InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Arkansas law stiffens criminal penalties for spoofing, robocalls
On April 4, the Arkansas governor signed SB 514, which establishes a process for state regulation of telecommunications service providers and third-party spoofing providers, and stiffens criminal penalties for persons who engage in illegal robocalling and spoofing practices. The act reclassifies “spoofing”—defined in the act as “displaying fictitious or misleading names or telephone numbers—and illegal robocalls as Class D felonies. Arkansas law previously classified these actions as misdemeanors. The act requires telecommunications providers to report, on an annual basis, to the Arkansas Public Service Commission, implemented measures for identifying and combating the illegal calls.
The Arkansas Attorney General issued a press release in which she noted that the legislation “reinforces how determined Arkansans are to stop these illegal calls and creates a path for enforcement to hold the bad actors accountable.” The act takes effect 90 days after adjournment of the legislature.
Arizona modifies its Regulatory Sandbox Program
On April 1, the Arizona governor signed HB 2177, which modifies the state’s Regulatory Sandbox Program (RSP). As previously covered by InfoBytes, in March 2018, Arizona became the first state to create a regulatory sandbox for companies to test innovative financial products or services without certain regulatory requirements. The bill clarifies the RSP to allow participants to temporarily test an innovation “with respect to providing a financial product or service or a substantial component of a financial product or service,” as opposed to, an “innovative financial product or service.” Among other things, the bill also (i) removes the Arizona consumer residency requirement when participants test innovative money transmitter products, requiring only that the consumer have physical presence in the state at the time of the transaction; (ii) removes record keeping requirements for participants testing investment management products; and (iii) provides sole enforcement authority of state regulatory laws applicable to RSP participants to the state Attorney General. The bill is effective 91 days after the state’s legislative session ends.
Virginia requires breach of personal information notification
On March 18, the Virginia governor signed HB 2396, which amends the Code of Virginia and requires an individual or entity owning or licensing computerized data that includes personal information to disclose all data breaches without “unreasonable delay” to the Virginia Attorney General and any affected Commonwealth residents. Under HB 2396, “personal information” is defined as “the first name or first initial and last name in combination with and linked to any one or more of the following data elements that relate to a resident of the Commonwealth, when the data elements are neither encrypted nor redacted.” The list of data elements was amended to add passport numbers and military identification numbers to the previous list, which included social security numbers, driver’s license numbers, and financial account numbers or credit/debit card numbers combined with codes or passwords that would grant access to a consumer’s financial account. The amendment is effective July 1.
CFPB and NYAG defend Bureau’s constitutionality in 2nd Circuit
On March 15, the CFPB and the New York Attorney General (NYAG) filed opening briefs in the U.S. Court of Appeals for the 2nd Circuit in their appeal of the Southern District of New York’s (i) June 2018 ruling that the CFPB’s organizational structure, as defined by Title X of the Dodd-Frank Act, is unconstitutional; and (ii) the September 2018 order dismissing the NYAG’s claims under the Consumer Financial Protection Act (CFPA). As previously covered by InfoBytes, the Bureau and the NYAG filed a lawsuit in February 2017, alleging that a New Jersey-based finance company and its affiliates (defendants) engaged in deceptive and abusive acts by misleading first responders to the World Trade Center attack and NFL retirees with high-cost loans by mischaracterizing loans as assignments of future payment rights, thereby causing the consumers to repay far more than they received. After the defendants moved to dismiss the actions, the district court allowed the NYAG’s claims to proceed under the CFPA, even though it had dismissed the Bureau’s claims, but then reversed course. Specifically, in September 2018, the court concluded that the remedy for Title X’s constitutional defect (referring to the Bureau’s single-director structure, with a for-cause removal provision) is to invalidate Title X in its entirety, which therefore invalidates the NYAG’s statutory basis for bringing claims under the CFPA. (Covered by InfoBytes here.)
In its opening brief to the 2nd Circuit, the Bureau argues that the district court erred when it held that the for-cause removal provision of the single-director structure is unconstitutional. According to the Bureau, the single director “does not undermine the President’s oversight. If anything, the Bureau’s single-director structure enhances the President’s ‘ability to execute the laws…’” because the President can still remove the director for cause, which allows the director to be held responsible for her conduct. In the alternative, the CFPB argued that should the court find the for-cause removal provision unconstitutional, the proper remedy is to sever the provision from Title X in accordance with the statute’s severability clause and not hold the entire CFPA invalid.
In a separate brief, the NYAG makes similar constitutional and severability arguments as the Bureau, but also argues that even if the entirety of Title X were to be held invalid, the state law claims should survive under the federal Anti-Assignment Act.
Democratic AGs threaten legal action over proposed Payday Rule compliance delay
On March 18, a coalition of 25 Democratic state Attorneys General urged the CFPB not to delay the August 19, 2019 compliance date for any aspect of the Payday, Vehicle Title, and Certain High-Cost Installment Loans rule (Rule) and warned that they would consider taking legal action if the Bureau does so. (CFPB’s Notice of Proposed Rulemaking, which announced the proposed delay in the effective date, was covered by InfoBytes here.) The AGs assert that the Bureau did not provide enough legal justification for delaying the underwriting provisions until November 2020 because the 2017 Rule already provided affected lenders ample time to comply. Moreover, the AGs emphasize that the Bureau cannot use the related proposal of future rescission of the underwriting requirements as a justification for the compliance delay; the delay “must be justified on its own merits.” As for the merits of the Bureau’s justification, among other things, the AGs reject the Bureau’s conclusion that “it should not assign the weight that it did in the 2017 [Rule] to ‘the interest of enacting protections for consumers as soon as possible,’” arguing that diminishing the weight assigned to consumer protection is in opposition to the Bureau’s statutory mandate. The AGs also raise concern about the ambiguity in the compliance date for the payment-related provisions of the Rule and stress that the August 19, 2019 date should stay in effect because “lenders will have had 21 months to prepare.” The AGs conclude that they “will closely examine whether to take action to address any unlawful action by CFPB” should the proposed delay be finalized.
New Jersey AG sues used-car dealerships for predatory selling practices
On March 5, the New Jersey Attorney General's Office and Division of Consumer Affairs filed a lawsuit against two auto dealerships and their owner for allegedly targeting financially vulnerable consumers through the use of predatory sales and loan practices. According to a March 7 press release issued by the New Jersey AG, the defendants allegedly targeted consumers who were unable to qualify for credit at more traditional auto dealerships by offering in-house loans on used vehicles with inflated prices, high interest rates, and terms that presented a high risk of default. When the consumers were unable to make the required payments, the defendants allegedly reclaimed the vehicles and restarted the “sell, finance, and repossess” churning cycle. The AG claims that the defendants’ practices violated the New Jersey Consumer Fraud Act, the Used Car Lemon Law, and the state’s motor vehicle advertising regulations. The complaint asks the court to permanently shut down the defendants’ operations and permanently enjoin the owner from owning, managing, and/or operating any business that advertises and/or sells motor vehicles in the state. The complaint also seeks restitution, civil penalties, and attorneys’ fees.
FTC announces new action and proposed settlement in DOJ elder abuse sweep
On March 7, the FTC announced a new legal action and a final settlement issued against individuals and their operations for allegedly engaging in schemes that exploit elderly Americans. The actions are part of an enforcement sweep spearheaded by the DOJ in conjunction with, among others, the FBI, the FTC, Immigration and Customs Enforcement’s Homeland Security Investigations, and the Louisiana Attorney General, which—according to a press release issued the same day by the DOJ—is the largest-ever coordinated nationwide elder fraud sweep, involving multiple cases, over 260 defendants, and more than two million allegedly victimized U.S. Citizens, most of whom are elderly.
According to the FTC’s complaint, the company used deceptive tactics to convince consumers, the majority of whom were older, that their computers were infected with viruses in order to sell expensive and unnecessary computer repair services in violation of the FTC Act, the Telemarketing Sales Rule, and the Restore Online Shoppers’ Confidence Act. Specifically, the company allegedly used internet ads to target consumers looking for email password assistance and once they contacted the consumers, the telemarketers would run phony “diagnostic” tests that falsely showed the consumer’s computer was in danger and needed software and services to be fixed. On February 27, the U.S. District Court for the Southern District of Utah, granted a temporary restraining order against the company and its founder.
The FTC also announced a proposed settlement with a sweepstake operation that allegedly bilked consumers out of tens of millions of dollars through personalized mailers that falsely implied that the recipients had won or were likely to win a cash prize if they paid a fee. As previously covered by InfoBytes, the FTC announced the charges against the company in February 2018, alleging that consumers, most of whom were elderly, paid more than $110 million towards the scheme. The final settlement not only requires the operation to turn over $30 million in assets and cash to provide redress to the victims, but also permanently bans the operators from similar prize promotions in the future. The proposed settlement has not yet been approved by the court.
FTC Chairman Simons stresses collaboration with state AGs
On March 5, FTC Chairman Joseph Simons spoke at the National Association of Attorneys General (NAAG) Winter Meeting to advocate for increased collaboration with state Attorneys General. Noting that such collaboration is critical to the agency’s mission, Simons highlighted FTC consumer protection goals as well as several collaborative efforts, including joint task forces and investigation and enforcement initiatives.
State AGs support bipartisan bill to combat illegal robocalls
On March 5, Attorneys General from all 50 states, as well as from the District of Columbia, Guam, Puerto Rico, and the U.S. Virgin Islands, sent a letter to the Senate Committee on Commerce, Science, and Transportation supporting a recently introduced bipartisan bill to combat illegal robocalls. Among other things, S. 151, the Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), would: (i) grant the FCC three years to take action against robocall violations, instead of the current one-year window; (ii) authorize the agency to issue penalties of up to $10,000 per robocall; and (iii) require service providers to implement the FCC’s new call authentication framework. The AGs state that they “are encouraged that the TRACED Act prioritizes timely, industrywide implementation of call authentication protocols,” and note their support for an interagency working group that the bill would establish consisting of members from the DOJ, FCC, FTC, CFPB, other relevant federal agencies, state AGs, and non-federal stakeholders.
Illinois AG sues tax preparers for charging illegal fees
On March 5, the Illinois Attorney General announced a lawsuit against a Georgia-based tax preparation business and its Chicago operators alleging the defendants collected more than $1 million in undisclosed fees from consumers from their anticipated income tax refunds for unnecessary tax-related financial products. According to the press release, the Illinois AG alleges that the defendants advertised services to consumers promising, for a $350 fee, tax refunds double their normal size and free cash advances on anticipated refunds. However, the AG alleges the defendants instead extract high, undisclosed, and unauthorized fees from consumers’ refunds without their knowledge. The complaint asks the court to grant a temporary restraining order to shut down the defendants’ operations.