InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
District Court denies TCPA class certification involving collection calls placed to wrong number
On September 27, the U.S. District Court for the Middle District of Florida denied class certification in an action alleging violations of the TCPA, the Florida Consumer Collection Practices Act, and the FDCPA brought against two companies. The action alleged that defendants used an automated telephone dialing system (autodialer) to call the plaintiff’s cell phone using a “prerecorded voice” while trying to contact a different individual to collect an unpaid debt. The defendants allegedly called the plaintiff’s cell phone number—which was listed as the other individual’s home phone number but had been reassigned to the plaintiff—multiple times even after the plaintiff informed the defendants that they had the wrong phone number. The plaintiff alleged violations of the TCPA, claiming the defendants placed the calls without first obtaining prior express consent.
Among other arguments, the defendants challenged the proposed class definition, which included more than 9,000 non-customers who allegedly received calls from the defendants and were identified by a code that the plaintiff contended is assigned to calls made to “bad phone” numbers. According to the defendants, the plaintiff’s expert developed a process for “identify[ing] calls where [autodialed] calls and prerecorded messages were made to cell phones after a record documenting an event consistent with a wrong number and/or a request to stop calling.” However, the defendants argued, among other things, that there are many different reasons why a “bad phone” code could be assigned to an account, and that the plaintiff’s assertions do not “satisfy the clearly ascertainable standard,” which must be met for class certification.
“Indeed, when presented with similar evidence regarding ‘wrong number’ call log designations, this [c]ourt recognized that ‘in the debt collection industry ‘wrong number’ oftentimes does not mean non-consent because many customers tell agents they have reached the wrong number, though the correct number was called, as a way to avoid further debt collection,’” the court stated. “The difficulty in ascertaining this information is compounded by the fact that the phone numbers at issue were initially provided to [the defendants] by consenting customers.”
District Court: New York’s interest on escrow law not preempted by National Bank Act
On September 30, the U.S. District Court for the Eastern District of New York held that the National Bank Act (NBA) does not preempt a New York law requiring interest on mortgage escrow accounts. According to the opinion, plaintiffs brought a pair of putative class actions against a national bank seeking interest on funds deposited into their mortgage escrow accounts, as required by New York General Obligation Law § 5-601. The bank moved to dismiss both complaints, arguing that the NBA preempts the state law. The district court disagreed, concluding that the plaintiffs’ claims for breach of contract can proceed, while dismissing the others. The court concluded there is “clear evidence that Congress intended mortgage escrow accounts, even those administered by national banks, to be subject to some measure of consumer protection regulation.” As for the OCC’s 2004 preemption regulation, the court determined that there is no evidence that “at this time, the agency gave any thought whatsoever to the specific question raised in this case, which is whether the NBA preempts escrow interest laws,” citing to and agreeing with the U.S. Court of Appeals for the Ninth Circuit’s decision in Lusnak v. Bank of America (which held that a national bank must comply with a California law that requires mortgage lenders to pay interest on mortgage escrow accounts, previously covered by InfoBytes here). Lastly, the court applied the preemption standard from the 1996 Supreme Court decision in Barnett Bank of Marion County v. Nelson, and found that the law does not “significantly interfere” with the banks’ power to administer mortgage escrow accounts, noting that it only “requires the Bank to pay interest on the comparatively small sums” deposited into the accounts and does not “bar the creation of mortgage escrow accounts, or subject them to state visitorial control, or otherwise limit the terms of their use.”
Washington Supreme Court: No reliance required under state securities act for RMBS claims
On October 3, the Washington Supreme Court reversed the dismissal of an action against two international banks, concluding that the Securities Act of Washington (the Act) does not require a plaintiff to prove reliance on misleading statements during the purchase of residential mortgage-backed securities (RMBS). According to the opinion, a Seattle Federal Home Loan Bank (FHL Bank) purchased over $900 million in RMBS from two international banks in 2005 and 2007, and in 2009, brought separate actions against the banks for allegedly making untrue or misleading statements in connection with the RMBS in violation of the Act. Specifically, the FHL Bank argued that the banks (i) made false statements concerning the loan-to-value ratios of the mortgage loans pooled in the RMBS; (ii) misrepresented the quality of their underwriting standards; and (iii) made false statements about the occupancy status of the mortgaged properties in the pool. The trial court granted summary judgment in favor of both banks, and the Court of Appeals affirmed, concluding that reasonable reliance on the misleading statements was required under the Act and that the FHL Bank did not rely on the statements from one bank and unreasonably relied on statements of the other. The FHL Bank appealed both decisions.
The Supreme Court consolidated the actions and disagreed with the appeals court conclusions in both. Specifically, the Court determined that the plain language under the Act is clear and “unambiguously does not require reliance.” The Court emphasized that the refusal to “read reliance into the statue” furthers the Act’s foal of protecting investors, ensuring “that those harmed when a seller misrepresents material facts can recover.”
In dissent, one state Justice argued that the Court’s opinion undermines nearly “50 years of case law and legislative acquiescence,” noting that federal courts “frequently resolve state securities fraud claims, and they too have consistently treated reliance as an element of our state-law claim.”
FTC temporarily halts real estate workshops due to deceptive marketing
On October 4, the FTC announced that the U.S. District Court for the District of Utah granted a temporary restraining order against a Utah-based company and its affiliates (collectively, “defendants”) for allegedly using deceptive marketing to persuade consumers to attend real estate events costing thousands of dollars. According to the complaint, filed by the FTC and the Utah Division of Consumer Protection, the defendants violated the FTC Act, the Consumer Review Fairness Act (CRFA), and Utah state law, by marketing real estate events with false claims, using celebrity endorsements. The defendants allegedly told consumers they will (i) earn thousands of dollars in profits from real estate investment “flips” by using the defendants’ products; (ii) receive 100 percent funding for their real estate investments, regardless of credit history; and (iii) receive a full refund if they do not make “‘a minimum of three times’” the price of the workshop within six months. The complaint argues that these statements are false or unsubstantiated, and that consumers seeking refunds from the defendants often only received a partial refund on the condition they would not speak to the FTC or other state regulators about the defendants’ products. Among other things, the temporary court order prohibits the defendants from continuing to make unsupported marketing claims and from interfering with consumers’ ability to review their products.
EU Court of Justice: Orders to remove defamatory content issued by member state courts can be applied worldwide
On October 3, the European Court of Justice held that a social media company can be ordered to remove, worldwide, defamatory content previously declared to be unlawful “irrespective of who required the storage of that information.” The decision results from a 2016 challenge brought by a former Austrian politician against the social media company’s Ireland-based operation—responsible for users located outside of the U.S. and Canada—to remove defamatory posts and comments made about her on a user’s personal page that was accessible to any user. The social media company disabled access to the content after an Austrian court issued an interim order, which found the posts to be “harmful to her reputation,” and ordered the social media company to cease and desist “publishing and/or disseminating photographs” showing the former politician “if the accompanying text contained the assertions, verbatim and/or [used] words having an equivalent meaning as that of the comment” originally at issue. On appeal, the higher regional court upheld the order but determined that “the dissemination of allegations of equivalent content had to cease only as regards [to] those brought to the knowledge of the [social media company] by the [former politician] in the main proceedings, by third parties or otherwise.”
The Austrian Supreme Court of Justice requested that the EU Court of Justice adjudicate whether the cease and desist order may also be “extended to statements with identical wording and/or having equivalent content of which it is not aware” under Article 15(1) of Directive 2000/31 (commonly known as the “directive on electronic commerce”). Specifically, the EU Court of Justice considered (i) whether Directive 2000/31 generally precludes a host provider that has not “expeditiously removed illegal information”—including identically worded items of information—from removing content wordwide; (ii) if Directive 2000/31 does not preclude the host provider from its obligations, “does this also apply in each case for information with an equivalent meaning”; and (iii) does Directive 2000/31 also apply to “information with an equivalent meaning as soon as the operator has become aware of this circumstance.”
According to the judgment, Directive 2000/31 “does not preclude those injunction measures from producing effects worldwide,” holding that a national court within the member states may order host providers to remove posts it finds defamatory or illegal. However, the judges concluded that such an order must function “within the framework of the relevant international law.”
Class certification granted in FCRA suit against credit reporting agency
On October 1, the U.S. District Court for the Central District of California granted a plaintiff’s motion for class certification in an action against a national credit reporting agency for allegedly failing to follow reasonable procedures to assure maximum possible accuracy in the plaintiffs’ credit reports, in violation of the FCRA. As previously covered by InfoBytes, the credit reporting agency allegedly failed to delete all of the accounts associated with a defunct loan servicer, despite statements claiming to have done so in January 2015. As of October 2015, 125,000 accounts from the defunct loan servicer were still being reported, and the accounts were not deleted until April 2016. The class action alleges that the credit reporting agency violated the FCRA by continuing to report the past-due accounts, even after deleting portions of the positive payment history on the accounts. After the district court initially granted summary judgment in favor of the credit reporting agency, the U.S. Court of Appeals for the Ninth Circuit revived the lawsuit, holding that a “reasonable jury could conclude that [the credit reporting agency’s] continued reporting of [the account], either on its own, or coupled with the deletion of portions of [the consumer’s] positive payment history on the same loan, was materially misleading.”
In certifying a class of all persons whose credit report contained an account originated after January 21, 2015, from the defunct loan servicer, the district court concluded that the “Defendant’s failure to use maximum reasonable procedures to prevent the continued reporting of delinquent [loan servicer] accounts—presents a clear risk of material harm to Plaintiff’s concrete interest in accurate credit reporting.” The court rejected the credit reporting agency’s argument that the named plaintiff must prove standing on behalf of the entire class, determining that “for all the same reasons Plaintiff has standing, it’s at least possible that the unnamed class members also have standing.” Moreover, the court rejected the argument that damages should be an individual question because many class members “likely suffered no injury at all.” The court concluded that the fact that each class member may “collect slightly different amounts of statutory damages is insufficient, without more, to defeat a showing of predominance in this case.”
D.C. Circuit upholds majority of FCC order overturning net neutrality rules
On October 1, the U.S. Court of Appeals for the D.C. Circuit issued a decision, which mostly ratifies the FCC’s 2017 reversal of the net neutrality rules barring internet service providers (ISPs) from slowing down or speeding up web traffic based on business relationships. (See previous InfoBytes coverage here.) Notably, however, the decision vacates a portion of the FCC’s 2018 Restoring Internet Freedom Order (Order), which preempted states from issuing their own net neutrality rules on requirements that the FCC “‘repealed or decided to refrain from imposing’ in the Order or that [are] ‘more stringent’ than the Order.”
The D.C. Circuit held that the FCC’s decision to reclassify broadband internet access as a Title I service under the Telecommunications Act—allowing for a “light-touch” regulatory framework for ISPs instead of the more heavily regulated Title II—deserves Chevron deference. The appellate court also noted that while “[p]etitioners dispute that the transparency rule, market forces, or existing antitrust and consumer protection laws can adequately protect internet openness. . . . [we] are ultimately unpersuaded.”
The D.C. Circuit also concluded that the FCC failed to adequately address how the reversal of the net neutrality rules could affect public safety issues, holding that the FCC must address this issue. The appellate court stressed that “[u]nlike most harms to edge providers incurred because of discriminatory practices by broadband providers, the harms from blocking and throttling during a public safety emergency are irreparable.” Additionally, the appellate court instructed the FCC to revisit its analysis on how the reversal will affect the regulation of pole attachments as well as low-income households that receive the internet through an FCC subsidy program. Furthermore, while the appellate court concluded that the FCC overreached its authority in prohibiting states from passing their own net neutrality rules, Judge Williams—who concurred in part and dissented in parted—reasoned that the internet cannot be divided into state markets, and that state actions “would frustrate an agency’s authorized policy.”
Seventh Circuit affirms dismissal of FDCPA suit concerning “current balance” reference
On September 25, the U.S. Court of Appeals for the Seventh Circuit affirmed the dismissal of an action against a debt collection agency for allegedly violating the FDCPA by referring to the amount owed as a “current balance” in a letter—even though it was static and not going to change. According to the opinion, the plaintiff contended that “current balance” falsely implied that the balance might increase in the future, which, she argued, was a violation of the FDCPA’s prohibition on false, deceptive, or misleading representations connected to the collection of a debt. By implying that the amount owed might increase if not paid, the plaintiff argued, the debt collector allegedly misled debtors into giving static debts greater priority. The district court granted the debt collector’s motion to dismiss for failure to state a claim, ruling “that no significant fraction of the population would be misled” by the letter’s use of the “current balance” phrase. The plaintiff appealed, arguing that the phrase would confuse an unsophisticated consumer.
On appeal, the 7th Circuit determined that there is nothing inherently misleading about the reference and stated that, not only did the debt collector’s letter not contain a directive for a debtor to call for a current balance, it also failed to include language implying that a “current balance” means anything other than the balance owed. “It takes an ingenious misreading of this letter to find it misleading,” the appellate court concluded. “Dunning letters can comply with the [FDCPA] without answering all possible questions about the future. A lawyer’s ability to identify a question that a dunning letter does not expressly answer (‘Is it possible the balance might increase?’) does not show the letter is misleading, even if a speculative guess to answer the question might be wrong.”
EU's “right to be forgotten” law applies only in EU
On September 24, the European Court of Justice held that Europe’s “right to be forgotten” online privacy law — which allows individuals to request the deletion of personal information from online sources that the individual believes infringes on their right to privacy—can be applied only in the European Union. The decision results from a challenge by a global search engine to a 2015 order by a French regulator, Commission Nationale de l'Informatique et des Libertés (CNIL), requiring the search engine to delist certain links from all of its global domains, not just domains originating from the European Union. The search engine refused to comply with the order, and the CNIL imposed a 100,000 EUR penalty. The search engine sought annulment of the order and penalty, arguing that the “right to be forgotten” does not “necessarily require that the links at issue are to be removed, without geographical limitation, from all its search engine’s domain names.” Moreover, the search engine asserted that the CNIL “disregarded the principles of courtesy and non-interference recognised by public international law” and infringed on the freedoms of expression, information, and communication.
The Court of Justice agreed with the search engine. Specifically, the Court noted that while the “internet is a global network without borders” and internet users’ access outside of the EU to a referencing link to privacy infringing personal information is “likely to have immediate and substantial effects on that person within the Union itself,” there is no obligation under current EU law for a search engine to carry out the requested deletion on all global versions of its network. The Court explained that numerous nations do not recognize “the right to be forgotten” or take an alternate approach to the right. Additionally, the Court emphasized that “the right to the protection of personal data is not an absolute right, but must be considered in relation to its function in society and be balanced against other fundamental rights, in accordance with the principle of proportionality.” The Court concluded that, while the EU struck that balance within its union, “it has not, to date, struck such a balance as regards the scope of a de-referencing outside of the union.”
District Court dismisses investors’ data breach claims
On September 18, the U.S. District Court for the Northern District of California dismissed with prejudice a class action suit brought against an online payments firm and associated entities and individuals (collectively, “defendants”) for allegedly misleading investors (plaintiffs) about a 2017 data breach. The court stated that the plaintiffs plausibly alleged the defendants’ November 2017 announcement about the data breach was misleading because it “disclosed only a security vulnerability, rather than an actual security breach that potentially compromised” 1.6 million customers, which the plaintiffs contended was not actually disclosed until a month later when a follow-up statement was released. However, the court argued that the plaintiffs failed to show under the loss-causation theory that the defendants knew the breach affected 1.6 million customers when the company made its first statement, and contended that confidential witness statements provided by the plaintiffs from three former employees did not credibly support allegations that the defendants and its executives knew the full extent of the breach when they warned of potential vulnerabilities or “used that knowledge (or recklessly disregarded it) to deceive the market.” Furthermore, the court determined that while both parties agreed that a plaintiff can support a securities fraud claim with expert opinions, the plaintiffs in this case failed to allege that the cybersecurity expert they hired was familiar with, or had knowledge of, the defendants’ specific security setup or that he actually talked to the defendants’ employees about the breach. According to the court, the expert provided an opinion on “what likely would have happened in the event of any breach.”