InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Multiple states address cost of security freezes
On March 19, the Michigan governor signed legislation, HB 5094, which amends the Michigan Security Freeze Act to prohibit consumer reporting agencies (CRAs) from charging a fee for “placing, temporarily lifting, or removing a security freeze” on a credit report. Previously, the state allowed for a fee of up to $10 to use the service, if the consumer had not previously filed a police report alleging identity theft. HB 5094 is effective immediately.
On March 15, the Utah governor signed legislation, HB 45, which amends the Utah Consumer Credit Protection Act to prohibit CRAs from charging a fee in connection with placing or removing a security freeze. Additionally, the bill also prohibits CRAs from charging a fee in connection with mobile applications through which a consumer would place or remove a security freeze. The legislation outlines the manner in which a consumer may request a security freeze and the requirements CRAs must follow in responding to the requests. Previously, Utah allowed for CRAs to charge a “reasonable fee” in connection with a security freeze service.
Washington governor enacts amendment relating to security freeze fees
On March 13, the Washington governor signed Senate Bill 6018, which amends sections of the state’s Fair Credit Reporting Act addressing the removal of security freezes. Among other things, the amended act prohibits credit reporting agencies (CRAs) from charging a fee for placing, temporarily lifting, or removing a security freeze, or when assigning consumers unique personal identification numbers. Additionally, the offices of cybersecurity and privacy and data protection and the Attorney General’s office are instructed to work with stakeholders to evaluate the amendment’s impact on consumers and CRAs. A findings report must be submitted by December 1, 2020, and include data breach trends and recommendations by federal and state agencies. The amendment takes effect June 7.
Bipartisan group of state Attorneys General denounce potential limitations on state oversight of student loan industry
On March 15, a bipartisan group of 30 state Attorneys General released a letter urging Congress to reject Section 493E(d) of the Higher Education Act reauthorization – H.R. 4508, known as the “PROSPER Act” – which would prohibit states from “overseeing, licensing, or addressing certain state law violations by companies that originate, service, or collect on student loans.” Led by the New York and Colorado Attorneys General, the letter characterizes Section 493E(d) as an “an all-out assault on states’ rights and basic principles of federalism.” According to the letter, if enacted, parts of the student loan industry would be immunized from state-level enforcement, placing a larger consumer protection role on the Department of Education for which the agency is not equipped to handle. The Attorneys General assert that the states have the legal capacity and track record to enforce against abuses in the student loan market; citing to a statistic which estimates $1.38 trillion in student loan debt, the letter highlights previous state enforcement actions and emphasizes the need for states and the federal government to work together to protect U.S. borrowers.
In addition to Section 493E(d) of the PROSPER Act, the Department of Education recently published an interpretation in the Federal Register which takes the position that state regulation of certain federal student loan programs is preempted by federal law, previously covered by InfoBytes here.
Virginia governor enacts amendment relating to security freeze fees
On March 9, the governor of Virginia signed House Bill 1027, which amends sections of the Code of Virginia relating to security freezes and lowers the maximum amount that a credit reporting agency may charge to place, remove, or lift a security freeze on a protected consumer’s credit report from $10 to $5. Victims of identity theft remain exempt from the fee. The amendment takes effect July 1.
South Dakota amends money lending licenses statute
On March 1, the South Dakota governor signed H.B.1082, amending South Dakota’s money lending licenses statute. Pursuant to H.B. 1082, engagement in the “business of lending money,” for which a license is required, is expressly defined not to include engagement in: (i) “any seller-financed transaction for the sale of assets to a purchaser”; or (ii) “any seller-financed transaction for the sale of real estate through a contract for deed,” so long as the interest rate for such transactions does not exceed the rate permitted under S.D. Code Ann. § 54-4-44.
Nebraska, South Dakota enact legislation relating to security breaches and credit freezes
On March 1, the governor of South Dakota signed House Bill 1078 to revise certain provisions addressing the removal of credit security freezes. The amended act states that a security freeze will remain in place until a consumer requests the removal from the consumer reporting agency. The consumer reporting agency is then required to remove the freeze within three business days. Separately, on February 27, the governor signed House Bill 1127 (HB 1127) to revise certain provisions concerning fees charged for security freezes. Among other things, HB 1127 prohibits consumer reporting agencies from charging a fee for placing or removing a security freeze, and stipulates that a consumer reporting agency may advise a third party that a consumer’s credit report has been frozen.
On February 28, the governor of Nebraska approved Legislative Bill 757 strengthening certain provisions of the state’s Credit Report Protection Act and the Financial Data Protection and Consumer Notification of Data Security Breach Act of 2006. Among other things, the amendments state that (i) any individual or commercial entity in the state that possesses computerized data containing personal information of Nebraska residents must maintain reasonable security and disposal procedures and practices; (ii) nonaffiliated third-parties with access to personal information must also maintain reasonable security and disposal procedures; and (iii) consumer reporting agencies must provide services free-of-charge for the placement or removal of a credit security freeze. The legislation also outlines additional violations under which the Nebraska Attorney General can enforce protection of consumer privacy in the event of a data breach.
Alabama extends right of redemption period
On February 22, Alabama enacted HB 90, which amends the Code of Alabama section relating to the right of redemption on residential property. The amendment provides for a one-year right of redemption period after the foreclosure sale date. Alabama requires a mortgagee to mail a notice of a mortgagor’s right of redemption at least 30 days prior to the foreclosure sale, and the amendment allows the mortgagee to use the proof of mailing of the notice as an affirmative defense to any notice requirement action. Finally, the amendment reduces the time all actions related to the notice requirement must be brought from two years to one year after the date of foreclosure.
District Court dismisses First Amendment challenge to Montana’s statute banning robocalls
On February 9, a federal judge for the U.S. District Court for the District of Montana denied a plaintiff’s motion for summary judgment, which sought to overturn the State of Montana’s statutory restrictions on robocalls. Among other things, the plaintiff—a Michigan-based political consulting firm that relies on automated calls to gather data—claimed the 1991 Montana statute violated its right to free speech under the First and Fourteenth Amendments of the United States Constitution by prohibiting automated sales and political campaign calls. However, the court ruled that the Montana statute is sufficiently narrowly tailored and is intended to preserve and protect residents’ “control over [their] property and personal choices regarding receipt of communications.” Exemptions to the ban, the court explained, can occur “if the permission of the called party is obtained by a live operator before the recorded message is delivered.” The narrow tailoring leaves “ample alternative (including all of the more traditional) channels of communication for the protected political speech.”
Maine amends Fair Debt Collection Practices Act to clarify licensing requirements
On February 6, Maine Governor Paul LePage signed updates to a provision of the state’s Fair Debt Collection Practices Act (Maine FDCPA), which clarify licensing requirements for persons engaged in the business of collecting debts in the state. S.P. 613, “An Act to Improve the Regulation of Debt Collectors,” includes the following: (i) removes the licensing condition that requires a debt collector to be “face to face” when soliciting business from Maine creditors; and (ii) requires a debt collector to be licensed in the state before collecting a debt from a consumer in the state, regardless of the debt collector’s actual location. The law will take effect 90 days following the adjournment of the legislative session.
NYDFS adjusts minimum interest requirements of escrow accounts
On January 29, the New York Department of Financial Services (NYDFS) announced an order adjusting the minimum rate of interest that New York State-chartered banks and other New York State-chartered financial institutions (collectively, “covered institutions”) must pay on certain mortgage escrow accounts. Prior to the order, covered institutions were required to pay a minimum rate of two percent per annum on certain residential escrow accounts. To more closely align with requirements for federal banking institutions, the order adjusts the minimum rate of interest that covered institutions must pay to the lesser of two percent or the six-month yield on United States Treasury securities.