Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On April 30, the U.S. Court of Appeals for the 2nd Circuit held that the receipt of unsolicited text messages, absent any additional injury, is sufficient to demonstrate injury-in-fact in a TCPA class action. According to the opinion, consumers filed a class action lawsuit against a retail store for sending unsolicited text messages in violation of the TCPA. The district court approved a settlement between the parties and certified the class despite various objections, including one from a third-party defendant who argued the consumers lacked standing under the 2016 Supreme Court opinion Spokeo, Inc. v. Robins, because “they alleged only a bare statutory violation and statutory damages cannot substitute for concrete harm.”
On appeal, the appellate court first rejected the third-party defendant’s standing to appeal the district court’s decision because it had not been “‘formally strip[ped]’ of any claim or defense, it lacks standing to pursue its appeal” in the underlying class action. Notwithstanding the lack of standing by the third-party defendant, the appellate court then went on to address the jurisdictional standing issues raised against the consumers. The court reasoned that, even though the third party that raised the jurisdictional question had been dismissed, the court had an “independent obligation to satisfy [itself] of the jurisdiction” of the appellate and district court. The appellate court concluded that the consumers sufficiently alleged “nuisance and privacy invasion” by the unsolicited text messages, which “are the very harms with which Congress was concerned when enacting the TCPA.” Because the harms identified are “of the same character as harms remediable by traditional causes of action,” the appellate court held the consumers sufficiently demonstrated injury-in-fact as required by Article III.
On April 22, the U.S. Court of Appeals for the 11th Circuit affirmed a district court’s ruling that including too many digits of a consumer’s credit card account number on a receipt was sufficient to constitute a concrete injury even if the consumer’s identity was not stolen. Under the Fair and Accurate Credit Transactions Act (FACTA), merchants are prohibited from including more than the final five digits of a consumer’s credit card number on a receipt. According to the opinion, the consumer filed a class action suit against a chocolate company, alleging that one of its stores printed the first six and last four digits of his account number on a receipt, which exposed the class members “to an elevated risk of identity theft.” When the parties sought approval of a proposed settlement, two unnamed class members contested the settlement on the grounds that, among other things, the consumer/class representative lacked standing to sue because he had not suffered a concrete injury as defined in the U.S. Supreme Court’s decision in Spokeo, Inc. v. Robins. The district court, however, approved the settlement.
On appeal, the 11th Circuit held that an increased risk of identity theft is sufficient to bring claims under FACTA, and that the class representative’s “alleged injury is ‘particularized’ because the heightened risk of identity theft affected him ‘in a personal and individual way’—it was his credit card number that appeared on the receipt.” Moreover, the appellate court noted, “In our view, if Congress adopts procedures designed to minimize the risk of harm to a concrete interest, then a violation of that procedure that causes even a marginal increase in the risk of harm to the interest is sufficient to constitute a concrete injury.”
On March 25, the U.S. District Court for the Southern District of Florida granted in part and denied in a part a motion to dismiss a putative class action alleging that an auto dealer violated the TCPA by using a “ringless” voicemail platform to leave pre-recorded telemarketing voicemails on consumers’ cell phones without obtaining prior express consent. The defendant moved to dismiss the putative class claims arguing that (i) the plaintiff lacked standing and failed to state a claim because he did not receive a “call” within the meaning of the TCPA; (ii) the plaintiff lacked standing to seek declaratory or injunctive relief; (iii) the TCPA was unconstitutional; and (iv) the complaint failed to adequately allege that the defendant “willfully or knowingly violated the TCPA.”
The court rejected the defendant’s argument that the plaintiff did not receive a “call” as defined by the TCPA, concluding that a ringless voicemail is a call subject to the TCPA restrictions. The court found that the plaintiff had Article III standing because he sufficiently alleged an injury-in-fact and actual harm, including, among other things, invasion of privacy, aggravation, annoyance, and intrusion. The court further found that the plaintiff’s complaint alleged sufficient facts to support the TCPA claim and the allegation that defendant acted willfully or knowingly. The court also rejected defendant’s challenge to the TCPA’s constitutionality. However, the court found the plaintiff could not seek declaratory or injunctive relief because the plaintiff failed to show real and immediate threat of future harm or proffer a basis that would allow the court to infer that the defendant would ever send ringless voicemails again.
On March 11, the U.S. District Court for the Central District of California approved a stipulation for prospective relief, settling a consumer FCRA action against a purported credit reporting agency (defendant) for alleged procedural violations. In 2016, the case went to the U.S. Supreme Court (covered by a Buckley Special Alert), which remanded the case so the 9th Circuit could fully consider whether the plaintiff had standing under Article III of the Constitution. The approved stipulation lasts three years and, among other things, requires the defendant to (i) post a “clear and appropriately-titled” link to its opt-out privacy form; (ii) create a step requiring that its customers affirmatively agree not to use its information to determine eligibility for a FCRA-related purpose; and (iii) state on all of its webpages that it is not a consumer reporting agency. The order also prohibits the defendant from publishing “any numerical estimates or predictions of consumer credit scores” unless its terms and conditions specify that the information may not be used for FCRA purposes.
On March 25, the U.S. Court of Appeals for the 9th Circuit affirmed dismissal of five plaintiffs’ allegations against two credit reporting agencies, concluding the plaintiffs failed to show they suffered or will suffer concrete injury from alleged information inaccuracies. According to the opinion, the court reviewed five related cases of individual plaintiffs who alleged that the credit reporting agencies violated the FCRA and the California Consumer Credit Report Agencies Act (CCRAA), by not properly reflecting their Chapter 13 bankruptcy plans across their affected accounts after they requested that the information be updated. The lower court dismissed the action, holding that the information in their credit reports was not inaccurate under the FCRA. On appeal, the 9th Circuit, citing to U.S. Supreme Court’s 2016 ruling in Spokeo v. Robins (covered by a Buckley Special Alert), concluded that the plaintiffs failed to show how the alleged misstatements in their credit reports would affect any current or future financial transaction, stating “it is not obvious that they would, given that Plaintiffs’ bankruptcies themselves cause them to have lower credit scores with or without the alleged misstatements.” Because the plaintiffs failed to allege a concrete injury, the court affirmed the dismissal for lack of standing, but vacated the lower court’s dismissal with prejudice, noting that the information may indeed have been inaccurate and leaving the door open for the plaintiffs to refile the action.
On March 8, the U.S. Court of Appeals for the 3rd Circuit issued a precedential opinion holding that, without concrete evidence of harm, a consumer lacks standing under the Fair and Accurate Credit Transactions Act (FACTA) to sue a merchant for including too many digits of his credit card account number on a receipt. According to the opinion, the plaintiff claimed that he received receipts from three different stores owned by the defendant, all of which included both the final four digits and the first six digits of his account number. The plaintiff filed a class action lawsuit alleging the defendant willfully violated FACTA, which prohibits printing more than the last five digits of credit card number on a receipt. The plaintiff alleged that this violation, which he also claimed increased the risk of identity theft, constituted an injury-in-fact sufficient to confer Article III standing as required under the U.S. Supreme Court’s 2016 ruling in Spokeo v. Robins (covered by a Buckley Special Alert). The district court dismissed the suit.
On appeal, the 3rd Circuit agreed with the lower court, holding that the plaintiff failed to allege actual harm from the defendant’s practice. The appellate court held that the defendant’s technical violation of FACTA did not give the plaintiff standing to sue. Moreover, in the absence of actual harm, or a material risk of actual harm (the plaintiff did not allege that anyone—aside from the cashier—saw the receipt, that his credit card number had been misappropriated, or that his identity was stolen), the plaintiff would not have suffered the injury-in-fact that created federal court jurisdiction.
On March 5, the U.S. District Court for the Northern District of Illinois denied defendants’ motion to dismiss a class action lawsuit alleging the defendants violated the FDCPA by failing to mention that payment on a settlement offer would restart the statute of limitations on the underlying “legally unenforceable debt.” According to the opinion, the defendants sent the plaintiff a letter outlining three discount program payment options, with a post-script stating that “[d]ue to the age of this debt, we will not sue you for it or report payment or non-payment of it to a credit bureau.” However, the plaintiff claimed that the letter’s failure to disclose that the statute of limitations could be restarted if a payment was made was a concrete information injury sufficient for Article III standing. The court rejected the defendants’ argument that the plaintiff alleged only a bare statutory violation and failed to identify a particularized injury in fact. Instead, the court ruled that even though the plaintiff has a complete defense because the statute of limitations had expired, the alleged injury is clear because the letter “seems to bait the consumer into paying money on a time-barred debt, either by settling for sixty cents on the dollar . . . or by unwittingly renewing the statute of limitations by making a new payment on the debt.”
On January 8, the U.S. District Court for the Northern District of Illinois denied a bank’s motion to dismiss claims that it had obtained a credit report without a permissible purpose, ruling that the allegations rise above a mere procedural violation of the FCRA. According to the opinion, the consumer alleged that the bank accessed her credit report and obtained personal information, including current and past addresses, birth date, employment history, and telephone numbers, without having a personal business relationship, information to suggest the consumer owed the debt, or receiving consent for the release of the report. The bank argued that the consumer’s claim was only a “bare procedural violation” and not a concrete injury in fact as required under the U.S. Supreme Court’s 2016 ruling in Spokeo v. Robins (covered by a Buckley Sandler Special Alert). However, the court determined that the consumer’s allegation that the invasion of privacy, which occurred when the bank accessed her credit report from a consumer reporting agency without receiving consent and with no legitimate business reason to do so, “adequately alleges a concrete injury sufficient to confer standing.”
On December 31, 2018, the U.S. District Court for the District of Utah granted in part and denied in part a national bank’s motion to dismiss putative class action claims concerning the bank’s use of confidential customer information to open deposit and credit card accounts as part of its incentive compensation sales program. (See previous InfoBytes coverage here.) According to the court, the plaintiffs claiming accounts were opened in their name plausibly alleged that the bank benefited from an increase in the number of accounts and products, and disagreed with the bank that the misappropriation of name claim should fail because those plaintiffs’ names and identities had value beyond those of the general public. While the majority of the state claims and all federal claims were dismissed, the court allowed four state claims to remain, including invasion of privacy. However, the court requested that the parties address why it should not decline to exercise jurisdiction over the state law claims following the dismissal of all federal claims.
Additionally, the court dismissed claims brought by “Bystander Plaintiffs” who did not allege the opening of any unauthorized accounts in their names, or claim that their information was ever improperly used or accessed or that they were subject to improper sales practices. Because the Bystander Plaintiffs claimed only that they would not have opened accounts if bank employees had told them about the alleged issues, the court dismissed their claims for lack of Article III standing, reasoning that they did not allege any injury.
On December 7, the U.S. District Court for the District of Maryland granted a motion for summary judgment filed by a real estate team and title company (defendants), finding that an alleged kickback scheme involving the defendants did not constitute a violation of RESPA, and that the plaintiffs failed to demonstrate that they suffered from any concrete harm. According to the court, the plaintiffs filed a suit on behalf of a putative class more than four and a half years after they purchased their home, claiming the defendants violated RESPA by allegedly “using a ‘sham’ marketing agreement . . . to disguise an illegal kickback scheme,” which provided the real estate team with “unearned fees” through settlement referrals to the title company. The plaintiffs further argued that they were entitled to equitable tolling because the kickback scheme was allegedly concealed in an undisclosed marketing and services agreement, and that even if the agreement had been disclosed, it would have seemingly appeared to be valid. However, the court found “no genuine issue of material fact that the [p]laintiffs failed to exercise reasonable diligence to discover their claim” because at the time of closing, “they knew that they could choose their own settlement and title company” but elected not to. In addition, the court disagreed with the plaintiffs’ argument that they had Article III standing because they were “deprived of impartial and fair competition between settlement services,” finding that the plaintiffs were not overcharged for services due to the alleged kickback scheme and failed to show that the costs of settlement services were unnecessarily increased.
Moreover, the court found that the plaintiffs (i) did not inquire about a potential relationship between the defendants; (ii) did not claim dissatisfaction with the title company services provided; and (iii) did not claim that the fees paid to the title company were “unreasonable or undeserved.” Furthermore, the court found that the claim was barred by RESPA’s one-year statute of limitations and that equitable tolling did not apply.
- Buckley Webcast: The next consumer litigation frontier? Assessing the consumer privacy litigation and enforcement landscape in 2019 and beyond
- Buckley Webcast: The CFPB’s proposed debt collection rule
- Buckley Webcast: Trends in e-discovery technology and case law
- Brandy A. Hood to discuss "What the flood? Don’t get washed away by a flood of changes" at the American Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano to discuss "Mitigating the risks of banking high risk customers" at the American Bankers Association Regulatory Compliance Conference
- Daniel P. Stipano, Kari K. Hall, Brandy A. Hood, and H Joshua Kotin to discuss "Regulations that matter in a deregulatory environment" at the American Bankers Association Regulatory Compliance Conference Power Hour
- Buckley Webcast: Data breach litigation and biometric legislation
- Hank Asbill to discuss "Pay no attention to the man behind the curtain: Addressing prosecutions driven by hidden actors" at the National Association of Criminal Defense Lawyers West Coast White Collar Conference
- Daniel P. Stipano to discuss "Keep off the grass: Mitigating the risks of banking marijuana-related businesses" at the ACAMS AML Risk Management Conference
- Daniel P. Stipano to discuss "Mid-year policy update" at the ACAMS AML Risk Management Conference
- Amanda R. Lawrence to discuss "Navigating the challenges of the latest data protection regulations and proven protocols for breach prevention and response" at the ACI National Forum on Consumer Finance Class Actions and Government Enforcement
- Benjamin W. Hutten to discuss "Requirements for banking inherently high-risk relationships" at the Georgia Bankers Association BSA Experience Program
- Daniel P. Stipano to discuss "Lessons learned from recent enforcement actions and CMPs" at the ACAMS AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Assessing the CDD final rule: A year of transitions" at the ACAMS AML & Financial Crime Conference
- Douglas F. Gansler to discuss "Role of state AGs in consumer protection" at a George Mason University Law & Economics Center symposium