Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Consumer advocates testify before Senate Commerce Committee on need for federal consumer data privacy legislation
On October 10, the Senate Committee on Commerce, Science, and Transportation held the second in a series of hearings on the subject of consumer data privacy safeguards. The hearing entitled “Consumer Data Privacy: Examining Lessons From the European Union’s General Data Protection Regulation and the California Consumer Privacy Act” heard from consumer privacy advocates on lessons from the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) of 2018, and what types of consumer protections should be considered in future federal legislation. Committee Chairman, Senator John Thune, opened the hearing by emphasizing the importance of promoting privacy without stifling innovation. Senator Thune stated that, while understanding the experience of technology and telecommunications companies in this space is important, any new federal privacy law must also incorporate views from affected industry stakeholders and consumer advocates.
The consumer privacy advocate witnesses agreed there is a need for heightened consumer protections and rights, and that the time is ripe to have a debate on what a consumer data privacy law at the federal level would look like and how it would work with state level laws. However, witnesses cautioned that federal legislation should create a floor and not a ceiling for privacy that will not prevent states from passing their own privacy laws. One of the witnesses who led the effort behind the California ballot initiative that resulted in the CCPA emphasized that federal legislation should contain a robust enforcement mechanism, while a witness from the Center for Democracy & Technology said that (i) lawmakers should give the FTC the ability to fine companies that violate consumers’ privacy and provide the agency with more resources; and (ii) a federal law should cover entities of all sizes and clarify what secondary and third-party uses of data are permissible.
Among other things, the hearing also discussed topics addressing: (i) GDPR open investigations; (ii) support for state Attorney General enforcement rights; (iii) privacy protections for children, including the strengths and weaknesses of the Children’s Online Privacy Protection Act, particularly with respect to children ages 13 and older; and (iv) consumers’ rights to control their personal data.
Global technology companies testify before Senate Commerce Committee on need for federal consumer data privacy legislation
On September 26, the Senate Committee on Commerce, Science, and Transportation held a hearing entitled “Examining Safeguards for Consumer Data Privacy” to discuss whether federal lawmakers should write a broad federal online privacy law in the wake of the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) of 2018, which was amended on September 23. Committee Chairman, Senator John Thune, noted that the September 26 hearing was the first in a series of hearings the Committee plans to hold to discuss consumer data privacy concerns. Testifying before the Committee were executives representing six global technology and telecommunications companies who all agreed that there is a need for federal consumer privacy safeguards that would give consumers more control over the way their data is used. The witnesses also supported the idea of engaging in further discussions with the Committee regarding the FTC’s enforcement powers under its current authority to determine whether the agency needs more resources and tools to carry out its responsibilities effectively. However, the witnesses cautioned that Congress needed to strike an appropriate balance between industry accountability and giving government agencies unchecked power. The witnesses also voiced their opposition to proposed legislation that would require businesses to notify consumers of data breaches within 72 hours of their discovery.
Among other things, the hearing also discussed topics addressing: (i) GDPR compliance burdens; (ii) the need for federal privacy laws to preempt the growing “patchwork” of inconsistent state laws; (iii) pitfalls of mandatory opt-in requirements for consumers; (iv) data use transparency and mandatory disclosures; and (v) efforts undertaken by companies to monitor violations of the Children’s Online Privacy Protection Act, particularly with respect to both in-house and third-party apps offered by the several of the witnesses’ companies.
On August 23, the Senate Banking Committee approved, in a 13-12 party-line vote, Kathy Kraninger to be the next Director of the CFPB, which carries a five-year term. Kraninger’s nomination next moves to the full Senate. Acting Director, Mick Mulvaney, will remain in his position for the foreseeable future, as the Federal Vacancies Reform Act allows him to continue in his acting capacity until the full Senate confirms or denies Kraninger’s nomination.
In July, Kraninger testified before the Senate Banking Committee where she fielded questions covering a range of topics, including whether she would appeal a June ruling by a federal judge in New York asserting that the CFPB’s structure was unconstitutional. While Kraninger did not provide a substantive answer to that question, she did comment that, “Congress, through [the] Dodd-Frank Act, gave the Bureau incredible powers and incredible independence from both the president and the Congress in its structure. . . . My focus is on running the agency as Congress established it, but certainly working with members of Congress. I’m very open to changes in that structure that will make the agency more accountable and more transparent.” See more detailed InfoBytes coverage on Kraninger’s July nomination hearing here.
On May 24, President Trump signed the Economic Growth, Regulatory Relief, and Consumer Protection Act (S. 2155) (the bill) — which modifies provisions of the Dodd-Frank Act and eases certain regulations on certain smaller banks and credit unions. Upon signing, the White House released a statement quoting the president, “[c]ommunity banks are the backbone of small business in America. We are going to preserve our community banks.”
The House, on May 22, passed the bipartisan regulatory reform bill by a vote of 258-159. The bill was crafted by Senate Banking, Housing, and Urban Affairs Committee Chairman Mike Crapo, R-Idaho and passed by the Senate in March. The House passed the bill without any changes to the Senate version, even though House Financial Services Chairman, Jeb Hensarling, originally pushed for additional reform provisions to be included. Specifically, the bill does not include certain provisions that were part of Hensarling’s Financial CHOICE Act, such as (i) a complete repeal of the Volker Rule; (ii) subjecting the CFPB to the Congressional appropriations process and restructure the agency with a bipartisan commission; and (iii) reducing the Financial Stability Oversight Council’s (FSOC) authority to designate nonbank financial institutions as Systemically Important Financial Institutions (SIFIs).
In response to the bill’s passage, the OCC’s Comptroller of Currency, Joseph Otting, issued a statement supporting the regulatory changes and congratulating the House, “[t]his bill restores an important balance to the business of banking by providing meaningful reductions of regulatory burden for community and regional institutions while safeguarding the financial system and protecting consumers.” Additionally, acting Director of the CFPB, Mick Mulvaney, applauded Congress, noting that the reforms to mortgage lending were “long overdue” and called the bill “the most significant financial reform legislation in recent history.”
As previously covered by InfoBytes, the highlights of the bill include:
- Improving consumer access to mortgage credit. The bill’s provisions state, among other things, that: (i) banks with less than $10 billion in assets are exempt from ability-to-repay requirements for certain qualified residential mortgage loans held in portfolio; (ii) appraisals will not be required for certain transactions valued at less than $400,000 in rural areas; (iii) banks and credit unions that originate fewer than 500 open-end and 500 closed-end mortgages are exempt from HMDA’s expanded data disclosures (the provision would not apply to nonbanks and would not exempt institutions from HMDA reporting altogether); (iv) amendments to the S.A.F.E. Mortgage Licensing Act will provide registered mortgage loan originators in good standing with 120 days of transitional authority to originate loans when moving from a federal depository institution to a non-depository institution or across state lines; and (v) the CFPB must clarify how TRID applies to mortgage assumption transactions and construction-to-permanent home loans, as well as outline certain liabilities related to model disclosure use.
- Regulatory relief for certain institutions. Among other things, the bill simplifies capital calculations and exempts community banks from Section 13 of the Bank Holding Company Act if they have less than $10 billion in total consolidated assets. The bill also states that banks with less than $10 billion in assets, and total trading assets and liabilities not exceeding more than five percent of their total assets, are exempt from Volcker Rule restrictions on trading with their own capital.
- Protections for consumers. Included in the bill are protections for veterans and active-duty military personnel such as: (i) permanently extending from nine months to one year the protection that shields military personnel from foreclosure proceedings after they leave active military service; and (ii) adding a requirement that credit reporting agencies provide free credit monitoring services and credit freezes to active-duty military personnel. The bill also addresses the creation of an identity theft protection database. Additionally, the bill instructs the CFPB to draft federal rules for the underwriting of Property Assessed Clean Energy loans (PACE loans), which would be subject to the TILA ability-to-repay requirement.
- Changes for bank holding companies. Among other things, the bill raises the threshold for automatic designation as a SIFI from $50 billion in assets to $250 billion. The bill also subjects banks with $100 billion to $250 billion in total consolidated assets to periodic stress tests and exempts from stress test requirements entirely banks with under $100 billion in assets. Additionally, certain banks would be allowed to exclude assets they hold in custody for others—provided the assets are held at a central bank—when computing the amount such banks must hold in reserves.
- Protections for student borrowers. The bill’s provisions include measures to prevent creditors from declaring an automatic default or accelerating the debt against a borrower on the sole basis of bankruptcy or cosigner death, and would require the removal of private student loans on credit reports after a default if the borrower completes a loan rehabilitation program and brings payments current.
Each provision of the bill will take effect at various intervals from the date of enactment up to 18 months after.
Trump signs legislation repealing CFPB auto guidance, Mulvaney praises action; CFPB to reexamine ECOA requirements
On May 21, President Trump signed resolution S.J. Res. 57, which repeals CFPB Bulletin 2013-02 on indirect auto lending and compliance with the Equal Credit Opportunity Act (ECOA). The president’s signature completes the disapproval process under the Congressional Review Act (CRA), which began after the Government Accountability Office (GAO) issued a letter in December 2017 to Senator Pat Toomey (R-Pa) stating that “the Bulletin is a general statement of policy and a rule” that is subject to override under the CRA. The Senate passed the disapproval measure in April and the House approved it in the beginning of May. (Previously covered by InfoBytes here.)
The repeal responds to concerns that the bulletin improperly attempted to regulate auto dealers, which the Dodd-Frank Act excluded from the Bureau’s authority. In a statement after the president’s signing, CFPB acting Director Mick Mulvaney praised the action and thanked the president and Congress for “reaffirming that the Bureau lacks the power to act outside of federal statutes.” He also stated that the repeal “clarifies that a number of Bureau guidance documents may be considered rules for purposes of the CRA, and therefore the Bureau must submit them for review by Congress. The Bureau welcomes such review, and will confer with Congressional staff and federal agency partners to identify appropriate documents for submission.”
Additionally, acting Director Mulvaney announced plans to reexamine the requirements of ECOA, “[g]iven a recent Supreme Court decision distinguishing between antidiscrimination statutes that refer to the consequences of actions and those that refer only to the intent of the actor.” Although the decision is not identified, it is likely the June 2015 Supreme Court decision in Texas Department of Housing and Community Affairs v. Inclusive Communities Project, Inc., which concluded that disparate impact claims are permitted under the Fair Housing Act but acknowledged some limitations on its application. (Covered by a Buckley Sandler Special Alert.)
On May 8, the House voted to repeal, under the Congressional Review Act (CRA), CFPB Bulletin 2013-02 (Bulletin) on indirect auto lending and compliance with the Equal Credit Opportunity Act (ECOA). As previously covered by InfoBytes, the Senate approved the resolution on April 18 and the White House issued a Statement of Administrative Policy supporting the Senate resolution; it is expected that President Trump will sign the measure soon.
If the measure is successful, this would be the first time that Congress has used the CRA to repeal a regulatory issuance outside the statute’s general 60-day period. In December 2017, the Government Accountability Office (GAO) issued a letter to Senator Pat Toomey (R-Pa) stating that “the Bulletin is a general statement of policy and a rule” that is subject to override under the CRA, which allowed for the Senate to introduce the resolution measure years after the CFPB released the Bulletin.
On April 26, the Senate confirmed Joseph Simons to lead the FTC, along with four other nominees—Republicans Noah Phillips and Christine Wilson and Democrats Rohit Chopra and Rebecca Slaughter. The FTC, which has been operating with only two commissioners, will now be headed by a full complement of commissioners. Acting Chairman Maureen Ohlhausen released a statement saying she looks forward to welcoming them to the FTC and noted that Ms. Wilson will take her seat once Acting Chairman Ohlhausen is confirmed as a judge on the U.S. Court of Federal Claims.
On April 18, the Senate voted to strike down, under the Congressional Review Act, the CFPB’s Bulletin 2013-02 (Bulletin) on indirect auto lending and compliance with the Equal Credit Opportunity Act (ECOA). The vote follows a December 2017 letter issued by the Government Accountability Office (GAO) to Senator Pat Toomey (R-Pa) stating that the Bulletin is a “general statement of policy and a rule” that is subject to override under the Congressional Review Act (CRA). As previously covered by InfoBytes, GAO reasoned that the CRA’s definition of a “rule” includes both traditional rules, which typically require notice to the public and an opportunity to comment, and general statements of policy, which do not. GAO concluded that the Bulletin meets this definition “since it applies to all indirect auto lenders; it has future effect; and it is designed to prescribe the Bureau’s policy in enforcing fair lending laws.” The measure has been sent to the House and is expected to be voted on soon. On April 17, the White House issued a Statement of Administrative Policy which supported the Senate resolution nullifying the guidance, stating that if the resolution were to be presented to the president, his advisors would recommend he sign it. If the measure is successful, this would be the first time that Congress has used the CRA to repeal a regulatory issuance outside the statute’s general 60-day period.
On October 24, the Senate cleared a resolution under the Congressional Review Act to nullify the CFPB’s recently adopted final arbitration rule, with Vice President Mike Pence casting the deciding vote to break the 50-50 tie. As previously covered in InfoBytes, the House passed H.J. Res. 111 earlier in July to invalidate the rule, which prohibits the use of mandatory pre-dispute arbitration clauses in certain contracts for consumer financial products and services. The resolution now heads to President Trump.
Both CFPB Director Richard Cordray and Acting Comptroller of the Currency Keith A. Noreika issued statements following the vote. Noreika stated: “The elected representatives acted to stop a rule from going into effect that would have likely increased the cost of credit for hardworking Americans and made it more difficult for small community banks to resolve differences with their customers without achieving the rule’s goal of deterring future financial abuse.” Noreika labeled the action by Congress as a “victory for consumers and small banks across the country.”
However, according to many media outlets, Director Cordray condemned the Senate’s action. Cordray explained: “Tonight's vote is a giant setback for every consumer in this country. Wall Street won and ordinary people lost. This vote means the courtroom doors will remain closed for groups of people seeking justice and relief when they are wronged by a company.”
On October 4, the Senate Special Committee on Aging (Committee) held a hearing entitled “Still Ringing Off the Hook: An Update on Efforts to Combat Robocalls” to discuss efforts to combat illegal robocalls. Committee Chairman Susan M. Collins (R-Me.) opened the hearing by reinforcing the importance of utilizing technology not only to block robocalls but to better understand the scams that continue to impact consumers. Sen. Collins also stressed the positive impact “aggressive law enforcement” has had on these efforts.
According to a hearing-related press release issued by the FTC, the Commission received more than 3.4 million robocall complaints from consumers in 2016 and at least another 3.5 million complaints between January and August 2017. The FTC’s ongoing efforts to address these complaints include: (i) initiating enforcement actions targeting robocall violators; (ii) cooperating with law enforcement at the state, federal, and international level to develop solutions to prevent and detect calls; and (iii) as previously discussed in InfoBytes, publicly posting robocall numbers received from consumer complaints to help enable industry groups develop call-blocking solutions. The following four witnesses offered testimony on industry and state efforts to protect consumers from scams and increase education efforts.
- Ms. Lois C. Greismann, Associate Director of the Division of Marketing Practices, Bureau of Consumer Protection, FTC (testimony);
- The Honorable Josh Shapiro, Pennsylvania Attorney General (testimony);
- Mr. Kevin Rupy, Vice President for Law and Public Policy, USTelecom (testimony); and
- Ms. Genie Barton, President, BBB Institute for Marketplace Trust (testimony).
- Valerie L. Hletko to discuss "Forecasting litigation and settlement trends in the mortgage servicing and fair lending context" at the American Conference Institute National Forum on Residential Mortgage Regulatory Enforcement & Litigation
- Michelle L. Rogers and Jonice Gray Tucker to discuss “Building a govt affairs program; Government investigations” at the TechGC National Summit
- Tina Tchen to deliver keynote address at the American Bar Foundation Montgomery Summer Research Diversity Fellowship 30th Anniversary Celebration
- Douglas F. Gansler to discuss "Privacy, security and protection of your assets in contracts; Security exercises and tactical measures" at the TechGC National Summit
- H Joshua Kotin will discuss federal regulatory developments in mortgage lending and servicing at the Mortgage Bankers Association of Arkansas Fall Conference
- Kate Shrout to discuss "Conducting workplace investigations" at the TechGC National Summit
- Kathryn R. Goodman to discuss "HECM servicing policies and updates" at the National Reverse Mortgage Lenders Association Annual Meeting & Expo
- Fredrick S. Levin to discuss "Reverse mortgage litigation trends" at the National Reverse Mortgage Lenders Association Annual Meeting & Expo
- Melissa Klimkiewicz to speak at the "Digital marketing compliance roundtable" at the National Reverse Mortgage Lenders Association Annual Meeting & Expo
- Hank Asbill to discuss "The role of the media in white collar criminal investigations and the Mueller probe" at the American Bar Association White Collar Crime Town Hall
- John C. Redding to discuss "Regulatory compliance update" at PowerSports Finance
- Matthew P. Previn to discuss "Enforcement trends: Who is doing what and how?" at the Cambridge Forums Inc. Forum on Consumer Finance Litigation & Enforcement
- Jonice Gray Tucker to discuss "Protect yourself from a CFPB investigation" at the National Association of Settlement Purchasers Conference
- Tina Tchen to deliver keynote address at the American Bar Association Professional Success Summit
- Andrea K. Mitchell to discuss "Developments in fair lending law" at the Mortgage Bankers Association Summit on Diversity and Inclusion
- Jonice Gray Tucker to discuss "Consumer financial services" at the Practising Law Institute Banking Law Institute
- Daniel P. Stipano to discuss "New CDD Rule: Pitfalls in compliance" at the American Bankers Association/American Bar Association Financial Crimes Enforcement Conference