Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

Filter

Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • FTC bans operators of auto-warranty scam

    Agency Rule-Making & Guidance

    On July 6, the FTC announced that it reached an agreement on a stipulated order to resolve a lawsuit against the operators of a telemarketing scam that pitched “extended automobile warranties” to hundreds of thousands of consumers nationwide.  The stipulated order, which has been approved by the U.S. District Court for the Southern District of Florida, imposes a lifetime ban against a consulting group and its owner from any outbound telemarketing business and any involvement with extended automobile warranty sales. In February 2022, the FTC sued several companies—including the consulting group and its owner—in connection with their alleged involvement in the telemarketing scam, alleging that they had defrauded consumers out of millions of dollars. The complaint alleged that the companies made numerous unsolicited calls, falsely claiming to be affiliated with vehicle manufacturers and inaccurately promoting their products as offering comprehensive “bumper-to-bumper” protection.  

    In addition to the lifetime ban, the stipulated order includes a monetary judgment of $6.5 million, which is partially suspended based on the defendants’ alleged inability to pay. The FTC reached a separate settlement with three of the other original defendant companies and their owners in March 2023.

    Agency Rule-Making & Guidance FTC Telemarketing Consumer Protection Deceptive

  • FTC proposal would ban deceptive reviews

    Agency Rule-Making & Guidance

    On June 30, the FTC introduced a proposed rule to combat deceptive review practices and ensure consumer protection in light of the impact and progression of technology and artificial intelligence. The rule seeks to prohibit the creation and sale of fake consumer reviews, prevent review hijacking, and restrict the manipulation of reviews through incentives. Under the proposed rule, businesses would be prohibited from creating or selling reviews by individuals who do not exist or lack real experience with the product or service. Additionally, the proposed rule prohibits businesses from providing compensation or incentives in exchange for consumer reviews expressing specific sentiments, whether positive or negative. To enhance transparency and integrity, the proposed rule also includes provisions related to insider reviews and testimonials. It also emphasizes the importance of transparency by requiring disclosure of relationships in insider reviews and testimonials. Under these provisions, officers and managers of companies would be required to disclose their relationships when writing reviews or testimonials about their products or services. Businesses would also be obligated to disclose relationships in testimonials written by insiders. Moreover, the FTC's proposed rule targets businesses that create or control websites claiming to provide impartial opinions about a particular category of products or services, including their offerings. Further, it prohibits businesses from using unjustified legal threats, intimidation, or false accusations to prevent or remove negative consumer reviews. This provision aims to preserve the independence and authenticity of consumer reviews, preventing businesses from manipulating public perception through controlled review websites. Considering the widespread influence of social media, the rule would prohibit businesses from selling or buying fake followers or views.

    The FTC is currently seeking public comments on the proposed rule.

    Agency Rule-Making & Guidance Federal Issues FTC Consumer Protection Online Marketplace Deceptive

  • Default judgment entered against provider of immigration bonds

    Courts

    The U.S. District Court for the Western District of Virginia recently entered default judgment against defendants accused of misrepresenting the cost of immigration bond services and deceiving migrants to keep them paying monthly fees by making false threats of deportation for failure to pay. As previously covered by InfoBytes, the defendants—a group of companies providing immigration bond products or services for non-English speaking U.S. Immigration and Customs Enforcement detainees—were sued by the CFPB and state attorneys general from Massachusetts, New York, and Virginia in 2021 for allegedly engaging in deceptive and abusive acts and practices in violation of the Consumer Financial Protection Act (CFPA). The defendants argued that the court lacked subject matter jurisdiction because the Bureau did not have authority to enforce the CFPA since the defendants are regulated by state insurance regulators and are merchants, retailors, or sellers of nonfinancial goods or services. However, the court disagreed, explaining that “limitations on the CFPB’s regulatory authority do not equate to limitations on this court’s jurisdiction.” (Covered by InfoBytes here.)

    As explained in the court’s opinion, last year the plaintiffs filed a motion for sanctions and for an order to show cause why the court should not hold the defendants in contempt for actions relating to several ongoing discovery disputes. The court determined that the defendants failed to demonstrate that “factors other than obduracy and willfulness” led to their failure to comply with multiple discovery orders and that the defendants engaged in a “pattern of knowing noncompliance with numerous orders of the court.” These delays, the court said, have significantly harmed the plaintiffs in their ability to prepare their case. Finding each defendant in civil contempt of court, the court also entered a default judgment against the defendants, citing them for discovery violations in other cases. The court set June deadlines for briefs on remedies and damages.

    Courts State Issues CFPB Enforcement State Attorney General Predatory Lending CFPA Deceptive Abusive

  • FTC proposes changes to Health Breach Notification Rule

    Agency Rule-Making & Guidance

    On May 18, the FTC issued a notice of proposed rulemaking (NPRM) and request for public comment on changes to its Health Breach Notification Rule (Rule), following a notice issued last September (covered by InfoBytes here) warning health apps and connected devices collecting or using consumers’ health information that they must comply with the Rule and notify consumers and others if a consumer’s health data is breached. The Rule also ensures that entities not covered by HIPAA are held accountable in the event of a security breach. The NPRM proposed several changes to the Rule, including modifying the definition of “[personal health records (PHR)] identifiable health information,” clarifying that a “breach of security” would include the unauthorized acquisition of identifiable health information, and specifying that “only entities that access or send unsecured PHR identifiable health information to a personal health record—rather than entities that access or send any information to a personal health record—qualify as PHR related entities.” The modifications would also authorize the expanded use of email and other electronic methods for providing notice of a breach to consumers and would expand the required content for notices “to include information about the potential harm stemming from the breach and the names of any third parties who might have acquired any unsecured personally identifiable health information.” Comments on the NPRM are due 60 days after publication in the Federal Register.

    The same day, the FTC also issued a policy statement warning businesses against making misleading claims about the accuracy or efficacy of biometric technologies like facial recognition. The FTC emphasized that the increased use of consumers’ biometric information and biometric information technologies (including those powered by machine learning) raises significant consumer privacy and data security concerns and increases the potential for bias and discrimination. The FTC stressed that it intends to combat unfair or deceptive acts and practices related to these issues and outlined several factors used to determine potential violations of the FTC Act.

    Agency Rule-Making & Guidance Federal Issues Privacy, Cyber Risk & Data Security FTC Consumer Protection Biometric Data Artificial Intelligence Unfair Deceptive UDAP FTC Act

  • FTC obtains TROs to halt student loan debt relief schemes

    Federal Issues

    On May 8, the FTC announced that the U.S. District Court for the Central District of California recently issued temporary restraining orders (TROs) against two student loan debt relief companies that allegedly tricked consumers into paying for nonexistent repayment and loan forgiveness programs. According to the complaints (see here and here), the defendants allegedly made deceptive claims in order to lure low-income consumers into paying hundreds to thousands of dollars in illegal upfront fees as part of a purported plan to pay down their student loans. The defendants allegedly made consumers believe that they were enrolled in a legitimate loan repayment program, that their loans would be forgiven in whole or in part, and that most or all of their payments would be applied to their loan balances. The FTC alleges that, in reality, the defendants pocketed the borrowers’ payments. The FTC also charged the defendants with falsely claiming to be or be affiliated with the Department of Education and stating that they were purchasing borrowers’ debt from federal student loan servicers in order to secure debt relief on their behalf. When consumers realized the debt relief program did not exist, the defendants allegedly often refused to provide refunds.

    According to the FTC, these deceptive misrepresentations violated Section 5 of the FTC Act and the Telemarketing Sales Rule (TSR). The FTC also alleges that the companies violated the Gramm-Leach-Bliley Act (GLBA), by using deceptive tactics to obtain consumers’ financial information, and the TSR, by calling numbers listed on the National Do Not Call Registry and by failing to pay required Do Not Call Registry fees for access. In issuing the TROs (see here and here), which temporarily halt the two schemes and freeze the defendants’ assets, the court noted that, upon “[w]eighing the equities and considering the FTC’s likelihood of ultimate success on the merits,” there is good cause to believe that immediate and irreparable harm will occur as a result of the defendants’ ongoing violations of the FTC Act, the TSR, and the GLBA, unless the defendants are restrained and enjoined.

    Federal Issues Courts FTC Enforcement Student Lending Debt Relief Consumer Finance FTC Act Telemarketing Sales Rule UDAP Deceptive Gramm-Leach-Bliley

  • OCC, FDIC say some overdraft fees may be unfair or deceptive

    On April 26, the OCC and FDIC issued supervisory guidance addressing consumer compliance risks associated with bank overdraft practices. (See OCC Bulletin 2023-12 and FDIC FIL-19-2023.) The guidance highlighted certain practices that may result in increased risk exposure, including assessing overdraft fees on “authorize positive, settle negative” (APSN) transactions and assessing representment fees each time a third party resubmits the same item for payment after being returned by a bank for non-sufficient funds. The agencies provided guidance for banks that may help control risks associated with overdraft protection programs and achieve compliance with Dodd-Frank’s UDAAP prohibitions and section 5 of the FTC Act, which prohibits unfair or deceptive acts or practices.

    The FDIC’s supervisory guidance expanded on the 2019 Consumer Compliance Supervisory Highlights (covered by InfoBytes here), and warned that APSN overdraft fees present risks of unfairness under both statutes as consumers “cannot reasonably avoid” receiving these fees because they lack “the ability to effectively control payment systems and overdraft processing systems practices.” The FDIC cited the “complicated nature of overdraft processing systems” as another impediment to a consumer’s ability to avoid injury. The FDIC also emphasized that risks of unfairness exist both in “available balance” or “ledger balance” methods of assessing overdraft fees, but cautioned that risks may be “more pronounced” when a bank uses an available balance method. Furthermore, the FDIC warned that disclosures describing how transactions are processed may not mitigate UDAAP and UDAP risk. Banks are encouraged to “ensure customers are not charged overdraft fees for transactions consumers may not anticipate or avoid,” and should take measures to ensure overdraft programs provided by third parties comply with all applicable laws and regulations, as such arrangements may present additional risks if not properly managed, the FDIC explained.

    The OCC’s guidance also warned that disclosures may be deceptive under section 5 if they fail to clearly explain that multiple or additional fees may result from multiple presentments of the same transaction. Recognizing that some banks have already implemented changes to their overdraft protection programs, the OCC also acknowledged that “[w]hen supported by appropriate risk management practices, overdraft protection programs may assist some consumers in meeting short-term liquidity and cash-flow needs.” The OCC encouraged banks to explore other options, such as offering low-cost accounts and low-cost alternatives for covering overdrafts, such as overdraft lines of credit and linked accounts. 

    Bank Regulatory Federal Issues OCC FDIC Consumer Finance Overdraft FTC Act UDAP UDAAP Deceptive Unfair Dodd-Frank Fees Agency Rule-Making & Guidance

  • District Court won’t stay CFPB litigation with credit reporter

    Courts

    On April 13, the U.S. District Court for the Northern District of Illinois denied a credit reporting agency’s (CRA) bid to stay litigation filed by the CFPB alleging deceptive practices related to the marketing and sale of credit scores, credit reports, and credit-monitoring products to consumers. The Bureau sued the CRA and one of its former senior executives last April (covered by InfoBytes here), claiming the defendants allegedly violated a 2017 consent order by continuing to engage in “digital dark patterns” that caused consumers seeking free credit scores to unknowingly sign up for a credit monitoring service with recurring monthly charges.

    The CRA requested a stay while the U.S. Supreme Court considers whether the Bureau’s funding mechanism is unconstitutional. Earlier this year, the Court agreed to review next term the 5th Circuit’s decision in Community Financial Services Association of America v. Consumer Financial Protection Bureau, where it found that the CFPB’s “perpetual self-directed, double-insulated funding structure” violated the Constitution’s Appropriations Clause. (Covered by InfoBytes here and a firm article here.) While acknowledging that a ruling against the Bureau may result in the dismissal of the action against the CRA, the court concurred with the Bureau that consumers may be exposed to harm during a stay. “Were I to grant the requested stay, it could last more than one year, depending on when the Supreme Court issues its opinion,” the court wrote. “In that time, if the Bureau’s allegations bear out, consumers will continue to suffer harm because of defendants’ unlawful conduct. That potential cost is too great to outweigh the resource preserving benefits a stay would confer.”

    Courts CFPB Consumer Finance Credit Reporting Agency Enforcement Deceptive UDAAP CFPA U.S. Supreme Court Funding Structure Constitution Dark Patterns

  • FTC proposes changes to Negative Option Rule

    Agency Rule-Making & Guidance

    On March 23, the FTC announced a notice of proposed rulemaking (NPRM) seeking feedback on proposed amendments to the agency’s Negative Option Rule, which is used to combat unfair or deceptive practices related to subscriptions, memberships, and other recurring-payment programs. (See also FTC fact sheet here.) Claiming that current laws and regulations do not clearly provide a consistent legal framework for these types of programs, the NPRM, which applies to all subscription features in all media, proposes to add a new “click to cancel” provision that would make it as easy for consumers to cancel their enrollment as it was to sign up. The NPRM would also require sellers to first ask consumers whether they want to hear about new offers or modifications before making a pitch when consumers are trying to cancel their enrollment. If a consumer says “no” a seller must immediately implement the cancellation process. Sellers would also be required to provide consumers who are enrolled in negative option programs with an annual reminder involving anything other than physical goods before they are automatically renewed.

    Commissioner Christine Wilson issued a dissenting statement, in which she argued that while the NPRM “may achieve the goal of synthesizing the various requirements in one rule,” it “is not confined to negative option marketing [as it] also covers any misrepresentation made about the underlying good or service sold with a negative option feature.” Wilson commented, “as drafted, the Rule would allow the Commission to obtain civil penalties, or consumer redress under Section 19 of the FTC Act, if a marketer using a negative option feature made misrepresentations regarding product efficacy or any other material fact.”

    Agency Rule-Making & Guidance Federal Issues FTC Negative Option FTC Act Consumer Finance Subscriptions UDAP Unfair Deceptive

  • FTC orders refunds over compromised health data

    Federal Issues

    On March 2, the FTC filed a complaint against an online counseling service alleging the respondent violated the FTC Act by monetizing consumers’ sensitive health data for targeted advertising purposes. As part of the process to sign up for the respondent’s counseling services, consumers are required to provide sensitive mental health information, as well as other personal information. Consumers are promised that their personal health data will not be used or disclosed except for limited purposes, such as for counseling services. However, the FTC claimed the respondent used and revealed consumers’ sensitive health data to third parties for advertising purposes. According to the FTC, the respondent failed to maintain sufficient policies or procedures to protect the sensitive information and did not obtain consumers’ affirmative express consent before disclosing the health data. The respondent also allegedly failed to limit how third parties could use the health data and denied reports that it revealed consumers’ sensitive information.

    Under the terms of the proposed consent order, the respondent will be required to pay $7.8 million in partial refunds to affected users and will be banned from disclosing health information to certain third parties for re-targeting advertising purposes. This will be the first FTC action returning funds to consumers whose health data was compromised. The respondent will also be prohibited from misrepresenting its sharing practices and must also (i) obtain users’ affirmative express consent before disclosing personal information to certain third parties for any purpose; (ii) implement a comprehensive privacy program with strong safeguards to protect users’ data; (iii) instruct third parties to delete shared personal data; and (iv) implement a data retention schedule imposing limits on how long personal data can be retained.

    Federal Issues FTC Enforcement Advertisement Privacy, Cyber Risk & Data Security Consumer Protection UDAP FTC Act Unfair Deceptive

  • District Court allows FTC suit against owners of credit repair operation to proceed

    Federal Issues

    On February 13, the U.S. District Court for the Eastern District of Michigan denied a motion to dismiss filed by certain defendants in a credit repair scheme. As previously covered by InfoBytes, last May the FTC sued a credit repair operation that allegedly targeted consumers with low credit scores promising its products could remove all negative information from their credit reports and significantly increase credit scores. At the time, the court granted a temporary restraining order against the operation for allegedly engaging in deceptive practices that scammed consumers out of more than $213 million. The temporary restraining order was eventually vacated, and the defendants at issue (two individuals and two companies that allegedly marketed credit repair services to consumers, charged consumers prohibited advance fees in order to use their services without providing required disclosures, and promoted an illegal pyramid scheme) moved to dismiss themselves from the case and to preclude the FTC from obtaining permanent injunctive and monetary relief.

    In denying the defendants’ motion to dismiss, the court held, among other things, that “controlling shareholders of closely-held corporations are presumed to have the authority to control corporate acts.” The court pointed to the FTC’s allegations that the individual defendants at issue were owners, officers, directors, or managers, were authorized signatories on bank accounts, and had “formulated, directed, controlled, had the authority to control, or participated in the acts and practices set forth in the complaint.” The court further held that the FTC’s allegations raised a plausible inference that the individual defendants have the authority to control the businesses and demonstrated that they possessed, “at the most basic level, ‘an awareness of a high probability of deceptiveness and intentionally avoided learning of the truth.’”

    The court also disagreed with the defendants’ argument that the permanent injunction is not applicable to them because they have since resigned their controlling positions of the related businesses, finding that “[t]his development, if true, does not insulate them from a permanent injunction.” The court found that “the complaint contains plausible allegations of present and ongoing deceptive practices that would authorize the [c]ourt to award a permanent injunction ‘after proper proof.’” In addition, the court said it may award monetary relief because the FTC brought claims under both sections 13(b) and 19 of the FTC Act and “section 19(b) contemplates the ‘refund of money,’ the ‘return of property,’ or the ‘payment of damages’ to remedy consumer injuries[.]” 

    Federal Issues Courts FTC Enforcement Credit Repair Consumer Finance FTC Act Credit Repair Organizations Act UDAP Deceptive Telemarketing Sales Rule

Pages

Upcoming Events