Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
On January 13, the New Jersey governor signed S 2998, which amends the state’s collateral protection insurance (CPI) disclosure requirements. The amendments provide that when CPI is required and provided by the creditor, the creditor must disclose to the consumer debtors that they will be responsible for interest on the CPI cost “at the same rate that is applied pursuant to [the debtor’s] credit agreement.” The creditor must also provide a “good faith estimate” of what the CPI coverage will cost the debtor. Additionally, the creditor must instruct the debtors how to provide evidence of the required insurance, so that in those instances where the debtor obtains CPI, the creditor-purchased CPI can be cancelled and the costs and interest fees can be recovered. The amendments take effect on April 12.
On January 6, the California attorney general issued an advisory explaining consumers’ rights under the California Consumer Privacy Act (CCPA), which took effect January 1. (See previous InfoBytes coverage on the CCPA here.) These rights include (i) the right to request from businesses what personal information they collect, use, share, or sell; (ii) the right to request that businesses and their service providers delete one’s personal information; (iii) the right to opt out of businesses’ disclosure of one’s personal information via “Do Not Sell” links on businesses’ websites and mobile apps; (iv) the right of children younger than 16 to have businesses disclose their personal information only after receiving the child’s opt-in consent (though parents or guardians may consent for children under 13); and (v) the right to non-discrimination should a consumer exercise his or her privacy rights under the CCPA.
In addition to enumerating these consumer rights, the advisory specifies the types of businesses subject to the CCPA, provides information on the state’s data broker registry, and describes consumers’ private right of action in the event of a data breach.
On December 23, the New York governor signed S 3631, which amends the state’s insurance law to increase protections for New York consumers from unplanned charges at the end of a motor vehicle lease. The definition of “service contracts” is broadened to cover more comprehensive service contracts on motor vehicles leased for personal use. Service contracts covered by the law will now include agreements that apply to accidental damage and excess use and wear and tear, including missing parts of the vehicle, and items not covered by a warranty or other service agreement, as long as such services do not exceed the purchase price of the automobile. The law became effective when signed.
On December 13, the U.S. District Court for the District of Maryland denied an international hospitality company’s motion to dismiss a data breach suit brought by the City of Chicago. According to the city’s complaint, the company violated the Illinois Consumer Fraud and Deceptive Business Practices Act by, among other things, allegedly failing to (i) “protect Chicago residents’ personal information”; (ii) implement and maintain reasonable security measures; (iii) disclose that it did not maintain reasonable security measures; and (iv) provide “prompt notice” of the breach to Chicago residents. According to the opinion, the city had established standing to sue the company because it adequately alleged injury to its municipal interests. Additionally, the court rejected the company’s assertion that the suit is unconstitutional under the Illinois Constitution, stating that the consumer protection ordinance the company was alleged to have violated “addresses a local problem, making it a legitimate exercise of the City’s home rule authority” under the state’s constitution. The company had released a statement in November 2018, which is at the center of the city’s action, stating that the breach was discovered in September 2018, had exposed personal information from 500 million guests, and been ongoing since 2014.
Additionally, on October 10, the California attorney general released the highly anticipated proposed regulations implementing the CCPA. See the Buckley Special Alert for details of the proposed regulations.
- Andrew W. Schilling to moderate "Expectations of in-house counsel from their law firm partners" at the ACI's 7th Annual Advanced Forum on False Claims and Qui Tam
- Buckley Webcast: Tips for navigating changes to the FHA recertification process
- Daniel P. Stipano to discuss "A 20/20 view on 2020’s legislative and regulatory outlook" at the ACAMS Anti-Financial Crime and Public Policy Conference
- Kari K. Hall and Michelle L. Rogers to discuss "Overdrafts and regulatory trends" at the CLE Alabama Banking Law Update
- Kathryn L. Ryan to discuss "Industry open forum session on NMLS usage" at the NMLS Annual Conference & Training
- Kathryn L. Ryan to discuss "Regulating innovative consumer lending products" at the NMLS Annual Conference & Training
- Daniel P. Stipano to moderate "Washington update" at the 17th Puerto Rican Symposium of Anti Money Laundering 2020 conference
- APPROVED Checkpoint Webcast: CFL overview
- Daniel P. Stipano to discuss "Pathway of the SARs: Tracking trajectories of suspicious activity reports from alerts to prosecution" at the ACAMS moneylaundering.com 25th Annual International AML & Financial Crime Conference
- Daniel P. Stipano to discuss "Which bud’s for you? A deep-dive into evolving marijuana laws" at the ACAMS moneylaundering.com 25th Annual International AML & Financial Crime Conference