InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Kraninger discusses coordinated state supervision and enforcement efforts
On December 10, in a speech before the National Association of Attorneys General Capital Forum, CFPB Director Kathy Kraninger discussed partnership with the states, as well as recent efforts between the Bureau and states in the areas of supervision and enforcement, including innovation policies. Kraninger also discussed the Bureau’s small dollar and debt collection rules. Noting that the Bureau will “effectively enforce the law to fulfill our consumer protection mission … after thoroughly reviewing the facts,” Kraninger recapped FY 2019 enforcement actions and settlements, which have resulted in more than $777 million in total consumer relief, which included over $600 million in consumer redress and more than $174 million in other relief. These actions, Kraninger stated, have resulted in more than $185 million in civil money penalties, not taking into account suspended amounts. Kraninger also highlighted several joint efforts with states and other agencies over the past year, including (i) a multi-agency action resolving a 2017 data breach (InfoBytes coverage here); (ii) a joint action with the New York Attorney General against a network of New York-based debt collectors that allegedly engaged in improper debt collection tactics (InfoBytes coverage here); (iii) a coordinated action with the Minnesota Attorney General’s Office, the North Carolina Department of Justice, and the Los Angeles City Attorney concerning a student loan debt relief operation (InfoBytes coverage here); and (iv) an action with the South Carolina Department of Consumer Affairs against an operation that offered high-interest loans to veterans and other consumers in exchange for the assignment of some of the consumers’ monthly pension or disability payments (InfoBytes coverage here).
Kraninger also discussed the Bureau’s recently-announced American Consumer Financial Innovation Network (ACFIN), which is designed to enhance coordination among federal and state regulators to facilitate financial innovation. (InfoBytes coverage here). ACFIN currently includes nine state attorneys general and four state financial regulators. Kraninger noted that the Bureau is presently reviewing approximately 190,000 comments concerning proposed changes related to certain payday lending requirements and mandatory underwriting provisions (InfoBytes coverage here), as well as over 14,000 comments submitted in response to its Notice of Proposed Rulemaking issued in May concerning amendments to the debt collection rule (InfoBytes coverage here). Kraninger stressed that the Bureau plans to release a Supplemental Notice of Proposed Rulemaking “very early” in 2020, and will be “interested in practical and pragmatic ideas of how to make time-barred debt disclosures work.”
TRO issued against VoIP service provider in card interest reduction scam
On December 5, the FTC and the Ohio attorney general announced that the U.S. District Court for the Western District of Texas issued a temporary restraining order (TRO) against a VoIP service provider and its foreign counterpart for facilitating (or consciously avoiding knowing of) a “phony” credit card interest rate reduction scheme committed by one of its client companies at the center of a joint FTC/Ohio AG action. As previously covered by InfoBytes, the original complaint alleged that a group of individuals and companies—working in concert and claiming they could reduce interest rates on credit cards—had violated the FTC Act, the Telemarketing Sales Rule, and various Ohio consumer protection laws. In addition to obtaining a TRO against the most recent alleged participants, the FTC and Ohio AG amended their July complaint to add the telecom companies as defendants alleging the companies “played a key role in robocalling consumers to promote a credit card interest reductions scheme.”
New York considers privacy legislation broader than the CCPA
On November 22, the New York Senate’s Committee on Consumer Protection and Committee on Internet and Technology held a joint hearing titled, “Consumer Data and Privacy on Online Platforms,” which discussed the proposed New York Privacy Act, SB S5642 (the Act). The Act was introduced in May and seeks to regulate the storage, use, disclosure, and sale of consumer personal data by entities that conduct business in New York State or produce products or services that are intentionally targeted to residents of New York State. The Act contains different provisions than the California Consumer Privacy Act (CCPA), which is set to take effect on January 1, 2020 (visit here for InfoBytes coverage on the CCPA). Highlights of the Act include:
- Fiduciary Duty. Most notably, the Act requires that legal entities “shall act in the best interests of the consumer, without regard to the interests of the entity, controller or data broker, in a manner expected by a reasonable consumer under the circumstances.” Specifically, the Act states that personal data of consumers “shall not be used, processed or transferred to a third party, unless the consumer provides express and documented consent.” The Act imposes a duty of care on every legal entity, or affiliate of a legal entity, with respect to securing consumer personal data against privacy risk and requires prompt disclosure of any unauthorized access. Moreover, the Act requires that legal entities enter into a contract with third parties imposing the same duty of care for consumer personal data prior disclosing, selling, or sharing the data with that party.
- Consumer Rights. The Act requires covered entities to provide consumers notice of their rights under the Act and provide consumers with the opportunity to opt-in or opt-out of the “processing of their personal data” using a method where the consumer must clearly select and indicate their consent or denial. Upon request, and without undue delay, covered entities are required to correct inaccurate personal data or delete personal data.
- Transparency. The Act requires covered entities to make a “clear, meaningful privacy notice” that is “in a form that is reasonably accessible to consumers,” which should include: the categories of personal data to be collected; the purpose for which the data is used and disclosed to third parties; the rights of the consumer under the Act; the categories of data shared with third parties; and the names of third parties with whom the entity shares data. If the entity sells personal data or processes data for direct marketing purposes, it must disclose the processing, as well as the manner in which a consumer may object to the processing.
- Enforcement. The Act defines violations as an unfair or deceptive act in trade or commerce, as well as, an unfair method of competition. The Act allows for the attorney general to bring an action for violations and also prescribes a private right of action on any harmed individual. Covered entities are subject to injunction and liable for damages and civil penalties.
According to reports, state lawmakers at the November hearing indicated that federal requirements would be “the best scenario,” but in the absence of Congressional movement in the area, one state senator noted that the state legislators must “assure [their] constituents that [the state legislature is] doing everything possible to protect their privacy.” Witnesses expressed concern that the Act would be placing too many new requirements on businesses that differ from what other states have already enacted, and encouraged more consistent baseline standards for compliance instead of a patchwork approach. Some witnesses expressed specific concern with the opt-in requirement for the collection and use of consumer data, noting that waiting on consumers to opt-in, as opposed to just opting-out, makes compliance difficult to administer. Lastly, many witnesses were displeased about the broad private right of action in the Act, but consumer groups praised the provision, noting that the state attorney general does not have the resources to regulate and enforce against all the data collection and sharing in the state.
New York AG investigates housing discrimination on Long Island
On November 19, the New York attorney general’s office announced the launch of a Civil Rights Bureau investigation into allegations that Long Island real estate agents have engaged in discriminatory practices. The announcement follows a newspaper’s recent publication of findings based on a three-year examination of residential brokering firms, where, according to the report, several agents allegedly (i) “steered undercover testers to neighborhoods whose composition matched their own race or ethnicity”; (ii) directed white testers to neighborhoods with the highest white representations, whereas minority testers were sent to more integrated areas; and (iii) subjected minority testers to financial bars that were not imposed on white testers, such as requiring mortgage preapproval in order to view properties. The AGs office encourages Long Island residents to report any instances of housing discrimination.
AG coalition calls on Department of Education to discharge loans for students who attended closed for-profit school
On November 13, a coalition of 22 state attorneys general led by the Massachusetts attorney general sent a letter to the Department of Education’s Federal Student Aid Chief Operating Officer to determine whether the Department has complied with federal regulations that allow student borrowers to qualify for automatic discharge relief if they attended a school within 120 days of its closure date and have not continued their education elsewhere. The letter referred to an estimate provided by the Department in May, which stated that approximately 52,000 former students of a now-closed for-profit college qualified for automatic closed-school discharge relief. The letter notes, however, that recent information obtained from Congress indicates that only 7,000 student borrowers have been granted automatic discharges. Among other things, the AGs ask the Department to clarify whether all eligible students are now receiving automatic discharges, and request that the 120-day window be expanded “due to the deeply compromised nature of the school and its offerings in the months before its national collapse.” In addition, the letter requests details about the number of students with discharged loans and the methodology the Department is using to implement the automatic closed-school discharge.
Washington AG settles deceptive practices allegations with office supply company
On November 13, the Washington attorney general announced an office supply company has agreed to pay $900,000 to resolve an investigation into deceptive computer repair services. According to the AG’s office, the company allegedly used a software program, called “PC Health Check” or similar names, to facilitate the sale of diagnostic and repair services to retail customers that cost up to $200, regardless of whether their computer was actually infected with viruses or malware. The company claimed that the program, which allegedly detected malware symptoms on consumers’ computers, actually based the results on answers to four questions consumers were asked by a company employee at the beginning of the service, including whether the computer had slowed down, had issues with frequent pop-up ads, received virus warnings, or crashed often. After the questions were asked, the responses were entered into the program and a simple scan of the computer was run. The AG’s office claims that the scan had no connection to the malware symptoms results because an affirmative answer by the consumer to any of the four questions always led to the report of actual or potential malware symptoms. The release also states that in 2012, a company employee informed management that “the software reported malware symptoms on a computer that ‘didn’t have anything wrong with it,’” but that the company continued to sell the repair services until 2016 to an estimated 14,000 Washington consumers. According to the AG’s release, Washington is the only state to reach an agreement with the company over the alleged practices in addition to the $35 million national settlement the company and its software vendor reached with the FTC in March for similar conduct. (Previous InfoBytes coverage here.)
Massachusetts AG reaches $4 million settlement with debt collector
On November 11, the Massachusetts attorney general announced a $4 million settlement with a Virginia-based debt collection company to resolve allegations that it engaged in deceptive and unfair debt collection practices. The AG’s release stated that an assurance of discontinuance filed in the Suffolk Superior Court alleges that the company “aggressively” collected on purchased defaulted loans, credit card accounts, car loans, and other consumer debts by using a network of in-house collectors who contacted consumers through multiple letters and phone calls, and used law firms to take consumers to court. An investigation revealed that the company “routinely pursued consumers with only exempt sources of income such as social security, social security disability, and supplemental security income,” and that consumers who informed the company of their reliance on such income “were pressured by the company to pay money they should have been entitled to keep.” Among other things, the AG’s office claimed that the company also (i) collected on debts it could not substantiate; (ii) failed to verify whether the consumer information it reported to credit reporting agencies was accurate; (iii) ignored the statute of limitations when collecting debt; and (iv) failed to notify consumers of their rights to request proof of a debt and to provide proof of a debt upon request. In addition to the $4 million payment, the company has agreed to stop collecting from consumers using only exempt income, will obtain documentation that debts are valid before collecting, will inform consumers when debt is beyond the statute of limitations, and will refrain from calling consumers more than twice in a seven-day period. The company also agreed to stop reporting debts it cannot substantiate to credit reporting agencies and to investigate consumer credit report accuracy disputes.
CFPB argues private class action settlement interferes with its CFPA enforcement authority
On November 6, the CFPB filed an amicus brief with the Court of Appeals of Maryland in a case challenging a private class action settlement against a structured settlement company, which purports to “release the Bureau’s claims in a pending federal action, to enjoin class members from receiving benefits from the Bureau’s lawsuit, and to assign any benefits the Bureau might obtain for class members to the class-action defendants.” As previously covered by InfoBytes, in 2017, the U.S. District Court for the District of Maryland allowed a UDAAP claim brought by the CFPB to move forward against the same structured settlement company, where the Bureau alleged the company employed abusive practices when purchasing structured settlements from consumers in exchange for lump-sum payments. A similar action was also brought by the Maryland attorney general against the company. In addition to the state and federal enforcement actions, the plaintiffs filed a private class action against the company, and a trial court approved a settlement. The Court of Special Appeals reversed the lower court’s approval of the settlement, concluding that it “interferes with the [state’s] and Bureau’s enforcement authority.” The company appealed.
In its brief to the Maryland Court of Appeals, the Bureau argues that the Court of Special Appeals decision should be affirmed because the settlement provisions “threaten to interfere with the Bureau’s authority under the [Consumer Financial Protection Act] in two significant ways.” Specifically, the Bureau argues that the settlement (i) could interfere with the Bureau’s statutory mandate to remediate consumers harmed through the Civil Penalty Fund; and (ii) would interfere with the Bureau’s authority to use restitution to remediate consumer harm. The Bureau states that “the risk of windfalls to such wrongdoers could force the Bureau to decline to award Fund payments to victims,” and would “threaten to offend basic principles of equity.”
Michigan AG sues online tribal lender
On October 31, the Michigan attorney general announced it filed a lawsuit against an online lender alleging the lender violated the CFPA and Michigan law by allegedly offering usurious loans in an “unfair, deceptive, and abusive manner” with interest rates between 388 percent and 1,505 percent. The complaint alleges that the online lender is using its affiliation with a federally recognized Indian tribe located in California to circumvent Michigan’s interest rate cap, but, “is not an arm of the tribe and therefore is not entitled to assert tribal sovereign immunity from suit.” Moreover, the complaint argues that because the lender offers loans to Michigan residents, it is operating outside of tribal boundaries and, therefore, is subject to any and all applicable state and federal laws. In addition to usurious interest rates, the complaint alleges the lender misrepresented contract terms, including various rates and fees, and refused to let consumers pay off loans early. The attorney general is seeking declaratory and injunctive relief to prevent the lender from “providing usurious loans in Michigan in the future.” Notably, this is Michigan’s first-ever lawsuit alleging violations of the CFPA.
Regulators tackle company offering relief from student loans
On October 30, the CFPB, along with the Minnesota and North Carolina attorneys general, and the Los Angeles City Attorney (together, the “states”), announced an action against a student loan debt relief operation for allegedly deceiving thousands of student-loan borrowers and charging more than $71 million in unlawful advance fees. In the complaint filed October 21 and unsealed on October 29 in the U.S. District Court for the Central District of California, the Bureau and the states alleged that since at least 2015 the defendants have violated the Consumer Financial Protection Act, the Telemarketing Sales Rule, and various state laws by charging and collecting improper advance fees from student loan borrowers prior to providing assistance and receiving payments on the adjusted loans. In addition, the Bureau and the states claim the defendants engaged in deceptive practices by misrepresenting (i) the purpose and application of fees they charged; (ii) their ability to obtain loan forgiveness; and (iii) their ability to actually lower borrowers’ monthly payments. The defendants also allegedly failed to inform borrowers that they automatically requested that the loans be placed in forbearance and submitted false information to student loan servicers to qualify borrowers for lower payments. The complaint seeks injunctive relief, as well as damages, restitution, disgorgement, and civil money penalties.
On November 15, the court entered a preliminary injunction enjoining the alleged violations of law in the complaint, continuing the asset freeze, and appointing a receiver against the defendants.