InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
California appellate court upholds judgment in RFDCPA suit
On November 23, the California Court of Appeal for the Fourth Appellate District upheld a summary judgment ruling for a creditor over allegations that it violated the Rosenthal Fair Debt Collection Practices Act (RFDCPA). The plaintiff, the widow of a former patient of the defendant doctor, asserted claims against the doctor and his professional corporation (collectively, “defendants”) alleging that they were debt collectors within the meaning of the RFDCPA. The plaintiff alleged that the defendants violated the RFDCPA by sending “multiple bills and making incessant” phone calls seeking payment for services provided to her husband before he died. The plaintiff requested that the defendants stop contacting her and seek payment through insurance and the hospital. The defendants used two different companies for its third-party billing services, and those companies sent invoices to the plaintiff, who responded that payment inquiries for her deceased husband should only be submitted to the insurance company and the medical center. The trial court granted the defendants’ motion for summary judgment, ruling they did not meet the statute’s definition of a debt collector.
The appellate court affirmed, finding that “a medical service provider that exclusively uses an unaffiliated, third-party billing service to collect payment for services rendered to patients” is not a “debt collector” within the meaning of the RFDCPA. The court found that although the RFDCPA “applies to those who collect debts on behalf of themselves,” the law still requires that a defendant “must regularly and in the ordinary course of business ‘engage in’ debt collection” for liability to attach. The appellate court emphasized that it was not holding that “a creditor may never be vicariously liable for the actions of a debt collector on an agency theory.” Instead, the plaintiff carried “the burden to demonstrate a triable issue of material fact on the existence of such an agency relationship, and she failed to do so on this record.”
Supreme Court asked to stay judgment holding that HEROES Act does not authorize the creation of the DOE’s student debt relief plan
Recently, the DOJ filed an application on behalf of the Department of Education (DOE) asking the U.S. Supreme Court to stay a judgment entered by the U.S. District Court for the Northern District of Texas in an action related to whether the agency’s student debt relief plan violated the Administrative Procedure Act’s (APA) notice-and-comment rulemaking procedures. As previously covered by InfoBytes, the district court held that while the HEROES Act expressly exempts the APA’s notice-and-comment obligations, the district court stressed that the HEROES Act “does not provide the executive branch clear congressional authorization to create a $400 billion student loan forgiveness program,” and, moreover, does not mention loan forgiveness. On December 1, the U.S. Court of Appeals for the Fifth Circuit denied the DOE’s motion for stay pending appeal.
In its application, the DOE argued that the plaintiffs never asserted that the debt relief plan exceeded the education secretary’s statutory authority. Instead, the DOE argued, the plaintiffs alleged only that they were improperly denied the opportunity to comment on the plan, stressing that while the district court recognized that the HEROES Act expressly exempts the APA’s notice-and-comment obligations, it went further by holding that the plan went beyond the secretary’s authority. “The district court profoundly erred by raising and deciding a claim that respondents did not assert and could not have asserted,” the DOE stressed, further adding that the plaintiffs did not claim that providing debt relief to other borrowers would inflict injury on them. Beyond this, the secretary’s plan “falls squarely within the plain text of his statutory authority,” the DOE asserted. The DOE requested that the Supreme Court stay the district court’s judgment, or in the alternative, defer the application pending oral argument and treat it as a petition for certiorari before judgment, grant the petition, and hear the case along with a second separate action, discussed below, involving a challenge to an injunction that temporarily prohibits the Secretary of Education from discharging any federal loans under the agency’s student debt relief plan.
As previously covered by InfoBytes, on December 1, the Supreme Court agreed to hear the Biden administration’s appeal of an injunction entered by the U.S. Court of Appeals for the Eighth Circuit. The 8th Circuit held that “the equities strongly favor an injunction considering the irreversible impact the Secretary’s debt forgiveness action would have as compared to the lack of harm an injunction would presently impose,” and pointed to the fact that the collection of student loan payments and the accrual of interest have both been suspended. (Covered by InfoBytes here.) The 8th Circuit’s opinion followed a ruling issued by the U.S. District Court for the Eastern District of Missouri, which dismissed an action filed by state attorneys general from Nebraska, Missouri, Arkansas, Iowa, Kansas, and South Carolina for lack of Article III standing after concluding that the states—which attempted “to assert a threat of imminent harm in the form of lost tax revenue in the future”— failed to establish imminent and non-speculative harm sufficient to confer standing. In an unsigned order, the Supreme Court deferred the Biden administration’s application to vacate, pending oral argument. Oral arguments are scheduled for February 28, 2023.
9th Circuit revives data breach class action against French cryptocurrency wallet provider
On December 1, the U.S. Court of Appeals for the Ninth Circuit affirmed in part and reversed in part a district court’s dismissal of a putative class action brought against a French cryptocurrency wallet provider and its e-commerce vendor for lack of personal jurisdiction. As previously covered by InfoBytes, plaintiffs—customers who purchased hardware wallets through the vendor’s platform between July 2017 and June 2020—alleged violations of state-level consumer protection laws after a 2020 data breach exposed the personal contact information of thousands of customers. Plaintiffs contended, among other things, that when the breach was announced in 2020, the wallet provider failed to inform them that their data was involved in the breach, downplayed the seriousness of the attack, and did not disclose that the attack on its website and the vendor’s data theft were connected. The district court held that it did not have jurisdiction over the French wallet provider, and ruled, among other things, that the plaintiffs did not establish that the wallet provider “expressly aimed” its activities towards California in a way that would establish specific jurisdiction, and “did not cause harm in California that it knew was likely to be suffered there.” The district court further held that the fact that the vendor was headquartered in California at the time the breach occurred was not sufficient to establish general jurisdiction because the vendor moved to Canada before the class action was filed. “Courts have uniformly held that general jurisdiction is to be determined no earlier than the time of filing of the complaint,” the district court wrote, dismissing the case with prejudice.
On appeal, the 9th Circuit concluded that dismissal was improper because the French wallet provider’s contracts with California were sufficient to establish jurisdiction under the “purposeful availment” framework. The appellate court explained that because the French wallet provider sold roughly 70,000 wallets in the state, collected California sales tax, and shipped wallets directly to California addresses, the “facts suffice to establish purposeful availment because [the French wallet provider’s] contacts with the forum cannot be characterized as ‘random, isolated, or fortuitous.’” However, the 9th Circuit limited the claims to only those brought by California residents under the state’s consumer protection laws. A forum-selection clause in the French wallet provider’s privacy policy and terms of use documents provided that disputes would be subject to the exclusive jurisdiction of French courts, the appellate court said, which was enforceable except with respect to the class claims of California residents brought under California law “because it violated California public policy against waiver of consumer rights under California’s Consumer Legal Remedies Act.”
The 9th Circuit also determined that the district court abused its discretion in disallowing any jurisdictional discovery concerning the defendant e-commerce vendor. Explaining that the e-commerce vendor employs more than 200 people who work remotely from California, including a data-protection officer (DPO) who may have played a role related to the data breach, the appellate court wrote that “[b]ecause more facts are needed to determine whether those activities support the exercise of jurisdiction, we reverse the district court’s denial of jurisdictional discovery with respect to the DPO’s role and responsibilities and his relationship to [the e-commerce vendor], which processed and stored the data.”
Hair clinic must pay $500,000 to resolve data breach
On November 21, the U.S. District Court for the Central District of California granted final approval to a $500,000 class action settlement resolving allegations that a ransomware attack and data breach exposed the personal information of over 100,000 of the defendant hair-restoration clinic’s customers. According to the order, the plaintiffs alleged that defendant violated California's consumer protection statutes by failing to: (i) protect consumers' personal information; (ii) notify them quickly enough about the breach; and (iii) monitor its network for vulnerabilities and breaches. The order provided attorneys’ fees of $262,500, and awards of $1,250 each to the class representatives.
District Court issues judgment against company for marketing fake high-yield CDs
On December 9, the U.S. District Court for the Southern District of New York entered a final stipulated final judgment and order against a Delaware financial-services company operating in Florida and New York along with its owner (collectively, “defendants”) for engaging in deceptive acts under the Consumer Financial Protection Act related to its misleading marketing representations when advertising high-yield healthcare savings CD accounts. As previously covered by InfoBytes, the Bureau’s 2020 complaint alleged that defendants engaged in deceptive acts or practices by: (i) falsely representing that consumers’ deposits into the high yield CD accounts would be used to originate loans for healthcare professionals, when in fact, the company never used the deposits to originate loans for healthcare professionals, never sold a loan to a bank or secondary-market investor, and never entered into a contract with a buyer or investor to purchase a loan; (ii) concealing the company’s true business model by falsely representing that the consumers’ deposits, when not being used to originate healthcare loans, would be held in an FDIC- or Lloyd’s of London-insured account or a “cash alternative” or “cash equivalent” account, when in reality, consumers’ deposits were, among other things, invested in securities; (iii) misleading consumers into believing that the accounts their funds were being deposited into functioned like traditional savings accounts when in fact, consumers’ deposits were actively traded in the stock market or used in securities-backed investments; and (iv) falsely representing that past high yield CD accounts allegedly paid interest at rates between 5 percent and 6.25 percent prior to 2019 when in fact, the company did not offer CDs until August 2019, and “consumers’ principals was neither guaranteed nor insured.” The complaint noted that since August 2019, the company took more than $15 million from at least 400 consumers.
The settlement provides for a comprehensive consumer redress plan that would require defendants to refund approximately $19 million to approximately 400 depositors. Further, pursuant to the order, the defendants are required to return the money that each affected consumer deposited into a certain account in a manner consistent with the advertised terms of the product, namely, the principal along with an average per year interest rate of about 6 percent. The proposed order also permanently bans the defendants from engaging or assisting others in any deposit taking activities and requires defendants to pay a civil money penalty to the Bureau in the amount of $391,530.
FTC takes action against debt relief operation
On November 30, the FTC announced an action against three individuals and their affiliated companies (collectively, “defendants”) for allegedly participating together in a credit card debt relief scheme since 2019. The FTC alleged in its complaint that the company violated the FTC Act and the Telemarketing Sales Rule (TSR) by using telemarketers to call consumers and pitch their deceptive scheme, falsely claiming to be affiliated with a particular credit card association, bank, or credit reporting agency and promising they could improve consumers’ credit scores after 12 to 18 months. The defendants also allegedly misrepresented that the upfront fee, which in some cases was as high as $18,000, was charged to consumers’ credit cards as part of the overall debt that would be eliminated, and therefore consumers would not actually have to pay this fee. The District Court for the Middle District of Tennessee granted the Commission’s request to temporarily shut down the scheme operated by the defendants and froze their assets. The complaint requests, among other things, a permanent injunction to prevent future violations of the FTC Act and the TSR by the defendants.
District Court grants MSJ for plaintiff in FDCPA suit
On November 21, the U. S. District Court for the Northern District of Illinois denied a defendant debt collection company’s motion for summary judgment and granted plaintiff’s motion for summary judgment in an FDCPA suit. According to the opinion, the plaintiff sent a letter to the defendant disputing the accuracy of the information being reported to the credit reporting agency, saying the amount of the debt was incorrect. The defendant received the letter on February 1, 2021, and on February 3, the defendant reported the debt to the CRA, but failed to note that the debt was disputed. The CRA then communicated information about plaintiff’s debt to additional third parties. The next reporting cycle for the plaintiff’s account closed on March 3, 2021. At that time, the defendant correctly reported that plaintiff’s debt was disputed. The defendant explained that although the servicer received the plaintiff’s dispute letter on February 1, 2021, “no one was able to analyze, process, and review” it until February 4, 2021, by which time it had already reported the debt to the CRA.
The defendant argued that it can take up to seven business days for its credit review team to review a dispute letter that it receives, and information about a disputed debt may be communicated to third parties in the interim. The defendant also argued that the plaintiff lacked standing to sue because there was no negative impact on her credit score as a result of the dispute not being transmitted.
According to the court, the defendant’s “system tolerates the communication of false information in cases where disputes arrive at its doorstep at the close of its monthly reporting periods, and it lacks procedures for promptly correcting information it later discovers was false at the time it was communicated to a third party.” The court also found that the plaintiff’s constitutional standing does not depend on proof of damage to her credit score.
ECJ invalidates AML directive granting public access to beneficial ownership information
On November 22, the European Court of Justice (ECJ) announced a ruling invalidating a provision of the 2018 amended EU anti-money laundering directive that guaranteed public access to the beneficial ownership information of legal entities incorporated within member states. The case was referred to the ECJ by a Luxembourg court following two actions that disputed the compatibility of this directive with the beneficial owners’ fundamental right to privacy. The ECJ was asked to issue a preliminary ruling on a series of questions concerning the interpretation of “exceptional circumstances” and “disproportionate risk,” as well as the directive’s compatibility with the Charter of Fundamental Rights of the European Union (Charter) and the GDPR. Under the directive, member states are required to enter and maintain beneficial ownership information in registers that are accessible to the general public. The directive is intended to prevent the financial system from being exploited for the purposes of money laundering or terrorist financing, and requires, with limited exemptions, that member states provide information on “the beneficial owner’s name, month and year of birth, nationality and country of residence, as well as the nature and extent of his or her beneficial interests.”
In its announcement, the ECJ said that public access to beneficial ownership information “constitutes a serious interference with the fundamental rights to respect for private life and the protection of personal data” provided in Articles 7 and 8 of the Charter. “[T]he potential consequences for the data subjects resulting from possible abuse of their personal data are exacerbated by the fact that, once those data have been made available to the general public, they can not only be freely consulted, but also retained and disseminated,” the ECJ wrote in the judgment, adding that “in the event of such successive processing, it becomes increasingly difficult, or even illusory, for those data subjects to defend themselves effectively against abuse.”
While the ECJ found that, by the measure at issue, the EU legislature is pursuing “an objective of general interest capable of justifying even serious interferences with the fundamental rights enshrined in Articles 7 and 8 of the Charter, and that the general public’s access to information on beneficial ownership is appropriate for contributing to the attainment of that objective,” the “interference entailed by that measure is neither limited to what is strictly necessary nor proportionate to the objective pursued.” Additionally, the ECJ held that the amended “directive amounts to a considerably more serious interference with the fundamental rights guaranteed in Articles 7 and 8 of the Charter” without being offset by any benefits that may result from the amended directive as compared to the previous version in terms of combating money laundering and terrorist financing. However, the ECJ did recognize that civil society and the press have a legitimate interest in accessing such information, given their role in the fight against money laundering.
States say student loan trusts are subject to the CFPA’s prohibition on unfair debt collection practices
On November 15, a bipartisan coalition of 23 state attorneys general led by the Illinois AG announced the filing of an amicus brief supporting the CFPB’s efforts to combat allegedly illegal debt collection practices in the student loan industry. As previously covered by InfoBytes, in February, the U.S. District Court for the District of Delaware stayed the Bureau’s 2017 enforcement action against a collection of Delaware statutory trusts and their debt collector after determining there may be room for reasonable disagreement related to questions of “covered persons” and “timeliness.” The district court certified two questions for appeal to the U.S. Court of Appeals for the Third Circuit related to (i) whether the defendants qualify as “covered persons” subject to the Bureau’s enforcement authority; and (ii) whether the case can be continued after the Supreme Court’s 2020 decision in Seila Law v. CFPB (which determined that the director’s for-cause removal provision was unconstitutional but was severable from the statute establishing the Bureau—covered by a Buckley Special Alert). Previously, the district court concluded that the suit was still valid and did not need ratification because—pointing to the majority opinion in the Supreme Court’s decision in Collins v. Yellen (covered by InfoBytes here)—“‘an unconstitutional removal restriction does not invalidate agency action so long as the agency head was properly appointed[,]’” and therefore the Bureau’s actions are not void and do not need to be ratified, unless a plaintiff can show that “the agency action would not have been taken but for the President’s inability to remove the agency head.” The district court later acknowledged, however, that Collins “is a very recent Supreme Court decision” whose scope is still being “hashed out” in lower courts, which therefore “suggests that there is room for reasonable disagreement and thus supports an interlocutory appeal here.”
The states argued that they have a “substantial interest” in protecting state residents from unlawful debt collection practices, and that this interest is implicated by this action, which addresses whether the defendant student loan trusts are “covered persons” subject to the prohibition on unfair debt collection practices under the CFPA. Urging the 3rd Circuit to affirm the district court’s decision to deny the trusts’ motion to dismiss, the states contended among other things, that hiring third-party agencies to collect on purchased debts poses a large risk to consumers. These types of trusts, the states said, “profit only when the third parties that they have hired are able to collect on the flawed debt portfolios that they have purchased.” Moreover, “[d]ebt purchasing entities, including entities like the [t]rusts, are thus often even more likely than the original creditors to resort to unlawful tactics in undertaking collection activities,” the states stressed, explaining that in order to combat this growing problem, many states apply their prohibitions on unlawful debt collection practices “to all debt purchasers that seek to reap profits from these illegal activities, including those purchasers that outsource collection to third parties.” The Bureau’s decision to do the same is therefore appropriate under the CFPA, the states wrote, adding that “as a practical matter, these debt purchasers are as problematic as debt purchasers that collect on their own debt. The [t]rusts’ request to be treated differently because of their decision to hire third party agents to collect on the debts that they have purchased (and reap the profits on) should be rejected.”
District Court issues judgment against company bilking 9/11 first responders
On November 23, the U.S. District Court for the Southern District of New York entered a stipulated final judgment and order against a finance company, two related entities, and the companies’ founder and owner (collectively, “defendants”) for engaging in deceptive and abusive acts or practices under the Consumer Financial Protection Act (CFPA) related to the offering of cash advances to people on their settlement payouts from victim-compensation funds established for certain first responders to the World Trade Center attack on September 11, 2001.
As previously covered by InfoBytes, in 2017, the CFPB and the New York attorney general filed a complaint alleging that the defendants engaged in deceptive and abusive acts by misleading consumers into selling expensive advances on benefits to which they were entitled by mischaracterizing extensions of credit as assignments of future payment rights, thereby causing the consumers to repay far more than they received. In March 2022, the district court ruled that the CFPB could proceed with its 2017 enforcement action against the defendants (covered by InfoBytes here) two years after the U.S. Court of Appeals for the Second Circuit vacated a 2018 district court order dismissing the case on the grounds that the Bureau’s single-director structure was unconstitutional, and that, as such, the agency lacked authority to bring claims alleging deceptive and abusive conduct by the company (covered by InfoBytes here).
The 2nd Circuit remanded the case to the district court, determining that the U.S. Supreme Court’s ruling in Seila Law LLC v. CPFB (holding that the director’s for-cause removal provision was unconstitutional but severable from the statute establishing the Bureau, as covered by a Buckley Special Alert) superseded the 2018 ruling. The appellate court further noted that following Seila, former Director Kathy Kraninger ratified several prior regulatory actions (covered by InfoBytes here), including the enforcement action brought against the defendants, and as such, remanded the case to the district court to consider the validity of the ratification of the enforcement action. The defendants later filed a petition for writ of certiorari, arguing that the Bureau could not use ratification to avoid dismissal of the lawsuit, but the Supreme Court declined the petition. (Covered by InfoBytes here). In 2021, the defendants filed a motion to dismiss the Bureau’s enforcement action on the grounds that “it was brought by an unconstitutionally constituted agency” and that the Bureau’s “untimely attempt to subsequently ratify this action cannot cure the agency’s constitutional infirmity.” (Covered by InfoBytes here). The district court turned to the Supreme Court’s June 2021 majority decision in Collins v. Yellen, which held that “‘an unconstitutional removal restriction does not invalidate agency action so long as the agency head was properly appointed[.]’” Accordingly, the agency’s actions are not void and do not need to be ratified, unless a plaintiff can show that “the agency action would not have been taken but for the President’s inability to remove the agency head.” (Covered by InfoBytes here).
In the amended complaint, filed in July 2022, the Bureau and the New York AG alleged that, among other things, the defendants engaged in deceptive acts by misrepresenting to consumers that the company’s contracts created valid and enforceable assignments of their payment proceeds when, in fact, the assignments were not valid and enforceable. The amended complaint also alleged that the company misrepresented to consumers when they would receive funds from the company, often promising consumers an earlier date of disbursement than the actual disbursement. Additionally, the joint complaint alleged that the defendants violated state law by collecting on purported assignments that are void, unenforceable, and uncollectable, or alternatively, by collecting on contracts that functioned as loans with interest rates that exceed usury limits under state law, which are also void and on which no payment is due.
Under the terms of the final judgment, defendants must pay a $1 civil money penalty to the Bureau and must not take any action to collect any unpaid or future amounts owed by the harmed responders, which totals at least $600,000. Under the order, defendants must also refrain from participating in offering, brokering, or providing credit or advances of funds to individuals entitled to payments from governmentally created funds established to compensate victims of 9/11.