InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
CFPB, Maryland reduce disgorgement amount in mortgage kickback case
On February 25, the U.S. District Court for the District of Maryland granted a motion for entry of monetary remedy filed by the CFPB and the Consumer Protection Division of the Maryland Attorney General’s Office (collectively, “Regulators”) in an action concerning the disgorgement calculation for a banker found in contempt of a 2015 consent order. As previously covered by InfoBytes, in 2020, the U.S. Court of Appeals for the Fourth Circuit found that while the district court properly determined that the banker violated the terms of the consent order (which previously settled RESPA and state law mortgage-kickback allegations), the court relied on an overbroad interpretation of the consent order and lacked the causal connection between the banker’s profits and a violation when it ordered the banker to pay over $526,000 in disgorged income. The 4th Circuit vacated the disgorgement order and remanded the case to the court to reassess the disgorgement calculation based on the banker’s more limited conduct that did not comply with the order.
On remand, the court reduced the sanctions amount to approximately $270,000, which represents the banker’s earned income (after taxes) “during the period in which he defied the three express provisions of the Consent Order.” Noting that the 4th Circuit rejected the banker’s argument that the Regulators were required to prove a specific monetary harm arising from his violations, the court wrote that in instances “[w]here harm is difficult to calculate, ‘a court is wholly justified in requiring the party in contempt to disgorge any profits it may have received that resulted in whole or in part from the contemptuous conduct,’” particularly where the party engaged in a “pattern or practice” of such conduct.
Court says Kansas credit card surcharge ban is unconstitutional
On February 25, the U.S. District Court for the District of Kansas granted in part and denied in part a plaintiff’s motion for summary judgment in an action concerning whether a state statute that bans credit card surcharges violates the First Amendment. Kansas law prohibits merchants from imposing a surcharge on customers who pay with credit cards instead of cash, and allows merchants to offer discounts to consumers who pay with cash. The plaintiff, a payment processing technology company, provides “software that allows merchants to display prices, including cost surcharges on purchases made by credit card,” which “allows consumers to comparison shop among payment types.” The plaintiff challenged the constitutionality of the law, claiming it is an unconstitutional restriction on commercial speech since it “effectively limits” what the plaintiff and merchants “can treat as the ‘regular price’ of an item and the corresponding information about prices and credit card fees that can be conveyed to consumers.” The Kansas attorney general—who has the authority to enforce the state’s no-surcharge statute—countered, among other things, that the statute furthers substantial state interests by (i) encouraging merchants to charge lower prices to customers who pay with cash; (ii) lowering the amount of consumer credit card debt through the use of cash discounts; and (iii) providing benefits to merchants by encouraging cash purchases, thereby allowing them to receive immediate payments, avoid credit card fees, and incur lower costs.
The court disagreed, ruling that none of the AG’s arguments advanced a substantial state interest—a requirement in order to not be considered a violation of the First Amendment. “Plaintiff's desire to display a single price while informing customers that credit card purchasers will be charged an additional fee would logically tend to support whatever interest the state may have in encouraging lower prices for cash customers,” the court wrote. “The statute nevertheless effectively prohibits this type of disclosure. Clearly, this restriction on speech is more extensive than necessary to further the asserted state interest.” Moreover, the court noted that “‘surcharges and discounts are nothing more than two sides of the same coin; a surcharge is simply a ‘negative’ discount, and a discount is a ‘negative’ surcharge.”
New York reaches $18.5 million settlement with virtual currency operators
On February 23, the New York attorney general announced a $18.5 million settlement with the operators of a virtual currency trading platform and the “tether” virtual currency issuer, along with their affiliated entities, to resolve allegations that the companies deceived clients by overstating available reserves and hiding $850 million in co-mingled client and corporate funds. According to the AG, one of the companies operated an online trading platform for exchanging and trading virtual currency, which allowed users to store virtual or fiat currency, convert virtual currency into fiat currency, and withdraw funds, while the “tether” virtual currency issuer represented that the “stablecoin” it issued was backed one-to-one by U.S. dollars in reserve. However, an AG investigation found, among other things, that the companies made false statements about the backing of the stablecoin and moved hundreds of millions of dollars between the two companies in an attempt to conceal massive losses, and that the stablecoins were, in fact, no longer backed one-to-one by U.S. dollars in reserve, contrary to the company’s representations. The AG also noted that a national bank, which acted as the correspondent bank for the companies and was used to fill orders for U.S. dollars, elected to stop processing U.S. dollar wire transfers from the companies, forcing the companies to find alternative banking arrangements and ultimately leading to a liquidity crisis. Further, the AG stated that the companies failed to disclose these issues to the public. In 2019, a court order enjoined the companies from engaging in activities that may have defrauded investors trading in cryptocurrency (covered by InfoBytes here).
Under the terms of the settlement agreement, the companies and related entities must, among other things, (i) discontinue any further trading activity in the state; (ii) pay $18.5 million in monetary relief; and (iii) take steps to increase transparency, including maintaining internal controls and procedures designed to ensure that their products and services are not used by New York persons and entities, providing compliance reports to the AG, and providing a list of utilized payment processors.
CFPB, states sue defendants for predatory immigrant-services scam
On February 22, the CFPB and state attorneys general from Massachusetts, New York, and Virginia filed a complaint against a group of defendants that provide immigration bond products or services for non-English speaking U.S. Immigration and Customs Enforcement (ICE) detainees. The Bureau alleges that the defendants engaged in deceptive and abusive acts and practices in violation of the CFPA, while the states bring related claims that the defendants violated their respective consumer-protection laws, by, among other things, (i) representing that they paid the detainees’ bonds and that monthly payments go towards repaying the defendants for doing so (the Bureau and states allege that the monthly payments are actually “rental fees for a GPS device that do not go to repaying consumers’ bonds”); (ii) making false threats that detainees will be re-arrested, detained, or deported if they do not make the monthly payments or remove the defendants’ GPS devices, many of which, the complaint claims, do not actually work; (iii) threatening to send detainees’ accounts to collection, representing that failing to make payments could harm their credit, or threatening to sue detainees or their families for non-payment; (iv) representing that collateral payments would be refunded once the detainees’ proceedings were resolved but in many cases failing to do so; (v) presenting detainees, most of whom cannot read or understand English, with a series of English-only contracts requiring the payment of large upfront fees plus $420 per month to “lease” GPS-tracking ankle monitors until their cases are resolved; (vi) creating the illusion that defendants are affiliated with ICE, even though they have no affiliation with authorities; and (vii) offering financial rewards to employees who sign up new customers and collect payments. The Bureau is seeking an injunction, as well as damages, redress, disgorgement, and civil money penalties.
Massachusetts AG settles with federal loan servicer to resolve allegations of unfair and deceptive practices
On February 10, the Massachusetts attorney general announced a “first-of-its-kind” settlement with one of the nation’s largest federal student loan servicers, resolving allegations that the servicer engaged in unfair and deceptive practices by overcharging borrowers and improperly processing claims for public service loan forgiveness. As previously covered by InfoBytes, the AG filed a complaint in 2017 claiming the servicer, among other things, (i) failed to timely and properly process applications for income driven repayment (IDR) plans, thereby denying borrowers the opportunity to make qualifying payments under forgiveness programs; (ii) failed to properly count qualifying payments under the Public Service Loan Forgiveness program; (iii) failed to properly process certification forms in connection with the Teacher Education Assistance for College and Higher Education Grant program, causing grants to be converted into loans; and (iv) collected amounts not legitimately due and owing and failing to refund them.
Under the terms of the settlement, more than 200,000 Massachusetts borrowers will be able to submit a claim for a detailed audit. Should the audit identify a servicing error or misrepresentation, the servicer must “restore borrowers to their rightful statuses” under the federal loan forgiveness programs; however, if corrections cannot be made, the servicer is required to provide monetary relief to borrowers. The servicer is also is required to repay teachers whose grants were converted into loans erroneously and have not already received relief from the Department of Education, and make corrections for borrowers who experienced IDR application processing delays resulting in missed opportunities for making qualifying payments towards loan forgiveness. Further, the servicer must implement an enhanced quality assurance review practice to identify servicing errors, affected borrowers, as well as root causes for the errors.
States reach $4.2 million settlement to resolve credit card interest overcharges
On February 8, state attorneys general from Pennsylvania, Iowa, Massachusetts, New Jersey, and North Carolina entered into an assurance of voluntary compliance with a national bank to resolve allegations that it overcharged credit card interest for certain consumers. According to the investigating states, between February 2011 and August 2017, the bank allegedly failed to properly reevaluate and reduce the annual percentage rate (APR) for certain consumer credit card account holders who were entitled to a reduction, as required by the CARD Act and state consumer protection laws. The announcement follows a 2018 CFPB settlement, in which the bank agreed to provide $335 million in restitution to affected consumers (covered by InfoBytes here). At the time, the Bureau noted that it did not assess civil monetary penalties due to efforts undertaken by the bank to self-identify and self-report violations to the Bureau. The states also acknowledged that the bank self-identified issues with its APR reevaluation process through an internal compliance program. The bank denied liability or that it violated the states’ consumer protection laws and has agreed to pay $4.2 million to approximately 25,000 current and former affected consumers, which will be limited to consumers who received a payment of $500 or more in restitution from the bank for the original violation.
Court denies tech company's second request for COPPA claim dismissal
On February 2, the U.S. District Court for the District of New Mexico granted a technology company’s motion for reconsideration in part, but denied dismissal of the New Mexico attorney general’s action alleging the company designed and marketed mobile gaming applications (apps) targeted towards children that contain illegal tracking software in violation of the Children’s Online Privacy Protection Act (COPPA). As previously covered by InfoBytes, the attorney general filed a lawsuit against a group of technology companies, alleging that the companies’ data collection and sharing practices did not comply with COPPA’s specific notice and consent requirements, while the apps’ embedded software development kits (SDKs) allow the apps to communicate directly with the advertising companies that analyze, store, use, share, and sell the data to other third-parties to build “increasingly-detailed profiles of child users” in order to send highly-targeted advertising. In April 2020, the court denied in part a motion to dismiss by one of the companies, concluding the attorney general plausibly alleged that the company “had actual knowledge of the child-directed nature” of the apps, and under COPPA, “ad networks may be held liable for the collection of personal information from child app users only if they have ‘actual knowledge’ that the apps in which their (SDKs) are embedded are ‘directed to children.’” The company moved for reconsideration, arguing that the court improperly held whether “children were the ‘primary target audience’ of the app was not relevant to the ‘actual knowledge’ determination.”
Upon reconsideration, the court agreed with the company that its April 2020 opinion “misapprehended the significance of the mixed-audience exception to the actual knowledge determination,” but concluded that there is no basis to dismiss the COPPA claim because the attorney general still “adequately alleged actual knowledge on the part of [the company].”
State AGs oppose proposed settlement in FDCPA processing fees class action
On January 29, a coalition of state attorneys general from 32 states and the District of Columbia, led by the New York AG, filed an amicus brief in the U.S. District Court for the Southern District of Florida opposing a proposed settlement in a class-action FDCPA suit against a mortgage servicer that allegedly charged “processing fees” or “convenience fees” for mortgage payments made over the phone or online. The plaintiffs filed the lawsuit last March claiming the defendant did not charge processing fees if borrowers made payments by check or signed up for automatic monthly debits from their bank accounts. They further argued that the processing fees were “illegal and improper because neither the mortgages themselves nor applicable statutes authorize such fees.” The parties agreed to mediation in April, and a motion for preliminary approval of a settlement was filed in August.
In their brief, the AGs outlined concerns with the proposed settlement, including that (i) the relief provided to class members violates various state laws, and that the defendant seeks to ratify fees in an “unwritten, mass amendment” that violates state laws and regulations; (ii) the class members only receive an “inadequate” one-time payment, while the defendant may continue to charge excessive fees for the life of the loan; and (iii) low- and moderate-income borrowers are not treated equitably under the proposed settlement. Additionally, the AGs emphasized concerns “about the speed with which this case was settled,” arguing that entering into the proposed settlement quickly during the Covid-19 pandemic has deprived the court and the AGs “of the ability to determine the adequacy, fairness and reasonableness of the settlement.”
New York continues to postpone collection on certain debts
On February 1, the attorney general of New York announced an extension of its previous order to halt the collection efforts on certain debts through February 28, 2021. Consumers with student loan debt and medical debt owed to the state will receive an additional 28-day hiatus on payments including a freeze on the accrual of interest on the debts—in order to allow them to deal with the effects of Covid-19. Specifically, the moratorium on collection applies to: (i) “[p]atients that owe medical debt due to the five state hospitals and the five state veterans' home[s]”; (ii) “[s]tudents that owe student debt due to State University of New York (SUNY) campuses”; and (iii) “[i]ndividual debtors, sole-proprietors, small business owners, and certain homeowners that owe debt relating to oil spill cleanup and removal costs, property damage, and breach of contract, as well as other fees owed to state agencies.” New Yorkers who have other types of debt that are owed to the state and who are referred to the Office of the Attorney General may apply for a temporary freeze on collection by submitting an application which can be found here.
Updated Washington State Privacy Act re-introduced
On January 5, the Washington State Privacy Act, SB 5062, (referred to as “2021 WPA” or “bill”) was re-introduced for the 2021-22 state legislative session with some notable changes from the 2020 version. (InfoBytes coverage of the 2020 Washington Privacy Act, SB 6281, available here.) Highlights of the 2021 WPA include:
- Applicability. The bill will apply to legal entities that conduct business or produce products or services that are targeted to Washington consumers that also (i) control or process personal data for at least 100,000 consumers; or (ii) derive more than 25 percent of gross revenue from the sale of personal data, in addition to processing or controlling the personal data of at least 25,000 consumers (the 2020 version included a 50 percent gross revenue threshold). State and local governments, municipal corporations, certain protected health information, personal data governed by state and federal regulations, and employment records continue to be exempt from coverage. Additionally, the bill adds nonprofit corporations, air carriers, and institutions of higher education to the exemption list.
- Consumer rights. Consumers will be able to exercise the following rights concerning their personal data: access; correction; deletion; access in a portable format; and opt-out rights, including the right to opt out of the processing of personal data for targeted advertising and the sale of personal data.
- Controller responsibilities. Controllers required to comply with the bill will be responsible for (i) transparency in a privacy notice; (ii) limiting the collection of data to what is required and relevant for a specified purpose; (iii) ensuring data is not processed for reasons incompatible with a specified purpose; (iv) securing personal data from unauthorized access; (v) prohibiting processing that violates state or federal laws prohibiting unlawful discrimination against consumers; (vi) obtaining consumer consent in order to process sensitive data; and (vii) ensuring contracts and agreements do not contain provisions that waive or limit a consumer’s rights. Controllers must also conduct data protection assessments for all processing activities that involve personal data. Notably, the 2021 WPA removes the requirement from the 2020 legislation that controllers conduct additional assessments each time a processing change occurs that materially increases the risk to consumers.
- State attorney general. The bill explicitly precludes a private right of action but permits the state attorney general to bring actions and impose penalties of no more than $7,500 per violation. The bill removes the 2020 requirement that the AG submit a report evaluating the liability and enforcement provisions by 2022, but requires the AG to work in concert with the state’s office of privacy and data protection on a technology review report to be submitted to the governor by December 2022.
- Right to cure. The bill includes a new 30-day right to cure any alleged violation after a warning letter is sent by the AG identifying the specific provisions believed to have been violated.
- Preemption. Similar to the 2020 WPA, the bill would preempt local laws, ordinances, and regulations, but includes an exception for any laws, ordinances or regulations “regarding the processing of personal data by controllers or processors” that were adopted prior to July 1, 2020.