EPIC Urges FTC to Investigate Thomson Reuters’ Fraud Detection System in New Complaint

January 5, 2024

In a complaint filed yesterday, EPIC called on the Federal Trade Commission (FTC) to investigate Thomson Reuters, the multinational information services conglomerate, for its development and operation of a faulty fraud detection system known as “Fraud Detect.”

EPIC’s complaint highlights troubling evidence of Thomson Reuters’ unlawful data practices and harmful AI practices gleaned from a three-year EPIC investigation into Thomson Reuters’ Fraud Detect. Thomson Reuters appears to have used both government data and sensitive commercial data like consumers’ credit reports, criminal records, and social media profiles to develop, market, and operate an automated fraud detection system to state public benefits agencies across the country. Despite Thomson Reuters claiming that Fraud Detect could accurately detect public benefits fraud, EPIC found clear evidence that Fraud Detect generated false fraud alerts, leaving hundreds of thousands of legitimate claimants without access to public benefits.

Thomson Reuters has offered its Fraud Detect system to agencies in at least 42 different states, profiting off agencies’ economic hardship and fears of fraud. Under most contracts, however, Thomson Reuters maintains control and ownership over the Fraud Detect system, including control over the system’s source code, proprietary data, operation, and maintenance. Often, this control meant that neither agencies nor public benefits recipients knew how Fraud Detect generated fraud alerts or whether Thomson Reuters was meeting minimum standards for responsible AI development and use.

EPIC’s complaint calls on the FTC to investigate Thomson Reuters for unfair and deceptive practices in violation of Section 5 of the FTC Act and for violations of the Fair Credit Reporting Act. EPIC further urges the FTC to enjoin any unlawful data practices confirmed in its investigation and direct Thomson Reuters to implement responsible AI practices similar to those mandated in the Commission’s recent Rite Aid order.

EPIC has played a leading role in developing the authority of regulators to safeguard the rights of consumers, ensure the protection of personal data, and address AI harms. EPIC previously called attention to Thomson Reuter’s error-prone fraud detection system in two investigative reports: Outsourced & Automated and Screened & Scored in the District of Columbia.

More coverage of EPIC’s complaint can be found here.

Support Our Work

EPIC's work is funded by the support of individuals like you, who allow us to continue to protect privacy, open government, and democratic values in the information age.