Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • FTC, Ohio AG halt payment processor and credit card interest-reduction telemarketing operations

    Federal Issues

    On July 29, the FTC and the Ohio attorney general announced temporary restraining orders and asset freezes issued by the U.S. District Court for the Western District of Texas against a payment processor and a credit card interest-reduction telemarketing operation (see here and here). According to the FTC, the payment processor defendants allegedly violated the FTC Act, the Telemarketing Sales Rule (TSR), and various Ohio laws by, among other things, generating and processing remotely created payment orders or checks that allowed merchants—including deceptive telemarketing schemes—the ability to withdraw money from consumers’ bank accounts. The FTC asserted that the credit card interest-reduction defendants deceptively promised consumers significant credit card interest rate reductions, along with “a 100 percent money back guarantee if the promised rate reduction failed to materialize or the consumers were otherwise dissatisfied with the service.” However, the FTC claimed that most customers never received the promised rate reduction, were refused refund requests, and often received collection or lawsuit threats. Additionally, the credit card interest-reduction defendants allegedly violated the TSR by charging advance fees, failing to properly identify the service in telemarketing calls, and failing to pay to access the FTC’s National Do Not Call Registry.

    Federal Issues FTC State Attorney General Enforcement Payment Processors Credit Cards Telemarketing Sales Rule FTC Act

  • FTC and DOJ announce $5 billion privacy settlement with social media company; SEC settles for $100 million

    Privacy, Cyber Risk & Data Security

    On July 24, the FTC and the DOJ officially announced (see here and here) that the world’s largest social media company will pay a $5 billion penalty to settle allegations that it mishandled its users’ personal information. As previously covered by InfoBytes, it was reported on July 12 that the FTC approved the penalty, in a 3-2 vote. This is the largest privacy penalty ever levied by the agency, almost “20 times greater than the largest privacy or data security penalty ever imposed worldwide,” and one of the largest ever assessed by the U.S. government for any violation. According to the complaint, filed the same day as the settlement, the company allegedly used deceptive disclosures and settings to undermine users’ privacy preferences in violation of a 2012 privacy settlement with the FTC, which allowed the company to share users’ data with third-party apps that were downloaded by users’ “friends.” Moreover, the complaint alleges that many users were unaware the company was sharing the information, and therefore did not take the steps needed to opt-out of the sharing. Relatedly, the FTC also announced a separate action against a British consulting and data analytics firm for allegedly using deceptive tactics to “harvest personal information from millions of [the social media company’s] users.”

    In addition to the monetary penalty, the 20-year settlement order overhauls the company’s privacy program. Specifically, the order, among other things, (i) establishes an independent privacy committee of the company’s board of directors; (ii) requires the company to designate privacy program compliance officers who can only be removed by the board’s privacy committee; (iii) requires an independent third-party assessor to perform biennial assessments of the company’s privacy program; (iv) requires the company to conduct a specific privacy review of every new or modified product, service, or practice before it is implemented; and (v) mandates that the company report any incidents in which data of 500 or more users have been compromised to the FTC.

    In dissenting statements, Commissioner Chopra and Commissioner Slaughter asserted that the settlement, while historic, does not contain terms that would effectively deter the company from engaging in future violations. Commissioner Slaughter argues, among other things, that the civil penalty is insufficient and believes the order should have contained “meaningful limitations on how [the company] collects, uses, and shares data.” Similarly, Commissioner Chopra argues that the order imposes no meaningful changes to the company’s structure or financial incentives, and the immunity provided to the company’s officers and directors is unwarranted.

    On the same day, the SEC announced that the company also agreed to pay $100 million to settle allegations that it mislead investors about the risks it faced related to the misuse of its consumer data. The SEC’s complaint alleges that in 2015, the company was aware of the British consulting and data analytics firm’s misuse of its consumer data but did not correct its disclosures for more than two years. Additionally, the SEC alleges the company failed to have policies and procedures in place during that time that would assess the results of internal investigations for the purposes of making accurate disclosures in public filings. The company neither admitted nor denied the allegations.

    Privacy/Cyber Risk & Data Security FTC DOJ Settlement SEC FTC Act

  • 9th Circuit: Law firm owner liable for restitution from mortgage relief scheme

    Courts

    On July 16, the U.S. Court of Appeals for the 9th Circuit affirmed summary judgment in favor of the FTC in an action alleging two attorneys controlled or participated in a mortgage relief scheme, which falsely told consumers they could join “mass joinder” lawsuits that would save them from foreclosure and provide additional financial awards. In September 2017, the district court granted summary judgment against both defendants, concluding that the defendants knowingly deceived consumers when they falsely marketed that consumers could expect to receive $75,000 in damages or “a judicial determination that the mortgage lien alleged to exist against their particular property is null and void ab initio” if they agreed to join mass joinder lawsuits against their mortgagors. The operation resulted in over $18 million in revenue from the participating consumers.

    On appeal from one defendant, the 9th Circuit agreed with the district court, determining the FTC provided “sufficient undisputed facts to hold [the defendant] individually liable for injunctive relief at summary judgment.” Specifically, the appellate court agreed that the FTC sufficiently proved three separate legal entities, one of which the defendant was the co-owner and corporate officer, “operate[d] together as a common enterprise,” which violated the FTC Act and Mortgage Assistance Relief Services Rule with their mortgage relief operation. Moreover, the appellate court determined that the defendant was “at least recklessly indifferent to [the other entities’] misrepresentations,” based on his knowledge of previous schemes operated by the other owners and reliance on a non-lawyer’s assurance that the marketing materials had been “legally approved,” making him “jointly and severally liable for restitution for the corporation’s unjust gains in violation of the FTC Act.”

    Courts Ninth Circuit Appellate FTC Act Mortgages FTC

  • FTC seeks permanent injunction against student loan debt relief operation

    Federal Issues

    On July 11, the FTC announced it was charging a student loan debt relief operation with violations of the FTC Act and the Telemarketing Sales Rule for allegedly engaging in deceptive practices when marketing and selling their debt relief services. The complaint alleges the operators of the scheme allegedly, among other things, (i) charged borrowers illegal advance fees; (ii) falsely claimed they would service and pay down their student loans; and (iii) obtained borrowers’ credentials in order to change consumers’ contact information and prevent communications from loan servicers. According to the FTC, the defendants allegedly collected more than $23 million from consumers, and when asked why their payments were not being applied to their loans, the defendants “informed consumers that their entire payments had been collected as ‘handling’ or ‘management’ fees.” On July 10, the U.S. District Court for the Central District of California issued a temporary restraining order and asset freeze at the FTC’s request. The FTC seeks a permanent injunction against the defendants to prevent future violations, as well as redress for injured consumers through “rescission or reformation of contracts, restitution, the refund of monies paid, and the disgorgement of ill-gotten monies.”

    Federal Issues FTC Enforcement Debt Relief Student Lending FTC Act Telemarketing Sales Rule UDAP

  • FTC and NY AG settle with phantom debt operation

    Federal Issues

    On July 1, the FTC announced, together with the New York attorney general, a settlement with two New York-based phantom debt operations and their principals (collectively, “defendants”) resolving allegations that the operations bought, placed for collection, sold lists of, and collected on fake debts that consumers did not owe. As previously covered by InfoBytes, the June 2018 complaint alleged that the defendants ran a deceptive and abusive debt collection scheme in violation of the FTC Act, the FDCPA, and New York state law. The settlement order against one company and its owners bans the defendants from debt collection activities, including buying, placing for collection, and selling debt. The order requires the defendants to pay a combined $676,575, suspending the total judgment of $6.75 million, due to inability to pay. The settlement order against the other company and its owner prohibits the defendants from engaging in unlawful collection practices and requires the payment of $118,000, suspending the total judgment of $4.94 million, due to inability to pay.

    Federal Issues State Issues Enforcement FTC State Attorney General Debt Collection FTC Act FDCPA Settlement

  • Federal and state enforcement agencies coordinate on robocall crackdown

    Federal Issues

    On June 25, the FTC announced a major crackdown on illegal robocalls named “Operation Call it Quits,” which includes 94 enforcement actions from around the country brought by the FTC and 25 other federal, state, and local agencies. In addition to actions targeting the actors, the operation also includes a consumer education initiative and promotion of the development of technology-based solutions to block robocalls and fight caller ID spoofing. In addition to the 87 other enforcement actions brought under the initiatives, the FTC announced four new actions, some of which were filed by the DOJ on the FTC’s behalf, and three new settlements targeting robocallers for violations of the FTC Act and the Telemarketing Sales Rule (TSR), among other things. The FTC alleges many of the actors used illegal robocalls to contact financially distressed consumers regarding interest rate reductions, sell fraudulent money-making opportunities, pitch free medical alert systems, or develop leads for solar energy companies. The affected consumers in these actions were often listed on the Do Not Call Registry. The FTC provided a complete list of the 94 actions brought under Operation Call it Quits.

    State Attorneys General participating in the initiative are: Alabama, Arizona, Colorado, Florida, Illinois, Indiana, Michigan, Missouri, North Carolina, North Dakota, Ohio, Oregon, Pennsylvania, Texas, and Virginia. Additionally, local agencies include: the Consumer Protection Divisions of the District Attorneys for the Counties of Los Angeles, San Diego, Riverside, and Santa Clara, California; the Florida Department of Agriculture and Consumer Services; and the Los Angeles City Attorney. 

    Federal Issues FTC Robocalls FTC Act Enforcement State Attorney General Telemarketing Sales Rule Do Not Call Registry

  • FTC halts operations of credit-repair company

    Federal Issues

    On June 21, the FTC announced that the U.S. District Court for the District of Connecticut temporarily halted the operation of an alleged credit repair scheme based on allegations the company charged illegal upfront fees and falsely claimed to substantially improve consumers’ credit scores in violation of the FTC Act, the Credit Repair Organizations Act, the Telemarketing Sales Rule (TSR), the Consumer Review Fairness Act, TILA, and the EFTA. According to the complaint, since 2014, the company, among other things, (i) claims they can improve consumers’ credit scores by removing negative items and hard inquiries from credit reports; (ii) charges advance fees for their services; (iii) does not provide the required disclosures for its services, including credit transaction disclosures related to the financing of the service fees; (iv) engages in electronic funds transfers from consumers’ bank accounts without proper authorization; and (v) threatens consumers with legal action after consumers complain about the lack of results. The court order requires the company to temporarily cease its operations and ensures the company’s assets are frozen.

    Federal Issues FTC Credit Repair Credit Scores Courts TILA EFTA FTC Act Telemarketing Sales Rule

  • 9th Circuit: FTC does not need to show irreparable harm to get injunctive relief

    Courts

    On June 17, the U.S. Court of Appeals for the 9th Circuit held that no showing of irreparable harm is required for the FTC to obtain injunctive relief when the relief is sought in conjunction with a statutory enforcement action where the applicable statute authorizes such relief. According to the opinion, the FTC brought an action against an entity and related individuals (collectively, “defendants”) operating a mortgage loan modification scheme for allegedly violating the FTC Act and Regulation O by making false promises to consumers for services designed to prevent foreclosures or reduce interest rates or monthly mortgage payments. (Previously covered by InfoBytes here.) The FTC brought the action under the second proviso of Section 13(b) of the FTC Act, which allows the agency to pursue injunctive relief without initiating administrative action. The district court granted the motion for preliminary injunction without requiring the FTC to make a showing of irreparable harm.

    On appeal, the 9th Circuit rejected the defendants’ argument that the FTC was still required to demonstrate the likelihood of irreparable harm in a Section 13(b) action. The appellate court noted that the FTC’s position is supported by the court’s precedent, quoting “‘[w]here an injunction is authorized by statute, and the statutory conditions are satisfied . . ., the agency to whom the enforcement of the right has been entrusted is not required to show irreparable injury.’” The appellate court concluded that its precedent is not irreconcilable with the 2008 Supreme Court decision in Winter v. Natural Resource Defense Council, Inc, noting that Winter did not address injunctive relief in the context of statutory enforcement. Therefore, the appellate court concluded that although irreparable harm is required to obtain injunctive relief in an ordinary case, the district court did not error in granting injunctive relief, without the showing of irreparable harm, in conjunction with a statutory enforcement action.  

     

    Courts Appellate FTC FTC Act Preliminary Injunction Ninth Circuit

  • FTC settles with software provider over data security failures

    Federal Issues

    On June 12, the FTC announced a settlement under which a software provider agreed to better protect the data it collects, resolving allegations that the company failed to implement reasonable data security measures and exposed personal consumer information obtained from its auto dealer clients in violation of the FTC Act and the Standards for Safeguarding Customer Information Rule, issued pursuant to the Gramm-Leach-Bliley Act.

    In its complaint, the FTC alleged the company’s failure to, among other things, (i) implement an organization information security policy; (ii) implement reasonable guidance or training for employees; (iii) use readily available security measures to monitor systems; and (iv) impose reasonable data access controls, resulted in a hacker gaining unauthorized access to the company’s database containing the personal information of approximately 12.5 million consumers. The proposed consent order requires the company to, among other things, implement and maintain a comprehensive information security program designed to protect the personal information it collects, including implementing specific safeguards related to the FTC’s allegations. Additionally, the proposed consent order requires the company to obtain third-party assessments of its information security program every two years and have a senior manager certify compliance with the order every year. 

    Federal Issues FTC Privacy/Cyber Risk & Data Security FTC Act Enforcement Settlement Consent Order

  • FTC shares 2018 enforcement report with the CFPB

    Federal Issues

    On June 6, the FTC announced that it submitted its 2018 Annual Financial Acts Enforcement Report to the CFPB. The report—which the Bureau requested for its use in preparing its 2018 Annual Report to Congress—covers the FTC’s enforcement activities regarding Regulation Z (the Truth in Lending Act or TILA), Regulation M (the Consumer Leasing Act or CLA), and Regulation E (the Electronic Fund Transfer Act or EFTA). Highlights of the enforcement matters covered in the report include:

    • Auto Lending and Leasing. The report discusses two enforcement matters related to deceptive automobile dealer practices. The first, filed in August 2018, alleged that a group of four auto dealers, among other things, advertised misleading discounts and incentives in their vehicle advertisements, and falsely inflated consumers’ income and down payment information on financing applications. The charges brought against the defendants allege violations of the FTC Act, TILA, and the CLA. The FTC sought, among other remedies, a permanent injunction to prevent future violations, restitution, and disgorgement. (Detailed InfoBytes coverage of the filing is available here.) In the second, in December 2018, the FTC mailed over 43,000 checks, totaling over $3.5 million, to consumers allegedly harmed by nine dealerships and owners engaged in deceptive and unfair sales and financing practices, deceptive advertising, and deceptive online reviews. (Detailed InfoBytes coverage is available here.)
    • Payday Lending. The report covers two enforcement matters, including the U.S. Court of Appeals for the 9th Circuit’s December 2018 decision upholding the $1.3 billion judgment against defendants responsible for operating an allegedly deceptive payday lending program. The decision is the result of a 2012 complaint in which the FTC alleged that the defendants engaged in deceptive acts or practices in violation of Section 5(a) of the FTC Act by making false and misleading representations about costs and payment of the loans. (Detailed InfoBytes coverage is available here.) The report also indicates that, in February 2018, the FTC issued over 72,000 checks totaling more an $2.9 million to consumers stemming from a July 2015 settlement, that alleged that online payday operators used personal financial information purchased from third-party lead generators or data brokers to make unauthorized deposits into and withdrawals from consumers’ bank accounts, regardless of whether the consumer applied for a payday loan. (Detailed InfoBytes coverage is available here.)
    • Negative Option. The report covers six enforcement matters related to alleged violations of the EFTA and Regulation E for “negative option” plans, including three new filings against online marketers for allegedly advertising “free trial” offers for products that enrolled consumers in expensive, ongoing plans without their knowledge or consent. The report notes that, in 2018, the FTC reached a settlement with one entity and obtained a court judgment against another, both resulting in injunctive relief and monetary settlements (which were suspended due to the defendants’ inability to pay). The report also notes that the FTC mailed 2,116 refund checks totaling more than $355,000 to people who bought an allegedly deceptive “memory improvement” supplement.

    Additionally, the report addresses the FTC’s research and policy efforts related to truth in lending and leasing, and electronic fund transfer issues, including (i) a study of consumers’ experiences in buying and financing automobiles at dealerships; and (ii) the FTC’s Military Task Force’s work on military consumer protection issues. The report also outlines the FTC’s consumer and business education efforts, which include several blog posts warning of new scams and practices.

     

    Federal Issues FTC FTC Act TILA EFTA Enforcement CFPB Consumer Education Auto Finance Military Lending Act

Pages

Upcoming Events