substantial injury consumers suffered as a result of Defendants’ operation of Qchex was not reasonably avoidable. If consumers do not have a “free and informed choice that would have enabled them to avoid the unfair practice, the injury was not reasonably avoidable.” J.K Publ’ns, 99 F.Supp.2d at 1201 (citation omitted). In this case, consumers who had their bank accounts accessed without authorization had no chance whatsoever to avoid the injury before it occurred. Indeed, many consumer victims learned about the unauthorized access of their bank account only after receiving a bank statement showing that their account had been looted. Many of these consumers were neither Qchex users nor customers, and had not requested Qchex goods or services. The FTC has also offered evidence showing that numerous other consumers who received fraudulent Qchex checks did not know that the checks were unauthorized and reasonably believed that the transactions in which they engaged were legitimate. Furthermore, Defendants provided minimal information to injured consumers who complained about Qchex fraud, and thereby made it difficult for them to investigate and stop fraudulent activity on their bank accounts.

C. The Purported Benefits to Consumers or Competition From Defendants’ Practices Do Not Outweigh Consumer Injury

This prong of the test is easily satisfied “when a practice produces clear adverse consequences for consumers that are not accompanied by an increase in services or benefits to consumers or by benefits to competition.” J.K. Publ’ns, 99 F.Supp.2d at 1201 (citing Windward, 1997 WL 33642380, at *11, 1997 U.S. Dist. LEXIS 17114, at *32).

In sum, substantial consumer injury in this case resulted from Defendants’ creation and delivery of over 100,000 unauthorized checks, on about 37,000 accounts, without reasonable verification of the user’s authority over the accounts used. Defendants’ own records show millions of dollars of checks issued from Qchex accounts that were frozen for fraud. The amount of this injury is large, based upon both the voluminous number of accounts frozen for fraud and the cost of account holders’ time and other expenses. Further, expert testimony from Dr. Mann established that Defendants’ business model did not provide any advantage over other payment options and that any benefits were small. Dr. Mann states that Qchex did not have a positive impact in the marketplace and did not benefit competition. [Mann Deck at 10-16.] Defendants did not provide any legitimate evidence to the contrary.

II. Defendants Neovi and G7 Formed a Common Enterprise

When determining whether a common enterprise exists, courts look at a variety of factors, including: common control, sharing of office space and officers, whether business is transacted through a “maze of interrelated companies,” the commingling of corporate funds, unified advertising, and any other evidence revealing that no real distinction existed between the corporate defendants. J.K. Publ’ns., 99 F.Supp.2d at 1201-02; FTC v. Wolf, 1996 WL 812940, at *8, 1997-1 Trade Cases ¶ 71, 713 (S.D.Fla. Jan. 31, 1996); Sunshine Art Studios, Inc. v. FTC, 481 F.2d 1171, 1175 (1st Cir.1973); Delaware Watch Co. v. FTC, 332 F.2d 745, 746 (2d Cir. 1964).

G7 and Neovi have separate articles of incorporation and by-laws, but the evidence shows that there is no real distinction between the companies for the purposes of assessing liability under FTC case law. Defendants also did not dispute this allegation in their opposition. Defendants shared office space, employees, payroll funds, and other expenses. They did so in the absence of any written agreements. G7 and Neovi also engaged in unified advertising for Qchex-related and G7-related products. The companies were both controlled by Villwock and Danforth. In sum, Neovi and G7’s operations, finances, employees, physical infrastructure, and business strategy were tightly interwoven. Therefore, the Court finds that Neovi and G7 operated as a common enterprise and will hold them jointly and severally liable.

III. Individual Defendants Villwock and Danforth are Liable for the Corporate Business Practices

Individual defendants may be held liable for injunctive relief for the corporate defendants’ violations of the FTC Act if the FTC demonstrates that the individual defendants participated directly in the wrongful acts or practices, or had authority to control the corporations. J.K. Publ’ns., 99 F.Supp.2d at 1203-04; FTC v. Publishing Clearing House, Inc., 104 F.3d 1168, 1170 (9th Cir.1997) (citing FTC v. American Standard Credit Sys., Inc., 874 F.Supp. 1080, 1087 (C.D.Cal.1994)). “Authority to control the company can be evidenced by active involvement in business affairs and the making of corporate policy.” American Standard Credit Sys., 874 F.Supp. at 1089 (citing FTC v. Amy Travel Service, Inc., 875 F.2d 564, 573-74 (7th Cir.1989)). An individual’s status as a corporate officer and authority to sign documents on behalf of the corporate defendant can be sufficient to demonstrate the requisite control. Publishing Clearing House, 104 F.3d at 1170.

To be held liable for restitution, the FTC must show, in addition to the above, that the individual defendants had knowledge that the corporation or one of its agents engaged in the wrongful acts or practices. Id. at 1171. To satisfy the knowledge requirement, the FTC must establish that the individual defendant either: (1) had actual knowledge of the wrongful acts or practices; (2) was recklessly indifferent to whether or not the corporate acts or practices were fraudulent; or (3) had an awareness of a high probability that the corporation was engaged in fraudulent practices along with an intentional avoidance of the truth. Id.; Windward Marketing, 1997 WL 33642380, at *13, 1997 U.S. LEXIS 17114, at *39. The FTC does not need to show that an individual defendant intended to defraud consumers in order to hold that individual personally liable. J.K Publ’ns., 99 F.Supp.2d at 1203-04; Publishing Clearing House, 104 F.3d at 1171.

Here, the Court agrees with the FTC that Villwock and Danforth had the authority to control the corporate Defendants’ unfair practices, that they participated in those activities, and that they knew of those activities. Defendants also do not dispute this specific allegation in their opposition. They managed corporate affairs, directed employees, monitored Qchex account data, responded to complaints, and controlled the resources dedicated to verification measures. Since they responded to many consumer and governmental complaints, they had actual knowledge that there was widespread fraud on their system, and that the Qchex operation was leading to a significant number of consumer injuries. They had the authority to either shut down the operation or implement reasonable verification measures, and they did neither.

IV. Remedy

Plaintiff seeks an order from this Court that in part: (1) directs Defendants to disgorge $535,358 in profits; (2) subjects Defendants to monitoring and compliance requirements; (3) mandates Defendants to “take reasonable steps” to protect bank account information; and (4) prohibits Defendants from creating and delivering checks without “reasonable verification procedures.” [Pl.’s Motion at 43.] It appears that disgorgement may be appropriate; however the Court finds the other requested injunctive relief troubling. In its reply, Plaintiff stated:

[W]hether Defendants’ verification steps are reasonable will depend upon the quality of their documentation and the commercially reasonable authentication measures available to Defendants at the time the steps were taken. A comparison of their steps to the practices of others in the industry who create and deliver checks or otherwise authorize access to bank accounts would also be relevant.

[Pl.’s Reply at 8.] Essentially, Plaintiff is asking the Court to hold Defendants liable whenever they enter into a similar business and maintain verification measures that fall to some indefinite point below their competitors. By asking the Court to determine that point and to define “reasonable” steps and verification measures, it seems that Plaintiff is virtually asking the Court to adopt the role of a regulatory agency and act outside its scope. The Court will not adopt such a role. Instead, it only appears appropriate for the Court to intervene, if, and when, the FTC brings a subsequent action against the Defendants alleging that they violated the FTC Act in carrying out their new business.

Moreover, Federal Rule of Civil Procedure 65(d) requires an injunction to “state its terms specifically” and “describe in reasonable detail — and not by referring to the complaint or other document — the act or acts restrained or required.” Further, “[t]he specificity provisions of Rule 65(d) are no mere technical requirements. The Rule was designed to prevent uncertainty and confusion on the part of those faced with injunctive orders, and to avoid the possible founding of a contempt citation on a decree too vague to be understood.” Fortyune v. Am. Multi-Cinema, Inc., 364 F.3d 1075, 1087 (9th Cir.2004) (quoting Schmidt v. Lessard, 414 U.S. 473, 476, 94 S.Ct. 713, 38 L.Ed.2d 661 (1974)). Here, the proposed injunction does not appear to satisfy Rule 65(d)’s requirements since it is unspecific and overly vague. Therefore, the Court requests that Plaintiff submit a ten (10) page supplemental brief that provides authority for the proposed injunctive relief by October 8, 2008. Defendants may respond to that brief with their own 10 page brief by October 29, 2008. See Accusearch, 2007 WL 4356786, at *10 (finding liability but setting an evidentiary hearing to determine appropriate injunctive relief).

CONCLUSION

The Court DENIES Defendants’ motion for summary judgment and GRANTS Plaintiffs motion for summary judgment, in part, because it will rule on the remedy after the parties file supplemental briefs.

IT IS SO ORDERED. 
      
      . These facts are derived largely from the background facts set forth in the FTC’s motion for summary judgment. Overall, Defendants have not significantly disputed these facts.
     
      
      . Almost 40% of Qchex checks sent by U.S. Mail came from accounts that were marked "frozen for fraud” by Qchex.
     
      
      . In arguing that Plaintiff failed to establish causation, Defendants raise California state cases that discuss causation under a related statute, California's Unfair Competition Law ("UCL''). The Court is not persuaded by these cases because they are not from federal courts and they discuss a different state statute that does not have the same three prong FTC Act test.
     
      
      . Keenan v. Allan, 91 F.3d 1275, 1279 (9th Cir.l996).("Il is not our task, or that of the district court, to scour the record in search of a genuine issue of triable fact. We rely on the nonmoving party to identify with reasonable particularity the evidence that precludes summary judgment.”).
     
      
      . The parties have each filed evidentiary objections. However, in deciding the present motions, the Court has only relied upon admissible evidence.
     