InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
NY AG warns debt collectors of new state regulations
On March 29, the New York attorney general announced that letters were sent to large credit card companies and major debt collectors operating in New York, providing a warning regarding new state debt collection regulations. As previously covered by InfoBytes, the New York governor signed S.153 in November 2021, which enacted The Consumer Credit Fairness Act and expanded consumer protections against abusive debt collection by, as explained by NYDFS acting Superintendent Adrienne A. Harris, “address[ing] known predatory debt collection practices, [and] barring an abusive common tactic engaged by predatory debt collectors which is to sue on time-barred consumer debts for which they lack even the most basic of documentation.” The letter noted that its recipients are “aware of these obligations and that [they] are taking appropriate steps to comply with the new requirements.” The letter stated that beginning April 7, the statute of limitations on consumer debt collection actions in the state will be decreased to three years, a period of time that cannot be extended by partial payments made after the statute of limitations has expired, and that “debt collectors must ensure that validation notices for debts that will become time-barred on April 7, 2022 include this disclosure if the notice is likely to be received after that date.” The letter also reminded debt collectors of new disclosures that will be required when filing collection lawsuits against consumers starting May 7. Complaints are required to include an itemization of the debt and include more information about the chain of ownership, including providing a copy of the original contract on which the debt is based. Collectors must also begin utilizing a “more comprehensive” notice that is provided to the clerk of the court and subsequently passed on to consumers and must use a new form when filing for summary judgments. Lastly, the letter requested information on how the companies are complying with Regulation F and the new disclosure requirements.
FCC signs robocall enforcement partnerships with states
On March 28, the FCC announced it launched formal robocall investigation partnerships with the Connecticut, District of Columbia, Idaho, Kentucky, Minnesota, New Jersey, and Wyoming state attorneys general, bringing the total number of state-federal partnerships to 22. According to the FCC, the seven AGs entered into a Memoranda of Understanding (MOU) with state robocall investigators and the FCC’s Enforcement Bureau, which establishes critical information sharing and cooperation structures to investigate spoofing and robocall scam campaigns. The FCC also noted that it expanded existing MOUs in Michigan and West Virginia with robocall investigations. According to the press release, the MOUs help facilitate relationships with other actors, including other federal agencies and robocall blocking companies, and provide support for and expertise with critical investigative tools, including subpoenas and confidential response letters from suspected robocallers. The FCC also noted that “[d]uring investigations, both the FCC’s Enforcement Bureau and state investigators seek records, talk to witnesses, interview targets, examine consumer complaints, and take other critical steps to build a record against possible bad actors,” which “can provide critical resources for building cases and preventing duplicative efforts in protecting consumers and businesses nationwide.”
District Court enters $2.8 million judgment in CFPB student debt relief action
On March 22, the U.S. District Court for the Central District of California entered a stipulated final judgment and order against one of the defendants in an action brought by the CFPB, the Minnesota and North Carolina attorneys general, and the Los Angeles City Attorney, alleging a student loan debt relief operation deceived thousands of student-loan borrowers and charged more than $71 million in unlawful advance fees. As previously covered by InfoBytes, the complaint asserted that the defendants violated the CFPA, the Telemarketing Sales Rule, and various state laws. Amended complaints (see here and here) also added new defendants and included claims for avoidance of fraudulent transfers under the Federal Debt Collection Procedures Act and California’s Uniform Voidable Transactions Act, among other things. A stipulated final judgment and order was entered against the named defendant in July (covered by InfoBytes here), which required the payment of more than $35 million in redress to affected consumers, a $1 civil money penalty to the Bureau, and $5,000 in civil money penalties to each of the three states. The court also previously entered final judgments against several of the defendants, as well as a default judgment and order against two other defendants and a settlement with two non-parties (covered by InfoBytes here, here, here, here, and here).
The final judgment issued against the settling defendant, who neither admitted nor denied the allegations except as specifically stated, permanently bans the defendant from participating in telemarking services or offering or selling debt-relief services, and prohibits it from misrepresenting benefits consumers may receive from a product or service. The defendant is also permanently restrained from violating applicable state laws, and may not disclose, use, or benefit from customer information obtained in connection with the offering or providing of the debt relief services. The settlement orders the defendant to pay more than $2.8 million in consumer redress, as well as a $1 civil money penalty to the Bureau and $5,000 to each of the three states.
Colorado reaches agreements with credit unions over unused GAP fees violations
Recently, the Colorado attorney general announced three separate settlements (see here, here, and here) with three credit unions resolving allegations that they neglected to refund unearned Guaranteed Automobile Protection (GAP) fees to Colorado consumers. The administrator of the Uniform Consumer Credit Code (UCCC), who is part of the Consumer Protection Division of the Department of Law and who led this investigation, concluded that the credit unions engaged in unfair and deceptive trade practices under the Colorado Consumer Protection Act by failing to provide GAP refunds automatically without waiting for a request from the consumer. Under the terms of the assurances of discontinuance, the credit unions have agreed to comply with all legal obligations and issue refunds to affected borrowers, and: (i) must comply with the UCCC rule’s GAP refund requirements; (ii) are subjected to an audit to verify the accuracy of their self-audits; and (iii) must send a confirmation letter pre-approved by the administrator to each consumer to whom a GAP refund was paid because of the self-audits. The AG noted that the “settlements are part of our office’s efforts to ensure lending institutions follow Colorado law and do not cheat hardworking consumers out of money they are entitled to under their lending and coverage agreements.”
California clarifies that internally generated inferences are “personal information” under the CCPA
On March 10, the California Office of the Attorney General (OAG) issued an opinion on the question of whether, under the California Consumer Privacy Act (CCPA), a consumer’s right to know the specific pieces of personal information collected by a covered business about that consumer applies to internally generated inferences that the business holds about the consumer from either internal or external information sources. According to the OAG, the answer is yes—consumers have the right to know internally generated inferences about themselves, and a business must provide such information upon request, unless a business can demonstrate an applicable CCPA statutory exception. The CCPA, which was enacted in June 2018 and became effective January 1, 2020 (covered by a Buckley Special Alert), provides California consumers with new rights of control over the personal information held about them (with certain exceptions), including the right to know what information is being collected and how a business uses and shares that information, the right to delete personal information, and the right to opt out of certain transfers and sales of their personal information. The OAG noted that while the Consumer Privacy Rights Act of 2020 will become fully operative January 1, 2023, none of the act’s amendments to the CCPA will change the conclusions presented in the opinion.
The OAG’s opinion defines “inference” under the CCPA to mean “the derivation of information, data, assumptions, or conclusions from facts, evidence, or another source of information or data.” Example inferences such as “married,” “homeowner,” “online shopper,” or “likely voter,” the OAG explained, are derived from information collected by businesses such as online transactions, social network posts, or public records. OAG noted that some businesses also use proprietary methods to create inferences and “then sell or transfer the inferences to others for commercial purposes,” thus allowing, according to studies, “seemingly innocuous data points” to be combined with other data points “to deduce startlingly personal characteristics.” According to the OAG’s interpretation of the plain language of the CCPA, as well as legislative history, businesses are generally required “to disclose internally generated inferences to consumers” “regardless of whether the inferences were generated internally by the responding business or obtained by the responding business from another source.”
The OAG further explained that, inferences are “personal information” for purposes of the CCPA, and therefore must be disclosed provided two conditions exist: (i) “the inference is drawn ‘from any of the information identified”’ in subdivision (o) of Civil Code section 1798.140, which includes, among other things, personal identifiers such as names, addresses, account numbers, or identification numbers, customer records, age, gender, race, or religion, as well as inferences obtained from any of the provided items; and (ii) “the inference is used to ‘create a profile about a consumer,’ or in other words to predict a salient consumer characteristic.” For the purposes of responding to a consumer’s request to know, the OAG stated that “it does not matter whether the business gathered the information from the consumer, found the information in public repositories, bought the information from a broker, inferred the information through some proprietary process of the business’s own invention, or any combination thereof.” The business is required to disclose the personal information it holds to the consumer upon request. The OAG noted, however, that the CCPA does not require businesses to disclose protected trade secrets used to derive its inferences, provided the business demonstrates “that such inferences are indeed trade secrets under the applicable law.”
11th Circuit affirms $23 million judgment against founder of debt relief operation
On March 9, the U.S. Court of Appeals for the Eleventh Circuit affirmed summary judgment in favor of the FTC and the Florida attorney general after finding that an individual defendant could be held liable for the actions of the entities he controlled. As previously covered by InfoBytes, the FTC and the Florida AG filed a complaint in 2016 against several interrelated companies and the individual defendant who founded the companies, alleging violations of the FTC Act, the Telemarketing Sales Rule, and the Florida Deceptive and Unfair Trade Practices Act. The complaint alleged that the defendants engaged in a scheme that targeted financially distressed consumers through illegal robocalls selling bogus credit card debt relief services and interest rate reductions. Among other things, the defendants also claimed to be “licensed enrollment center[s]” for major credit card networks with the ability to work with a consumer’s credit card company or bank to substantially and permanently lower credit card interest rates and charged up-front payments for debt relief and rate-reduction services. In 2018, the court granted the FTC and the Florida AG’s motion for summary judgment, finding there was no genuine dispute that the individual defendant controlled the defendant entities, that he knew his employees were making false representations, and that he failed to stop them. The court entered a permanent injunction, which ordered the individual defendant to pay over $23 million in equitable monetary relief and permanently restrained and enjoined the individual defendant from participating—whether directly or indirectly—in telemarketing; advertising, marketing, selling, or promoting any debt relief products or services; or misrepresenting material facts.
The individual defendant appealed, arguing that there were genuine disputes over whether: (i) he controlled the entities; (ii) he had knowledge that employees were making misrepresentations and failed to prevent them; (iii) employee affidavits “attesting that they had saved customers money created an issue of fact about whether his programs did what he said they would do”; and (iv) he had knowledge of “rogue employees” violating the “do not call” registry to solicit customers.
On appeal, the 11th Circuit determined that the facts presented by the individual defendant did not create a genuine dispute about whether he controlled the entities, and further stated that the individual defendant is liable for the employees’ misrepresentations because of his control of the entities and his knowledge of those misrepresentations. The appellate court explained that while the individual defendant argued that he could not be liable because he did not participate in those representations, he failed to present any evidence in support of that argument and, even if he had, “it wouldn’t matter, because [the individual defendant’s] liability stems from his control of [the companies], not from his individual conduct.” Additionally, the appellate court held that whether the services were helpful to customers was immaterial and did not absolve him of liability, because liability for deceptive sales practices does not require worthlessness. As to the “do not call” registry violations, the appellate court disagreed with the individual defendant’s claim that an “outside dialer or lead generator”—not the company—placed the outbound calls, holding that this excuse also does not absolve him of liability.
State AGs investigate streaming service for privacy violations
On March 2, a coalition of state attorneys general, led by California Attorney General Rob Bonta, announced a nationwide investigation into a video streaming service regarding whether it is violating state consumer protection laws and putting children at risk by promoting its social media platform to children and young adults while its use is associated with physical and mental health harm to youth. According to the California AG, the investigation will examine the harm that the platform may cause to young users and what the platform knew about that harm, and will focus on, among other things, the techniques it utilized to boost young user engagement, including strategies or efforts to increase the duration of time spent on the platform and the frequency of engagement with the platform.
FTC bans debt relief scheme operators
On February 28, the FTC announced the permanent ban of the operators (collectively, “defendants”) of a debt relief scheme from processing debt relief payments and ordered the defendants to pay a $5.3 million fine. According to the FTC’s July 2020 complaint, which was filed jointly with the Florida attorney general in the U.S. District Court for the Middle District of Florida, the defendants allegedly engaged in deceptive and abusive practices by selling their credit card interest rate reduction services to consumers in violation of the FTC Act, the Telemarketing Sales Rule, and the Florida Deceptive and Unfair Trade Practices Act. The FTC and Florida AG claimed that the defendants utilized telemarketing calls promising to reduce consumers’ credit card interest rates permanently and substantially, and, after posing as representatives or affiliates of consumers’ credit card companies, the defendants allegedly claimed they could save consumers thousands of dollars in credit card interest and enable them to pay off their debt faster. The complaint also asserted that the defendants, at times, opened new credit cards that offered low introductory interest rates and transferred the balances of consumers’ existing debt to the new cards. For that, customers paid upfront fees of between $995 and $4,995 while also paying “substantial” fees to transfer the balances.
Under the terms of the settlement, the operators are permanently prohibited from participating the debt relief industry, misrepresenting material facts in connection with any product or service, and engaging in deceptive and abusive telemarketing acts and practices, unsubstantiated claims, and other payment practices. Two individual defendants agreed to pay a $225,000 monetary penalty and the other defendant agreed to pay $200,000.
State AGs urge FTC to take action on impersonation scams
On February 23, a coalition of state attorneys general sent a letter to FTC Chair Lina M. Khan, responding to the Commission’s advance notice of proposed rulemaking and urging the FTC to target “impersonation scams” to ensure consumers are protected from harm. As previously covered by InfoBytes, last December the FTC issued a request for comments on a wide range of questions related to government and business impersonation fraud. According to the FTC, reported losses due to impersonation fraud have spiked during the Covid-19 pandemic, with data from the Social Security Administration reporting $2 billion in total losses between October 2020 and September 2021. The AGs commented that overall, they “believe there is a pressing need for FTC rulemaking to address the scourge of impersonation scams impacting consumers across the United States,” noting that “[a] national rule that encompasses and outlaws such commonly experienced scams discussed [within the letter] would assist attorneys general and their partners in reducing consumer harm, maximizing consumer benefits, and holding bad actors to account.” Among other things, the letter discussed state-specific consumer complaints related to business impersonation, document preparation, regulatory compliance, and lead generation scams, and warned that the FTC should explore the means and instrumentalities used in these types of fraud. One example, the AGs pointed out, is impersonators using third-party payment processing services to effectuate their scams, often times requiring certain payment methods for fictitious overdue mortgage, utility, and student loan debts. In stressing the “burgeoning need for a robust standard outlawing impersonation scams,” the AGs stated that “[w]hen a specific type of unfair or deceptive business practice becomes so prevalent, Commission rulemaking is appropriate.” They further added that these efforts are welcomed as part of their ongoing collaborative relationship with the FTC.
Massachusetts settles with auto lender
On February 18, the Massachusetts attorney general announced that a national auto lender entered into a settlement with the Commonwealth resolving allegations that the lender did not provide sufficient disclosures to consumers related to its debt collection practices, with over 1,000 borrowers expected to be eligible for relief. According to the Assurance of Discontinuance (AOD), the lender allegedly failed to provide certain consumers with sufficient information about the calculation methods for any deficiencies remaining on their auto loans after their cars were repossessed. The AOD requires the auto lender to pay $5.6 million in restitution to eligible borrowers, and cover administration and investigation costs associated with the matter. According to Massachusetts Attorney General Laura Healey, the “settlement, which combines cash payments with debt relief and credit repair, will help many subprime borrowers in need.”