Normally, bad weather on a Friday night is a good excuse to stay home and watch a movie, but not this week. Friday night's quick-moving thunderstorms hit several states from Indiana to Maryland, but the storm's impact was felt around the Web.

The storm, which packed winds of up to 90 mph, knocked out power to millions of homes -- and to some of Amazon's Cloud services in Northern Virginia. That took Netflix offline.  Web users who went hunting for other distractions found even more frustration, as Pinterest.com was also knocked offline, and the Instagram photo-sharing service wasn't working either.

Amazon's Cloud services status page was full of power-related error messages. Amazon's ElastiCache, for example, indicated that starting at 8:43 p.m., the service was "affected by a power event."  At 9:25 p.m., this message was posted: "We can confirm that a large number of cache clusters are impaired. We are actively working on recovering them."

Netflix users took to Twitter to air their disbelief at the service outage.

"Netflix isn't working on possibly the most emotional night of my life. It's official ... this is NOT real life," wrote one Twitter user. 

"Everything good is down," complained another.

Neither Netflix nor Amazon can be blamed for Mother Nature's ferocious attack. The storm, which swept through Virginia and Maryland during a harrowing two-hour stretch, uprooted trees across the region, closed roads and damaged homes, and is currently blamed for at least one death.

 Follow Bob Sullivan on Facebook.
*Follow Bob Sullivan on Twitter.

A two-income American family with an average income that dutifully invests in a 401(k) plan using typical strategies will lose $155,000 – or about 30 percent of what they should have saved for retirement -- to Wall Street fees, according to a study by an economic justice advocacy organization. 

The Demos study, released last month, is just the latest in a long string of research showing 401(k) plans are a better deal for Wall Street than for you. Many show that people lose about one-third of their retirement money to fees that they don't even know they're paying. The actual lifetime impact of fees is a matter of widespread debate, but it shouldn’t be. In one dramatic example, John Bogle, the inventor of index funds, demonstrated how fees can consume 80 percent of an investor's money through something he’d dubbed “the tyranny of compounding fees.” (Click on the link to see his proof.)

But some relief may be on the way. Regulations first set in motion in in 2007 (!) will finally kick in next week. Soon, 401(k) statements will include a fact box -- similar to the new info-boxes on credit card bills -- that lists the fee rates (“expense ratios’) associated with fund selections and shows in dollars how much the investor paid.

"It will be underwhelming from a sticker shock point of view. It will not have the effect the doomsayers predict," Hiltonsmith said. The dollar amounts shown will reflect annual amounts, not the real harm from loss of compounding growth, he said.  A 27-year-old with $10,000 invested in a mutual paying a 1 percent expense ratio will pay only about $100 in fees in a year, a number that will hardly inspire shopping around, Hiltonsmith figures.

But that benign-sounding 1 percent annual fee is the source of most 401(k) folly. Compounded, it can result in loss of one-third of retirement savings, or more.

Doing the math to determine real investing costs from fees is tricky. It involves a long series of assumptions on factors so individualized that no 401(k) projection model is easily generalized.  Instead, the Demos study and others like it are merely "for instance ..." examples.

An obfuscator's dream
Wall Street protectors use this to their advantage. The Investment Company Institute, which is critical of the Demos study and others like it, uses its own calculations to claim the average investor pays only $248 annually in 401(k) fees and $20,000 during their lifetime. Even that conservative estimate should be alarming, when the average 401(k) balances is $75,000, according to Fidelity Investments, and those close to retirement (ages 55-64) have an average balance of $100,000.

It doesn’t have to be hard to see how recurring fees devour much of your 401(k) money. Here's a simple, if slightly imprecise, way to think about what happens when someone takes 1 percent of your money every year.  If you had a dollar, and someone took one penny every year for 30 years, you'd only have 70 cents at the end. That's what investing in a 401(k) mutual fund does to your money. These fee losses are obscured by additional contributions you make, and by market ups and downs – complex 401(k) statements are an obfuscator's dream -- but there's no way around it: Fees are killing most investors' returns.

(If you are a stickler for math, more precise calculations will appear at the bottom of this column. They usually just muddy the conversation, however.)

How does Wall Street get away with this? Obscurity sure helps, but there is another element of human nature that the system was born to exploit and that most people seem incapable of avoiding: Behavioral economists call it "hyperbolic discounting."  In short, Wall Street does a much better job of thinking about both time and money than you do.

Try this experiment, now oft repeated in the behaviorist world: If I offered you $50 today or $100 one year from now, which would you choose?  Most take the $50 and run.  Now, let's do the same exercise with a slight adjustment.  If I offered you $50 five years from now, or $100 six years from now, which would you pick? Almost certainly the $100.   But notice: if I asked you the same question in five years, you'd probably take the $50 again.  That’s a funny way to think about money (the technical term is “dynamic inconsistency”).

Follow @RedTapeChron

E-mail a tip to Bob Sullivan

The most obvious lesson from hyperbolic discounting is that people's choices are often focused on immediate gratification.  But the other side of that coin, behaviorists tell us, is that people are too quick to discount rewards in the future and, to our point, to discount the impact of future financial pain. In other words, telling someone they might be missing $150,000 from their retirement account 30 years from now means almost nothing to them – they get angrier about a $35 overdraft fee taken last week from their bank account.  Wall Street's genius is this: By stealing people's money from the future, they avoid consumers' wrath.

Perhaps it's possible to educate all Americans on the tyranny of compounding investment fees; and creating a fact box on consumers' quarterly statements that inspires them to shop around for lower-cost mutual funds is a step in that direction. But behavioral economists say that's highly unlikely to make much of a difference.  Better to create a system that by default enters workers into low-cost, relatively safe investment vehicles and let them pick riskier, more expensive options if they wish, Hiltonsmith says.

“Even if there was more sticker shock, (workers) wouldn’t know what to,” he said. “The way things are now, we’re asking workers to take on a full-time job, to be financial experts.”

Anyone who thinks the current system is working is doing an awful lot of hyperbolic discounting when it comes to society’s future.  Perhaps the most sobering fact in the Demos study, one that Hiltonsmith downplayed, is that his "perfect" investing couple had only $350,000 in their 401(k) at the end of 40 years. Does anyone think Mr. and Mrs. Perfect can live for 20 years on $350,000?  And these two did everything right -- they invested between 5 percent and 9 percent of their income every year, starting at age 25. They never stopped making contributions -- which nearly everyone does during job changes or tough times -- and they never made a withdrawal, which roughly one-third of investors do. Still, they were left with just $175,000 each at age 65.  Once and for all, that should expose the dirty little secret of 401(k) plans:

The math doesn't work.

Now, onto the math assumptions from above.  For Demos’ model, Hiltonsmith created an imaginary couple who worked from 1966-2005. Each earned the median income for their gender during that time (a range from $50,000 to $70,000 total, annually) and socked away a slowly increasing amount of their income during that time, starting at 5 percent and ending at 9 percent. Half their money was invested in a stock fund, half in a bond fund. Average growth and average published stock and bond fund fees from 2010 were applied to their accounts, and average trading costs were also deducted. No employee match was considered in the calculation, given the wide variety of matching programs – and the fact that many firms suspended matching contributions during the recession. Of course, the couple is a pure abstraction -- there were no 401(k) accounts in the 1960s.  But it takes this kind of modeling to create a hypothetical that covers an investor's entire work life, and their potential lifetime loss from fees.

As for my "one penny" calculation: Taking one penny every year from a dollar is not the same as taking 1 percent, but it's close.  Because the initial dollar amount drops with each deduction, each 1 percent annual hit is slightly less. To wit, 1 percent of 99 cents is less than 1 percent of 100 cents.  Do the math, and you'll find taking one percent of someone's money every year for 30 years is the equivalent of taking 26.03 percent. Still quite a lot of money for nothing.

What should you do with this information? Absent a better idea, put all your 401(k) money in an index fund, which will have fees that are 70 percent to 90 percent lower than standard mutual funds.  And watch your next quarterly statement for those depressing fee boxes. Most employers have two months to comply with the rules that take effect July 1, so you won’t start seeing the fee information until your first statement after Aug. 10.

*Follow Bob Sullivan on Facebook.
*Follow Bob Sullivan on Twitter.

The letter warned the recipient that she still hadn't responded to that great offer from "US Airlines" of two free airline tickets, and time was running out. Call the toll-free number now! it urged.

Fortunately, Red Tape reader Mary McNamara ignored it and passed it on to me. But somebody must be calling the enclosed toll free number, because the "great airline ticket giveaway" just won't go away. Complaints about it can be found across the web from a couple of days ago, and from at least two years ago.

In the words of travel expert and consumer advocate Chris Elliot: "I have yet to find a travel club that is legitimate."

I called the toll free number and was told I had to travel from Seattle to Portland to attend a meeting before I could receive my free tickets. But the operator, who identified himself as Josh, gave me the option of calling a friend or relative in the Chicago area and sending that person on my behalf to a meeting there. Thanks to their generous referral program, he said, I'd get free tickets just for talking a (soon to be former) friend into attending.

To save yourself the trouble of calling and listening to the pitch, someone recorded their call and posted it on YouTube.

Elliot, by the way, also received one of these free airline ticket letters recently, and wrote about it on his blog.

The free ticket letter offering has been around for at least two years, and inspired a lot of complaints in April 2011. It is such a nuisance that U.S. Airways had to post a "scam alert" on its website.

A representative to the airline told me that she's worked in the company's public relations department for seven years, and the free ticket letter "just kind of resurfaces from time to time." She reiterated, with a heavy sigh, that the airline was in no way affiliated with the offer.

Why would such an offer persist for years, despite all the warnings about it?

"People don't pay attention to details," said Elliot, also the author of the book, “Scammed.”  "US Airlines could exist, and the victims are quickly seduced by the offer. In other words, this thing is still around because it works."

When I asked "Josh" for more details, he said he was working for a company named Universal Travel Deals. The point of the 90-minute meeting -- he called it a "meet and greet" -- was to drum up business for local travel agencies, he said.

"Hopefully, to get people to book travel through them, rather than through those websites, like Travelocity or Expedia," Josh said. 

Follow @RedTapeChron

E-mail a tip to Bob Sullivan

There are also complaints about Universal Travel Deals in various consumer sites online. When I called the number for a firm named Universal Travel Deals in a Chicago suburb called Tinley Park, a woman who answered confirmed her company was managing free airline ticket offers. When I said I was a reporter, she took my name and number and said she'd have someone return my call. I’m still waiting.

Elliot said he's seen various telephone numbers come and go for the offer, which is a sign that something is wrong.

"The numbers have changed, which suggests to me that they may be moving from state to state," he said. "That's a common tactic to stay a step ahead of state regulators. My guess is this isn't a big enough fish for the Feds to get involved. Either that, or the FTC hasn't received enough complaints about it."

Do letter recipients ever end up with free airline ticket vouchers? That’s unclear, but this much is certain: nothing is really free in this world, and certainly not airline tickets. Letter recipients never get anything just by calling. They have to attend sales meetings, which, according to the few stories posted online by people who claim they’ve attended, exact their own costs.

If you receive an offer like this, please do three things.

1) Read it carefully. It's good practice to find the misleading elements, such as names like "US Airlines."

2) Throw it out and ignore it

3) Complain to your state attorney general and the Federal Trade Commission so someone actually takes a close look what's going on. (Here's a handy contact list for state attorneys general).

*Follow Bob Sullivan on Facebook.
*Follow Bob Sullivan on Twitter. 

All winter long, New York Knicks star player Amar’e Stoudemire plays in front of packed basketball arenas. Often, when on the road, he must stand on the foul line and hit critical shots while ignoring taunts screamed at him by 20,000 or more enemy fans. 

So why couldn't he ignore one comparatively tame tweet from a Knicks fan critical of his play?

Stoudemire is the latest professional athlete to land in social media hot water after he replied privately on Twitter this weekend to the fan. In just 140 characters, he managed to squeeze in two words we won't publish on msnbc.com, including one hateful gay slur:  "F#&# you.  I don't have to do anything, F#@."

The recipient took a screen capture of the private direct message and posted it publicly. Within hours, a typical Internet firestorm ensued. The NBA now says it is investigating.

While no one wants to be in the business of ranking foul language, clearly Stoudemire upped the ante with his response.  Literally and figuratively, Stoudemire should have been the bigger man.

The fan has declined interviews, saying, "I don't want to make this situation any bigger than it is," a mature response that Stoudemire could easily have employed this weekend.

It's time professional athletes realized that social media is a lot bigger than they think it is.

Stoudemire's Twitter transgression is hardly the first, and it won't be the last.  It is, however, shocking that an athlete being paid more than $20 million annually could be thrown off his game so easily.  And it's almost unbelievable that professional sports teams that spend hundreds of millions of dollars crafting their image leave so much to chance on Twitter and Facebook.

It's not as if the sports leagues can't control social media usage -- the National Basketball Association prohibits players from Tweeting 45 minutes before games, during games, and after games until media leave the locker room. Other leagues have similar restrictions. 

Follow @RedTapeChron

E-mail a tip to Bob Sullivan

Still, Twitter regret is a fixture in the sports world. Then Chicago White Sox manager Ozzie Guillen was fined last season for complaining about umpires on Twitter. Several NFL players were criticized for saying they were enjoying the NFL lockout last summer. And NBA pariah Gilbert Arenas was fined after he tweeted that he would be "direct sexting in no time" last year.

Stoudemire's direct response to a fan raised the stakes however.  His casual use of a gay slur also shows just how far the NBA has to go to make its environment accepting of all sexual orientations.  The NBA might look to the NHL for inspiration; last year, the hockey league joined the impressive "You Can Play" initiative after a team general manager's son became one of the first openly gay members of a prominent hockey team while serving as student manager of the Miami University NCAA team.  The student, Brendan Burke, died in a car crash in 2010.

In addition to the offensive language, it's amazing that some athletes fail to prepare for the reputation risk which comes from social media, and that professional leagues haven't managed to control it. The contrast with college sports here is stark; across the country, many colleges are trying to ban athletes from using social media, or hiring technology companies to monitor them closely. 

This approach has raised serious First Amendment issues, but it at least shows the schools are taking the risks seriously.

There is a distinct difference, however, when a professional sports team pays an athlete millions of dollars as part of a profit-making venture. Schools shouldn’t force teenage lacrosse players off Facebook, and they probably don’t have the right to such a free speech restriction, but a pro team can surely control how its highly compensated employee interacts with the public.  

The Twitter regret issue should be interesting to watch during the upcoming London Olympic games, where a combination of highly paid professionals and amateurs, along with very excited family members, might lead to some embarrassing social media moments. Already, famous British swimmer and former silver medalist Sharron Davies is calling for a Twitter blackout by U.K. athletes during the games.

“It’s always something that is a bit of a risk, that some silly story would overshadow the good stuff we were doing,” Davies told the Mirror. “For that short period, a month, let’s not take a risk.”

For his part, Stoudemire did apologize, seemingly without prompting, several hours later.

"I apologize for what I said earlier. I just got off the plane and had time to think about it. Sorry bro!! No Excuses. Won't happen again," he wrote in another private message posted by the recipient.

Stoudemire had a frustrating, injury-riddled season that ended with him embarrassingly punching a glass door after a playoff loss to eventual league champion Miami Heat. Angry punches and glass don't mix well. The resulting injury caused Stoudemire to miss a playoff game and limited him for the rest of the series.

Frustration and the instant gratification of social media are an even more toxic mixture. If someone paid me $20 million a year, I'd pay for 24/7 public relations help with my Twitter account.  Seems a sensible way to keep the fouls on the court.

*Follow Bob Sullivan on Facebook.
*Follow Bob Sullivan on Twitter. 

An earlier version of this story said Brendan Burke played minor league hockey. Msnbc.com regrets the error.

Which bank is the stingiest at handing out refunds to consumers who complain?  Wouldn't you like to know?

This story offers some insight into the first question, based on complaints filed with the Consumer Financial Protection Bureau during the past year.

This week, the bureau began offering consumers the chance to look into its massive database of complaints -- albeit in limited fashion. Only complaints filed since about June 1 – or 173 of the total of 42,000 -- are currently available for public viewing at the agency's website.

But msnbc.com obtained the full database of complaints under a Freedom of Information Act request and has done some crunching of the numbers. 

The data on the bureau's website were limited, in part, because the agency is still tinkering with the way it logs complaints.  It has several times refined the way it describes complaint resolution, for example. That means data codified under the old system are of limited value to researchers, and to the public.

Still, with 42,000 entries, there are things to learn from the data.  For now, we're focusing on resolution involving consumers who complained they were hit with an unfair fee. There are 1,458 such complaints in the data.  Most of these complaints involved credit card accounts (a few involve student loans). 

Squeaky wheel
Of these fee-related complaints, 204 were labeled "closed without relief," meaning the bank gave no monetary compensation to the complainer, and another 45 were labeled "no resolution provided," for a total of 17 percent.  On the other hand, 424 were "closed with relief," and another 365 cases were designated "full resolution provided" – a winning percentage of 51 percent.  That shows the value of being a squeaky wheel, at least when it comes to fees. 

Various other designations, such as "misdirected," or "In progress" round out the results.

When considering data like this, it's of little use to count up totals and compare. It should be no surprise that really large banks like Bank of America attracted more complaints than medium-sized institutions like PNC Bank, for example.  But in the case of relief granted, a percentage of success or failure by consumers offers a little more information.

It turns out the J.P. Morgan Chase customers who complained were turned down least often among the 10 banks with the most fee-related complaints -- only about 10 percent were rejected, and conversely, 83 percent were granted relief and/or resolution.  GE Capital customers actually did a little better on the relief side, with 85 percent winning. Barclays, Capital One and Bank of America customers all got some kind of relief more than 70 percent of the time.

On the other side other side of the spectrum, US Bank customers fared the worst. Only 40 percent got relief; the same percentage were rejected by the bank (the data doesn't say what happened to the middle 20 percent). Also faring badly -- Citibank, Discover and American Express customers, who were rejected more than 25 percent of the time.  Capital One customers, despite their 70 percent success rate, were rejected 25 percent of the time.

*Follow Bob Sullivan on Facebook.
*Follow Bob Sullivan on Twitter.  

These results should be taken with a huge grain of salt. At this level of granularity the sample size is quite small -- with some banks, there were fewer than 50 fee-related complaints.  And the banking industry has valid concerns about the accuracy of the complaints. Nessa Feddis, spokeswoman for the American Bankers Association, correctly points out that a bank that has a particularly effective internal complaint resolution program could be wrongly portrayed as a bad actor by the CFPB data. 

"Maybe internally they have a 99 percent success rate and the only people who file with the bureau don't have a legitimate complaint, and that bank might look worst," she said.  "It would skew the percentages."

She also said banks with high “no relief” scores could simply be “(getting) it right the first time” when it comes to billing issues.

Feddis also complained more broadly about the idea that consumer complaints were being released to the public without vetting by a bureau official for legitimacy.

New consumer agency launches tell-all website

"Some people file complaints about a fee that they understood and agreed to and simply don’t want to pay, or they misremember,” she said. “There is simply no way to tell whether the complaint is valid or reasonable and the issuer doesn’t get to provide its side of the story. Hardly American due process."

Msnbc.com chose fee-related complaints for a reason. The chief criticism of the CFPB complaint database by the banking industry has surrounded the various designations for resolution. Initially, only consumers who received monetary compensation were designated as having obtained relief. When the banking industry complained that banks often offer non-monetary relief -- such as taking steps to improve a consumer’s credit score -- the bureau agreed and changed its coding system.

Fee-related complaints, however, offer a more clear data point for inspection: Consumers complaining about late fees, cash advance fees and balance transfer fees generally either get their money back, or they don't.  By limiting this analysis to fee-related complaints, the resolution data is still informative, with this caveat, provided on background by a person familiar with how the bureau’s database works:  A small percentage of consumers who were granted a fee waiver – as opposed to a refund – by their credit card issuer may have had their complaints coded as “without relief.”  The person said the number of entries impacted by that distinction wouldn’t skew the overall results.

Jen Howard, spokeswoman for the bureau, said it wouldn't comment on the msnbc.com results.

Here’s the top 10 list of most generous and most stingy banks, presented with the above caveats: 

The nation's new consumer protection agency is about to start naming names, albeit in baby steps.

Despite vocal opposition from the financial industry, the Consumer Financial Protection Bureau on Tuesday launched a website that allows consumers to browse through complaints filed against large financial companies.

Website users can see the name of the company targeted by each complaint, the nature of the issue, the company response -- including timeliness -- and the zip code of the complainer.  Users can also generate charts showing which banks attract the most complaints, which issues are hardest to resolve and which regions of the country seem most irritating by bank practices. 

“(This) is a major milestone for consumers and all those who are interested in knowing more about their day-to-day experiences,” said Richard Cordray, the bureau's first director.  “We believe this is the first time that the general public has been able to see such individual-level consumer complaint data for financial products and services. …  Anyone with access to the web will be able to review and analyze the information, and draw their own conclusions.”

Initially, the website includes only a small fraction of the 17,000 complaints filed regarding credit cards since July of the last year, when the agency began receiving customer gripes. Only complaints filed since June 1 will be available at first, as the agency works out the kinks in its "beta" launch of the database. 

Complaints about mortgages and checking accounts will also be added later, making Tuesday’s launch a bit of a baby step toward providing full access of complaints to consumers.

The financial industry has complained that release of the data is unfair, as the complaints will represent raw, unverified data that could be misleading.  

"Bureau publication of complaint data alone implies an official endorsement of inferences drawn out of context and suggests reliability about overall issuer customer experience and satisfaction that is not well-founded and that invites untrustworthy analysis that will mislead consumers, said the American Bankers Association in its public comments on the consumer bureau's proposal to publish the data.

The bank lobbying group also complained that publication of unverified complaints is at odds with the bureau's mission to be a data-driven banking regulator.

"The Bureau’s proposal expands its role by inventing a new mission of publicly outing information about an issuer’s customer experience and satisfaction record, a function that is fundamentally at odds with its obligation to handle confidentially supervisory information," it said.

Other banking officials have compared public release of the data to gossip, and the database to the customer review site Yelp.com, complaining that many consumer complaints are unfounded, and some are fraudulently posted by competitors.

But the bureau official said each individual complaint was a worthy data point that consumers should consider when weighing decisions on banking products, and that release of the data would give banks an incentive to compete on customer service.

Follow @RedTapeChron

E-mail a tip to Bob Sullivan

The agency will confirm that an authentic business relationship exists between complainer and target, but nothing else about the complaint will be verified. A warning will tell users that accuracy of the information has not been confirmed, according to the agency official. Complaints will not appear until a bank has responded, or until the 15-day response period has passed, nor will the agency offer opinions on the meaning of the data, the official said.

Initially, the "narrative" section of the complaints will not be published, because the agency has not yet determined how to sanitize the information to avoid publishing personal information, which could be harmful to the consumer. In fact, Cordray stressed that none of the complainers' personal information will be published.

Most government complaint data is not public, a situation which has drawn criticism in the past from consumer advocates. The Federal Trade Commission, for example, collects hundreds of thousands of complaints from consumers but only makes the information available in aggregate, or when it files litigation against a firm. Because only a tiny fraction of complaints lead to litigation, the possibility exists that consumers fall for scams or unfair business practices committed by firms that are already attracting a pile of complaints in a government database.

The consumer bureau’s model suggests consumers might be able to learn from each other, and avoid unfair treatment that way. The data will provide a real-time view of what's happening in the marketplace, the agency official said, and could prevent consumers from falling for new tricks or traps invented by the financial industry.

But even in the Internet age, where sites like Yelp that let consumers warn each other are common,  sharing of complaints filed with government agencies is extremely controversial.  Last year, the Consumer Product Safety Commission made its complaints available for the first time at SaferProducts.gov. Almost immediately, an as-yet-unnamed firm filed a federal lawsuit to keep a complaint about an allegedly dangerous product off the public website.

Cordray said he hoped publication of the data would make it easier for consumers to seek fair treatment from financial institutions.

“Nobody needs to be told there are deep problems in the consumer financial product marketplace – it is why we were created in the first place…For every consumer who reaches out to us to tell us about their troubles, we know that many others have the same troubles but suffer them in silence,” Cordray said. “These complaints tell us personal stories of real pain. … Do your own digging.  Find your own information.  And help us make the marketplace a better and safer place.”

*Follow Bob Sullivan on Facebook.
*Follow Bob Sullivan on Twitter.  

Daryl Henry's reward for 20 years of service in the Navy was a $1,083 monthly pension. But more than half of it went to a private California company -- Retired Military Financial Services -- after Henry was duped into a complex financial agreement, the Maryland resident alleged in a class-action lawsuit.

Struggling with bills, Henry says he answered an ad in the Navy Times and traded 96 months of future pension checks -- totaling $103,000 -- for a lump sum payment of $42,131. He then spent years depositing his government pension checks into a special account so Retired Military Financial Services could take its share of the taxpayer-funded payments and pay private investors with it.

Lump sum pension payments for vets are big business, targeting 1.5 million former service members who receive $40 billion annually. Companies that provide them have attracted negative attention from military advocates for years. Tales of retired or injured vets getting 30 to 40 cents on the dollar are easy to find. In 2004, Congress threatened legislation designed to banish the industry, and several courts have ruled the arrangements run afoul of existing federal laws.

But on Monday, Consumer Financial Protection Bureau Director Richard Cordray said his agency will begin focusing on pension lump sum payments.

"We are ... concerned about military pension buyout schemes," Cordray said in a speech on Elder Abuse Awareness Day. "Military retirees are offered lump-sum cash payments in return for surrendering their rights to their pension payouts. These schemes are usually very bad deals for the retirees. We want to collect information on all of these kinds of financial practices."

Follow @RedTapeChron

E-mail a tip to Bob Sullivan

Several agencies and investigators have been collecting information on the industry for years. John Wasik, an author of 13 books on personal finance, recently investigated the industry for investment-related fraud in a column on Forbes.com.

"Basically, you sign up they lock you in, and if you want out, you don't have recourse," Wasik said. "There is very clear language saying, ‘This is not a loan,’ but it resembles a loan in all characteristics."

Where do these pension payout companies get their capital from? Investors looking for steady returns. Wasik found that Retired Military Financial Service’s partner, California-based Structured Investments Co., was ordered by an arbitrator in November to repay $5 million to investors who alleged they were defrauded. In December, the firm agreed to stop selling the investments in California.

In August, a California court ruled in favor of Henry and the class of veterans who joined his lawsuit, ordering Retired Military Financial Service to return $2.9 million.

"There is an awful lot of litigation out there," Wasik said. "My biggest concern is the proliferation of these things without regulation. Somebody should be looking at what they are doing."

Attempts to reach Retired Military Financial Services by deadline were unsuccessful. Founder Steven P. Covey defended his company last year in a story published by the Center for Public Integrity’s iWatchNews.org.

"The position is: We’re purchasing at a discounted lump-sum, future cash flow,” he said. “We’re not lenders. When you’re not lenders, you’re not dealing in potential usury areas.”

Covey's attorney, Robert Clarkson, told Wasik that his client had "done nothing wrong,” but said he wouldn't answer questions because of pending litigation.

'It's likely every single one is violating a law'
Plenty of websites offer cash for pension and disability payments, which add to an already crowded field of firms offering lump payments for structured settlement recipients. There’s good money in granting lump payments to down-on-their-luck consumers who have a guaranteed stream of income. Military pensions fall into a protected category, however, says Stuart Rossman of the National Consumer Law Center, who helped argue Henry's case.

"If these sites are dealing with the issue of military pensions, it's likely every single one is violating a law," he said.

All firms that offer such lump payments are between a legal rock and a hard place, he said. Assigning military pensions to a third party isn’t legal; offering loans without abiding by Truth and Lending Requirements is also illegal.

"And they are either one of the other," he said. 

One site, MilitaryPensionLoan.org, offers a typical example: "This program is NOT A LOAN," it says on its home page, despite its Web address. "We will buy the next eight years of your pension for a lump sum of cash."

MilitaryPensionLoan.org didn’t immediately respond to requests for comment.

Despite the legal troubles, and occasional bad publicity, the military loan/pension products have survived for more than a decade. Rossman said he filed his first case against such a firm nine years ago. But why?

He thinks many of these companies use veterans' sense of honor against them.

"They believe in doing their duty. They don't want to come forward. They believe 'It's my mistake and I have to own up to it,'" Rossman said. "And a lot of them don't even realize they are paying 30 percent interest."

Rossman hopes military pension payout companies are on the ropes now that investors might be scared away by the California litigation. No investors would mean no money for lump payments. 

Henry’s legal triumph was a bit of a hollow victory, however -- he'd already made all 96 payments by the time the judge ruled in his favor. While he is entitled to a portion of the $2.9 million judgment, Rossman said the owners of Retired Military Financial Payments had declared bankruptcy, so there are no assets to pay the judgement.  

Still, it was a worthy fight, Rossman said. 

"He's proud he's put a stop to this, and once we had the judge's ruling, we were able to tell other members of the class they could stop making payments. We saved them a lot of money, and he's proud of that," Rossman said.

*Follow Bob Sullivan on Facebook.
*Follow Bob Sullivan on Twitter.  

"FYI EVERYONE -- There's a site called spokeo.com and it's an online phone book that has a picture of your house..," begins the breathless chain email, which has made its way around the Internet for the past three years or so. It'd be hard to find an email inbox or Facebook wall that hasn't been disrupted by the scary warning.

It sounds like typical urban legend spam:  but Spokeo is quite real. So real, in fact, that the site was just slapped with an $800,000 fine by the Federal Trade Commission for alleged deception and violations of the Fair Credit Reporting Act.

Spokeo agreed to pay the fine without admitting any wrongdoing; but it certainly doesn't shy away from the Big Brotherish accusations.  On its home page Wednesday, despite the fine, is this tag line: "Not your grandma's phone book."

Most Web users have heard of Spokeo because of the chain email and online posts, some of which make even scarier claims, like this: "It's an online phonebook that has a picture of your house, credit score, profession, age, how many people live in the house," claims one version, begging to go viral. "Remove yourself AND ANY AKA OR SPOUSE by the Privacy button on the bottom right. (passing along, scary stuff!) I have personally checked it out ... and it is really there! CUT PASTE AND REPOST!!!"

 Spokeo is a common data background company. Along with a host of competitors, it compiles ragged, incomplete and often inaccurate dossiers on U.S. residents. It does a pretty good job of finding people's home addresses, and then bulks up its reports (that is, tries to get snoopers to pay extra) to see additional vague data, such as average income in your neighborhood.  It's no scarier that dozens of other such services. But unlike companies such an Intellius, Spokeo has fully embraced the spooky nature of its business (the name should tell you that) and used it as a marketing tool.

Follow @RedTapeChron

E-mail a tip to Bob Sullivan

It appears that marketing plan may have cost the firm $800,000, though the FTC didn't sue Spokeo for being spooky. The consumer agency said Spokeo marketed itself to human resource professionals as an employment background company, using the tagline "Explore Beyond the Resume."  But acting as a credit reporting agency triggered the Fair Credit Reporting Act, which includes a list of legal obligations, such as giving consumers a process to challenge incorrect information, for example. Spokeo did not comply with them, according to the FTC .

Doing so won Spokeo this distinction: It became the first firm sued by the FTC for sale of data collected from online sources, including social media, for employment screening purposes.

Spokeo did not immediately respond to requests for comment. Founder Harrison Tang did publish a blog post called "Empowering Spokeo's Users" which said the firm has changed its business practices.

"It has never been our intention to act as a consumer reporting agency," he wrote. "We have made changes to our site and our internal business practices in order to ensure we don’t infringe upon the FCRA’s important consumer protections, and to ensure an honest and transparent service that will continue to be easy for our customers to use."

In case Spokeo's reputation needed an even heavier anchor, the FTC also said the firm violated its endorsement rules, sprinkling inauthentic praise about Spokeo all around the Web.

"Spokeo deceptively posted endorsements of their service on news and technology websites and blogs, portraying the endorsements as independent when in reality they were created by Spokeo's own employees," the FTC says. 

Let that be a healthy reminder to content creators: Fake comments, discussions and company plugs aren't just bad form. They are illegal.

As part of the fine, Spokeo has agreed to stop acting like a credit reporting agency and to stop spreading fake endorsements around the Internet.  But back to the original point: If Spokeo's line of business is so scary that it can make Internet chain mails into reality, why is it allowed to exist in the first place? 

FYI EVERYONE: Weak U.S. privacy laws, that's why. See for yourself a picture of your house. No address required. Feel free to forward this to everyone you know!   And while you're at it, visit http://spokeo.com/privacy to opt out of the company's database. Scroll to the bottom for the essentials.

*Follow Bob Sullivan on Facebook.
*Follow Bob Sullivan on Twitter.  

AFP - Getty Images

This undated screen grab taken released by the Kaspersky Lab site shows a program of the computer virus known as Flame.

Has the U.S. government been caught with its virtual hands in the world's cookie jar? And might it lose control of the Internet as a consequence?

If you were among the forces on the planet wanting to wrest control of the Internet from the U.S.-friendly agencies that manage it, that's the story you'd surely want to tell. 

But things are rarely what they seem.  The barrage of Flame news – including word that Flame and Stuxnet appear to have common authorship -- should not be viewed in a vacuum.

The organization, which manages international telephony agreements, will meet in Dubai in December and attempt to extend its charter to take operational control of the Internet away from the U.S.-dominated nonprofit International Corporation for Assigned Names and Numbers, or ICANN. 

Even as news of Flame first hit, an ITU working group was meeting in Geneva to finalize the agenda for the Dubai meeting. At almost the same time, there was a hearing in an obscure congressional subcommittee where experts rang alarm bells about an ITU coup.

The argument that the U.S. should not be in a position of power as far as overseeing the Internet will be bolstered by a world set aflame by news that the U.S. may have exploited its technological advantage to attack sovereign nations with Flame and Stuxnet.

Some technology experts say the Dubai meeting could very well decide the direction of the world's most valuable resource - information - for the rest of the 21st century:   The future of Internet anonymity, free speech and perhaps freedom itself could be at stake.

"I think there is a political story that is being missed here," said Chris Bronk, a former State Department official who worked in that agency’s Office of eDiplomacy and is now a professor at Rice University. "There's much more to this. … Stuxnet was better than bombs in the short run, but this could hurt the U.S. down the road.”

Conspiracy theorists -- including several interviewed for this story who requested that their comments remain off the record -- point out that the world learned about Flame from a Moscow-based antivirus company (Kaspersky Labs), and the ITU chose Flame as the subject of its first-ever international cyber-warning, claiming for the first time an important role in cybersecurity affairs.  They see the grand publicity surrounding Flame as little more than a power grab by the ITU in advance of the Dubai meeting, dubbed the World Conference on International Telecommunications (WCIT).

“If you want to be cynical, this is definitely a play by an international group to try to gain control over arguably the world’s most valuable resource,” said Paul Rohmeyer, a Stevens Institute of Technology professor who specializes in cybersecurity and international issues, and one of the few members of the conspiracy camp willing to connect the dots publicly.

But you don't have to draw such a direct connection to see the relationship between Flame and ITU's desire to find and flex new power. Kaspersky Labs, the Russian firm that continues to publish the most informative details about Flame, has a solid reputation in the security research world, and there’s no reason to believe it is acting on behalf of Russian national interests. Still, it's impossible not to view Flame -- and recent revelations about Stuxnet -- without understanding the diplomatic backdrop.

“If I were advising Russia, I would be all over the place waving these stories around,” said Eneken Tikk, formerly the legal and policy advisor for NATOs Cooperative Cyber Defense Centre in Estonia.  “It seems like a great opportunity to increase pressure on talks around cyber threats to international peace and security and gather a coalition of potential victims to say, ‘We see the U.S. establishing itself on the Net in offensive way, we need an international umbrella to do something.’”

If the U.S. is guilty of escalating cyberwar by writing computer code that disabled critical Iranian computers, there is no question that forces around the globe will try to exploit the news to their own ends. While most analysts have focused on the potential that Flame invites other countries to counterattack the U.S. with similar cyber-bombs, the real threat might be the rationale it could provide for ending the free-flow of information around the Web.

“It's very concerning from a purely political standpoint. You can see why a group like ITU would be incentivized to release this news,” Rohmeyer said. “I’m guessing that's what they are trying to set up. They are building their case for internationalization. They have everything to gain and the established order, which is U.S.-based, has everything to lose.”

U.S. officials aren't blind to the threat; they've made very public warnings about it. In February, Federal Communications Commission member Robert McDowell wrote an op-ed piece in the Wall Street Journal where he criticized the ITU:

"The most lethal threat to Internet freedom may not come from a full frontal assault, but through insidious and seemingly innocuous expansions of intergovernmental powers," he wrote. "Scores of countries led by China, Russia, Iran, Saudi Arabia, and many others, have pushed for, as then-Russian Prime Minister Vladimir Putin said almost a year ago, 'international control of the Internet' through the ITU."

McDowell also testified before that congressional subcommittee on May 31, and warned that "pro-regulation" forces led by China and Russia are far more organized than U.S. allies.

Follow @RedTapeChron

E-mail a tip to Bob Sullivan

"While precious time ticks away, the U.S. has not named a leader for the treaty negotiation," he said.

Some in Congress were even more blunt:

“If we're not vigilant, just might break the Internet," said Rep. Greg Walden, R-Ore.

The dire-sounding warnings aren't coming solely from U.S. government officials, either.  Even the so-called “father of the Internet,” Vint Cerf, expressed grave concern that day in Congress.

“(The Dubai meeting) holds profound—and I believe potentially hazardous— implications  for the future of the Internet and all of its users," he testified. "If all of us do not pay attention to what is going on, users worldwide will be at risk of losing the open and free Internet that has brought so much to so many.”

Nor is the alarm coming just from the U.S. Toomas Hendrik Ilves, president of Estonia, rang alarm bells on Friday during the International Conference on Cyber Conflict in Tallinn.

“The outcome of (the Dubai meeting), and related processes, will help determine the topography of the Web for the next two decades,” he said. “While this conference may fall into the domain of ministries of commerce and communications, make no mistake, there will be major cybersecurity ramifications. More ominously, we will face calls to limit free expression as we know it on the Web today.”

But as Western nations try to draw battle lines, the reality of Flame and Stuxnet muddies the argument considerably.  The U.S. risks losing moral high ground through stories about such cyberattacks.

"When we had plausible deniability for Stuxnet, we could make the argument more easily,” Bronk said. “This completely cuts at the knees the Internet freedom agenda.  How can the U.S. use clandestine cyberattack to go after a threatening regime, and then push the free agenda? "

As Rohmeyer sees it, the combination of U.S. cyberattacks and the Dubai meeting puts the Internet at “an age-old crossroads.”

What might change mean?
The ITU has its roots in an organization created during the 1860s to standardize cross-border telegraph traffic in Europe. It became a U.N. body after World War II, focused almost entirely on simplifying international telephony. Only recently has it tried to extend its charter to Internet traffic, most notably with the creation of an agency called The International Multilateral Partnership Against Cyber Threats, or IMPACT, based in Kuala Lumpur. Modeled after national computer emergency response teams, IMPACT’s stated mission is to share time-critical computer vulnerability and virus information around the globe. The U.S. has so far refused to join ITU’s IMPACT. Russia, China, Iran and about 140 other nations are members.  

IMPACT tried to take the lead in international dissemination of information about Flame, using the virus as cause for its first-ever warning.

How might ITU change the way the Internet works? No one knows, of course, but there are obvious reasons for concern.  Chinese officials have repeated stated they want an Internet where users must register by IP address, effectively ending anonymity and, perhaps, Internet-based uprisings. 

McDowell warns that Russia, Tajikistan and Uzbekistan asked the U.N. General Assembly to create an “International Code of Conduct for Information Security” to mandate “international norms and rules standardizing the behavior of countries concerning information and cyberspace.”  Even  ITU’s head of corporate strategy, Alexander Ntoko, raised eyebrows  earlier this year in Cancun when he predicted that anonymity online would end.

“Why countries are interested in the ITU varies. … China and Russia, their motivations are not very friendly to human rights or openness,” said Cynthia Wong, a lawyer for Center for Technology and Democracy. “Other places feel like they don't have a voice in the current process. “

One of the main criticisms of the process is a lack of transparency and the limitations on participation of non-governmental groups, according to complaints publicized but the Center for Technology and Democracy and human rights groups.  But it’s clear the ITU plans new ways to raise revenue, which might lead to some form of a per-click tax, according to witnesses who testified before Congress at that May 31 hearing.  wong also expects the ITU to push for mandatory standards for packet delivery – Net standards have been voluntary so far -- which could be a precursor for giving nations more control over incoming and outgoing Internet traffic at their borders.

One state, one vote
“Part of the problem with ITU process is that it's so opaque, so it is really hard to understand what might be at stake,” Wong said.  “But what we do know is Russia and some of the Arab states have put cybersecurity on the table.  There are proposals for greater regulation of traffic routing for security purposes.  Depending on how such regulations are implemented, it could be used to justify greater intrusions on privacy and fundamentally change how the Internet currently works technically.”

In other words, such proposals would make it easier for nations to control Internet traffic.

Practically speaking, it will be difficult for ITU to grab control over the central tool governing the Web – the domain name system – in Dubai. That system is currently operated by ICANN. But a sizable block of non-U.S. countries agreeing to mandatory routing standards could still wield considerable power. Treaty negotiations are one state, one vote. The U.S. government could make a reservation with something in the treaty, but if ITU standards become mandatory, all Internet users could be impacted. One potential outcome would see a “splitting” of the Internet, where traffic from nations following one standard is denied by a bloc of nations following another.

But Wong’s chief concern currently is that groups like hers aren’t welcome in the proceedings. On May 17, the Center for Democracy and Technology and 20 other non-governmental agencies from around the world sent a letter of protest to Secretary-General Dr. Hamadoun Touré, who is running the meeting, saying “there has been scant participation by civil society” in the run-up to Dubai.  But Wong thinks the influential Internet protests around SOPA demonstrate that no government agency will be able to pull a fast one on a recently empowered digital constituency.

“One of the lessons you can pull from SOPA is this: The time when governments can go behind closed doors and make important decisions about how we use the Internet is gone. That’s not acceptable anymore,” she said. “There is a community of users who are paying attention, and are really concerned about the future of the Internet. They are not going to find it acceptable anymore to use these old ways of creating laws. And it behooves governments involved in this to pay attention to that.” To that end, several groups have collaborated to create WCITLeaks.org, to encourage anonymous uploading of conference-related documents.

The experience of SOPA might make the Flame and Stuxnet sagas even more important. Could the potential for Internet users to rise up against U.N. control of the Net be blunted if the alternative seems to be continued control by the U.S., its image damaged by Flame and Stuxnet?  Rohmeyer thinks so: Like many technology experts, he’s skeptical of claims that Flame is the most powerful virus ever created. As others have pointed out, Flame is so large that it’s clearly not designed for stealth operation – whoever created it almost begged for it to be found. He thinks a big part of the publicity around Flame is a function of this battle for control of the Net.

“Is the U.S. releasing viruses so powerful that it needs to lose its control of the Internet?” he said. “I don't think by itself the release of Flame rises to threshold. I’m dubious of is effectiveness, and suspicious of those claims.” 

There are also open questions about ITU’s ability to take operational control over the Internet and cybersecurity.

'No country is an island on the Internet'
“The ITU has been kind of like one big group hug,” said Rohmeyer.  “Do U.N. groups have a track record of success with this kind of operation? The ITU was a standard-setting body for telephony. Once you move out of the connectivity realm into operational controls – wow! That gives them an enormous amount of power. ICANN seems to be functioning. When I woke up this morning, the Internet seemed to be working. I don’t think (ITU) has been in this business before.”

Not everyone in the U.S. is against giving ITU more control over cyberspace.  Jody Westby, who launched the Central Intelligence Agency’s famed In-Q-Tel technology investment arm and is now a highly sought-after U.S. cyberexpert, penned a column for Forbes last week strongly endorsing U.S. participation in IMPACT.

“No country is an island on the Internet, and the U.S. cannot expect to be able to adequately respond to cyberattacks or malware infiltrations without the input and involvement of others around the globe,” said Westby, who disclosed that IMPACT was previously a client of her consultancy firm. “The U.S.’s ‘our way or the highway’ attitude in the important area of cybersecurity appears petulant.”

She also said that, absent U.S. participation, other nations will look to Russia and China for leadership.

“The U.S. appears as the shirking nation state quietly standing on the sidelines while being accused of engaging in cyberwarfare tactics,” she said.

But Rohmeyer was was among those who wondered aloud what was in it for the U.S.

“There is no upside for the U.S. (in participation),” he said. “Is the Internet going to be managed better? Will it be more open?”

Many experts think the end result of Dubai will mean the already tense balance between bottom-up governance, where private firms dictate policy through collaboration, and top-down governance, where governments mandate Internet policies, will grow even more stressed. So will the tension between anonymity, free speech and U.S.-friendly control on one side, they say, vs. accountability, control, and Chinese/Russian/Arab interests on the other. McDowell, from the FCC, has repeatedly warned that even a positive outcome for the U.S. in Dubai offers little reason to celebrate. 

“Given the high profile, not to mention the dedicated efforts by some countries, I cannot imagine that this matter will disappear,” he testified before Congress. “Similarly, I urge skepticism for the ‘minor tweak’ or ‘light touch.’ As we all know, every regulatory action has consequences.”

Phillip Hallam-Baker, writing in the online magazine CircleID, compared the balancing act to the uneasy management of the Church of the Holy Sepulchre in Jerusalem, where power is shared awkwardly among various Christian groups and squabbles are common.

“Backing ICANN appears to be the only sensible course for the U.S. But the problem with this approach is that the U.S. cannot risk ICANN itself being captured by hostile powers, and that in turn means that the U.S. cannot ever release its de facto control of ICANN,” he wrote. “It is an inherently unstable situation that is only maintained through constant vigilance on all sides. “

*Follow Bob Sullivan on Facebook.
*Follow Bob Sullivan on Twitter.