Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On January 13, the U.S. District Court for the Northern District of Virginia issued a final order and judgment in a class action settlement between a class of consumers (plaintiffs) and a large credit reporting agency (company) to resolve allegations arising from a 2017 cyberattack causing a data breach of the company. After the company announced the breach, many consumers filed suit and were eventually joined into a proposed settlement class. As previously covered by InfoBytes, the plaintiffs alleged that the company (i) failed to provide appropriate security to protect stored personal consumer information; (ii) misled consumers regarding the effectiveness and capacity of its security; and (iii) failed to take proper action when vulnerabilities in their security system became known. The company and the plaintiffs later submitted a proposed settlement order to the court.
According to the final order and judgment, the court certified the settlement class of the approximately 147 million affected consumers, finding the class was adequately represented, and approved the “distribution and allocation plan” as fair and reasonable. In the order granting final approval of the settlement the company agreed to, among other things, pay $380.5 million into a settlement fund and potentially up to $125 million more to cover “certain out-of-pocket losses,” $77.5 million for attorneys’ fees, and approximately $1.4 million for reimbursement of expenses. Class members are eligible for additional benefits including up to 10 years of credit monitoring and identity theft protection services or cash compensation if they already have those services, as well as identity restoration services for seven years. The company also agreed to spend at least $1 billion on data security and technology in the next five years.
On January 3, the U.S. Court of Appeals for the Sixth Circuit affirmed the dismissal for lack of standing of an FDCPA suit brought by a consumer who claimed that because collection letters sent to him by a law firm caused him anxiety, the firm had violated the FDCPA. According to the opinion, the consumer had two delinquent accounts with a bank, which the law firm attempted to recover by sending collection letters to the consumer. The consumer asserted that the letters the law firm sent caused him “an undue sense of anxiety” that he would be sued by the firm, and he subsequently filed a lawsuit against the firm for violating the FDCPA. The court held that the consumer did not have standing to sue under Article III of the U.S. Constitution, for three main reasons: (i) the debtor’s anxiety about a potential lawsuit amounted to a fear of future harm that was not “certainly impending” because the consumer had not alleged that the law firm had threatened to sue him or that he refused to pay, and, therefore, his anxiety did not satisfy the injury-in-fact element for Article III standing; (ii) the consumer was “anxious about the consequences of his decision to not pay the debts that he does not dispute he owes,” and such a “self-inflicted injury” is not a basis for standing because it was not “fairly traceable” to the law firm’s conduct, but instead reflected the consumer’s own behavior; and (iii) “even assuming [the law firm” violated the statute by misrepresenting that an attorney had reviewed [the consumer’s] debts,” that violation did not cause any injury to the consumer because the consumer gave the court “no reason to believe he did not owe the debts,” and, therefore, he could not show that the law firm’s alleged procedural violation of the FDCPA, by itself, was an “injury in fact.” Because the court held that the consumer did not have standing, it affirmed the lower court’s dismissal of the action.
On December 31, a credit reporting agency (agency) and a class of consumers whose payday loan servicer collapsed jointly filed a proposed $24 million settlement agreement for approval by the U.S. District Court for the Central District of California (also, see the memorandum in support here). The proposed agreement would resolve a class action suit alleging that the agency provided incorrect and potentially harmful information on the class members’ credit reports in violation of the FCRA.
In 2016, the class representative (the consumer) sued the agency claiming it was reporting disputed debts from a payday loan servicer that had previously requested that the agency stop reporting the servicer’s pool of payday loan accounts. Because the servicer had also discontinued its servicing operations, the debts could no longer be verified. The consumer alleged that although the agency claimed to have deleted the payday loan servicer’s accounts in January of 2015, it continued to report as delinquent more than 100,000 loans until the accounts were actually deleted more than a year later. After the district court granted a motion for summary judgment filed by the agency, the consumer appealed to the U.S. Court of Appeals for the Ninth Circuit.
As previously covered in InfoBytes, upon appeal in 2019, the appellate court vacated the lower court’s grant of summary judgment on the ground that the consumer’s allegations regarding the inaccuracy of the agency’s information and the willfulness of its actions “raised genuine issues of material fact.” On remand, the district court granted class certification in October. The proposed settlement agreement, if approved, would automatically award each class member approximately $270, and provide up to $15,000 to the consumer who originally filed the lawsuit as the class representative. A hearing date is set for January 27.
On December 10, the CFPB released the latest quarterly consumer credit trends report, which evaluated the extent to which removal of public records from credit reports affects consumer credit scores and credit performance. As previously covered by InfoBytes, the three major U.S. credit reporting agencies began using stricter guidelines when considering consumer public records, such as tax liens and civil judgments, to be included in consumer credit reports as a result of the National Consumer Assistance Plan (NCAP). The NCAP, among other things, imposed restrictions on medical debt reporting and civil public records such as tax liens, civil judgments, and bankruptcies. Observing that the “NCAP public records provision resulted in the removal of all civil judgments and almost half of tax liens from credit reports by the end of July 2017,” this report compared consumer credit scores and credit performance for consumers that had public records removed from their credit report and consumers who did not. According to the report, “there was only a slight increase in credit scores following the NCAP,” and “the NCAP did not seem to have a large effect on the relationship between credit scores and consumers’ credit performance for consumers whose credit report included a lien or judgment compared with consumers whose credit report did not.”
On November 12, the U.S. Court of Appeals for the Eleventh Circuit issued an order reversing in part and affirming in part a district court’s dismissal of claims brought by a consumer who claimed a bank violated the Fair Credit Reporting Act (FCRA) and the FDCPA when it allegedly provided debt information using a “false name” to a credit reporting agency and requested the consumer’s credit report without a proper purpose. In 2016, the consumer filed a lawsuit asserting the bank (i) violated the FDCPA by using a name other than its true name in connection with the collection of debt; and (ii) violated the FCRA when it failed to investigate the accuracy of the information provide to the credit reporting agency, and requested his credit report without a permissible purpose. The district court dismissed the complaint for failure to state a claim.
On appeal, the 11th Circuit affirmed the dismissal of the FDCPA claim, concluding that, while the false-name exception stipulates that the FDCPA applies to a creditor that uses any name other than its own when collecting its own debts (which may indicate a third party was collecting or attempting to collect the debt), the exception does not apply in this instance because “even the least sophisticated consumer” would understand that the bank and the entity named in the consumer report were related. However, the appellate court held that the district court erred in dismissing the FCRA claims. According to the opinion, the consumer stated three plausible claims for relief, including that the bank failed to investigate the accuracy of the information it sent, as required when a dispute arises, and that it unlawfully obtained his credit report. The 11th Circuit noted that while it has never addressed the meaning of “false pretenses” under the FCRA, it now joins other courts in holding that “intentionally obtaining a credit report under the guise of a permissible purpose while intending to use the report for an impermissible purpose can constitute false pretenses.” Moreover, the appellate court noted that while the bank may have obtained the consumer’s credit report for proper purposes, or that it may have disclosed the true purpose to the credit reporting agency, “this fact question cannot be resolved on a motion to dismiss.”
On October 1, the U.S. District Court for the Central District of California granted a plaintiff’s motion for class certification in an action against a national credit reporting agency for allegedly failing to follow reasonable procedures to assure maximum possible accuracy in the plaintiffs’ credit reports, in violation of the FCRA. As previously covered by InfoBytes, the credit reporting agency allegedly failed to delete all of the accounts associated with a defunct loan servicer, despite statements claiming to have done so in January 2015. As of October 2015, 125,000 accounts from the defunct loan servicer were still being reported, and the accounts were not deleted until April 2016. The class action alleges that the credit reporting agency violated the FCRA by continuing to report the past-due accounts, even after deleting portions of the positive payment history on the accounts. After the district court initially granted summary judgment in favor of the credit reporting agency, the U.S. Court of Appeals for the Ninth Circuit revived the lawsuit, holding that a “reasonable jury could conclude that [the credit reporting agency’s] continued reporting of [the account], either on its own, or coupled with the deletion of portions of [the consumer’s] positive payment history on the same loan, was materially misleading.”
In certifying a class of all persons whose credit report contained an account originated after January 21, 2015, from the defunct loan servicer, the district court concluded that the “Defendant’s failure to use maximum reasonable procedures to prevent the continued reporting of delinquent [loan servicer] accounts—presents a clear risk of material harm to Plaintiff’s concrete interest in accurate credit reporting.” The court rejected the credit reporting agency’s argument that the named plaintiff must prove standing on behalf of the entire class, determining that “for all the same reasons Plaintiff has standing, it’s at least possible that the unnamed class members also have standing.” Moreover, the court rejected the argument that damages should be an individual question because many class members “likely suffered no injury at all.” The court concluded that the fact that each class member may “collect slightly different amounts of statutory damages is insufficient, without more, to defeat a showing of predominance in this case.”
On September 25, the CFPB filed a complaint in the U.S. District Court for the District of Maryland against a debt collection entity, its subsidiaries, and their owner (collectively, “defendants”) for allegedly violating the Fair Credit Reporting Act (FCRA), Fair Debt Collection Practices Act (FDCPA), and the Consumer Financial Protection Act (CFPA). In the complaint, the Bureau alleges that the defendants violated the FCRA and its implementing Regulation V by, among other things, failing to (i) establish or implement reasonable written policies and procedures to ensure accurate reporting to consumer-reporting agencies; (ii) incorporate appropriate guidelines for the handling of indirect disputes in its policies and procedures; (iii) conduct reasonable investigations and review relevant information when handling indirect disputes; and (iv) furnishing information about accounts after receiving identity theft reports about such accounts without conducting an investigation into the accuracy of the information. The Bureau separately alleges that the violations of the FCRA and Regulation V constitute violations of the CFPA. Additionally, the Bureau alleges that the defendants violated the FDCPA by attempting to collect on debts without a reasonable basis to believe that consumers owed those debts. The Bureau is seeking an injunction, damages, redress to consumers, disgorgement, the imposition of a civil money penalty, and costs.
On August 15, the U.S. Court of Appeals for the 3rd Circuit affirmed summary judgment in favor of a credit reporting agency (CRA), concluding that the CRA did not violate the Fair Credit Reporting Act (FCRA) by reporting past negative incidents. According to the opinion, after struggling financially, a married couple missed payments on at least five credit accounts. The consumers allegedly resolved the late payments and filed complaints with the CRA arguing the continued presence of the late payments misrepresented the “real status of their credit.” Additionally, the consumers argued some of the “key factors” the CRA discloses to credit providers, “such as ‘[s]erious delinquency’ or ‘[a]mount owed on revolving [a]ccounts is too high,’ are misleading.” The consumers filed suit against the CRA, alleging a variety of federal and state law claims, including violations of the FCRA for failing to maintain reasonable procedures and failing to conduct a reasonable investigation into disputes. The district court granted summary judgment in favor of the CRA and the consumers appealed their FCRA claims.
On appeal, the 3rd Circuit agreed with the district court, concluding the consumers must show their credit report contains inaccurate information to prevail on their claims, which the consumers failed to do. The panel noted the consumers admitted they made the late payments and did not allege the adverse information is more than seven years old. The panel concluded the consumers’ claim “is not that the information in their credit reports and disclosures is inaccurate, but rather that it is irrelevant,” which does not support their claims for a violation under the FCRA.
On July 24, the U.S. Court of Appeals for the 9th Circuit affirmed a district court’s ruling that the FCRA did not require a consumer reporting agency (defendant) to examine disputed items on an individual’s credit report because the credit repair company—and not the individual—submitted the request to the defendant. Under the FCRA, consumer reporting agencies are required to assess disputed credit file items when a consumer notifies the agency directly. However, the court stated that the plaintiff did not play a part in drafting, finalizing, or sending the letters that the credit repair company sent to the defendant on his behalf, and therefore granted summary judgment in favor of the defendant, ruling that the defendant’s duty to reinvestigate the claims relied upon the plaintiff himself submitting the dispute notifications.
On appeal, the 9th Circuit agreed with the district court that the defendant “did not act unreasonably” and was correct in entering summary judgment. “This case does not involve a letter sent to a consumer reporting agency by a consumer’s attorney,” the appellate court wrote in clarifying that the holding was limited to the facts of the specific case. “Nor does it involve one family member assisting another by sending a letter on the other’s behalf. It does not even involve a letter sent by a credit repair agency that a consumer reviewed and approved before it was submitted. We do not decide whether, in any of these circumstances, a consumer reporting agency would have a duty to reinvestigate. We only hold that, in this case, where [the plaintiff] played no role in preparing the letters and did not review them before they were sent, the letters sent by [the credit repair company] did not come directly from [the plaintiff].”
On June 24, the FTC finalized the “Free Electronic Credit Monitoring for Active Duty Military Rule,” which implements the Economic Growth, Regulatory Relief, and Consumer Protection Act requirement for nationwide consumer reporting agencies (CRAs) to provide free electronic credit monitoring services for active duty military consumers. The proposed rule, issued in November 2018 (covered by InfoBytes here), defined the term “electronic credit monitoring service” as a service through which the CRAs provide, at a minimum, electronic notification of material additions or modifications to a consumer’s file and requires CRAs to notify active duty military consumers within 24 hours of any material change. The proposal noted that CRAs may require that active duty military provide contact information, proof of identity, and proof of active duty status in order to use the free service and outlines how a servicemember may prove active duty status, such as with a copy of active duty orders. Additionally, the proposal prohibited CRAs from requiring active duty military consumers to purchase a product in order to obtain the free service.
In response to comments on the proposal, the final rule refers to the definition of “active duty military consumer” in the FCRA, which requires that the servicemember be assigned to service away from their usual duty station, or be a member of the National Guard, regardless of whether the National Guard member is stationed away from their normal duty station. The FTC noted that commenters requested the requirement that the servicemember be stationed away from their normal duty station be eliminated but “the statutory language limit[ed] the Commission’s discretion on [the] topic.” However, the FCRA does not apply the same duty station requirement to the National Guard. Additionally, the final rule, among other things (i) requires CRAs to provide free access to a credit file when it notifies an active duty military consumer about a material change to the file; (ii) extends the amount of time the CRAs have to notify an active duty military consumer of a material change from 24 hours to 48 hours; and (iii) prohibits CRAs from requiring that active duty military consumers agree to terms or conditions as a requirement to obtain their free credit file, unless the terms or conditions are necessary to comply with certain legal requirements.
While the final rule goes into effect three months after publication in the Federal Register, CRAs will be allowed to comply with certain portions of the final rule by offering existing credit monitoring services to active duty military consumers for free, for a period of up to one year from the effective date.
- Jonice Gray Tucker to discuss "Trends in regulatory enforcement" at the ABA Banking Law Committee Meeting
- Jonice Gray Tucker to discuss "Fair access to credit in today’s innovative environment" at the ABA Banking Law Committee Meeting
- Andrew W. Schilling to moderate "Expectations of in-house counsel from their law firm partners" at the ACI's 7th Annual Advanced Forum on False Claims and Qui Tam
- Buckley Webcast: Tips for navigating changes to the FHA recertification process
- Daniel P. Stipano to discuss "A 20/20 view on 2020’s legislative and regulatory outlook" at the ACAMS Anti-Financial Crime and Public Policy Conference
- Kari K. Hall and Michelle L. Rogers to discuss "Overdrafts and regulatory trends" at the CLE Alabama Banking Law Update
- Kathryn L. Ryan to discuss "Industry open forum session on NMLS usage" at the NMLS Annual Conference & Training
- Kathryn L. Ryan to discuss "Regulating innovative consumer lending products" at the NMLS Annual Conference & Training
- Daniel P. Stipano to moderate "Washington update" at the 17th Puerto Rican Symposium of Anti Money Laundering 2020 conference
- APPROVED Checkpoint Webcast: CFL overview
- Daniel P. Stipano to discuss "Pathway of the SARs: Tracking trajectories of suspicious activity reports from alerts to prosecution" at the ACAMS moneylaundering.com 25th Annual International AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Which bud’s for you? A deep-dive into evolving marijuana laws" at the ACAMS moneylaundering.com 25th Annual International AML & Financial Crime Conference