InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
Illinois AG sues tax preparers for charging illegal fees
On March 5, the Illinois Attorney General announced a lawsuit against a Georgia-based tax preparation business and its Chicago operators alleging the defendants collected more than $1 million in undisclosed fees from consumers from their anticipated income tax refunds for unnecessary tax-related financial products. According to the press release, the Illinois AG alleges that the defendants advertised services to consumers promising, for a $350 fee, tax refunds double their normal size and free cash advances on anticipated refunds. However, the AG alleges the defendants instead extract high, undisclosed, and unauthorized fees from consumers’ refunds without their knowledge. The complaint asks the court to grant a temporary restraining order to shut down the defendants’ operations.
California AG seeks to strengthen the California Consumer Privacy Act
On February 25, the California Attorney General announced a legislative proposal that would amend several aspects of the California Consumer Privacy Act (CCPA). The CCPA was originally enacted in June 2018 (covered by a Buckley Special Alert) and subsequently amended in September 2018 (covered by InfoBytes here). The CCPA, which carries an effective date of January 1, 2020, on most provisions, sets forth various requirements for businesses that collect, transfer, or sell a consumer’s personal information. Under SB 561, which was introduced on February 22, the law would be amended to (i) expand the right of California citizens to bring private legal actions, removing aspects of the law that provided exclusivity to the AG; (ii) remove provisions that would allow companies to request guidance from the California AG on how to comply with the law, instead allowing the AG to publish general guidance; and (iii) would allow enforcement actions to be brought immediately, removing the 30-day cure window.
Democratic AGs object to CFPB sandbox
On February 11, a coalition of 22 Democratic state Attorneys General responded to the CFPB’s proposed policy on No-Action Letters (NAL) and a new federal product sandbox, pushing back on the Bureau’s efforts to provide relief to financial institutions looking to implement new consumer financial products or services. (InfoBytes coverage on the proposal available here.) The Attorneys General argued that the Bureau “has no authority to issue such sweeping immunity absent formal rulemaking” and urged the Bureau to rescind the proposals, which the Bureau had stated were exempt from the notice and comment procedures of the Administrative Procedures Act.
In addition to challenging the Bureau’s authority to establish these policies, the Attorneys General asserted specific concerns with the NAL proposal, including (i) the fact that the proposed NAL policy would make NALs binding on the CFPB indefinitely; (ii) the streamlined application process and 60-day decision window, potentially causing the Bureau to render hasty, uninformed decisions; and (iii) the proposed NAL policy’s purported deviations from the policies of other federal agencies, such as the SEC.
As for the new product sandbox, the Attorneys General viewed the proposed policy as “even more troubling” than the NAL proposal, as it provides immunity from “enforcement actions by any Federal or State authorities, as well as from lawsuits brought by private parties.” The Attorneys General rejected the Bureau’s contention that the statutory safe harbors in TILA, ECOA, and the EFTA grant the authority to provide the broad enforcement relief and accused the Bureau of “abandoning its critical role in monitoring the risk that new and emergency technologies post to consumers in the financial marketplace.”
State AGs urge FTC to update identity theft rules
On February 11, a bipartisan group of 29 state Attorneys General, the District of Columbia Attorney General, and an official from the Hawaii Office of Consumer Protection, responded to the FTC’s request for comment on whether the agency should make changes to its identity theft detection rules (the Red Flags Rule and the Card Issuers Rule), which require financial institutions and creditors to take certain actions to detect signs of identity theft affecting their customers. (Covered by InfoBytes here.)
In their response, the Attorneys General urge the FTC not to repeal the Rules, arguing that it “would place consumers at greater risk of identity theft, especially consumers in states that have not enacted” laws that complement the Rules. Instead, the response letter requests the FTC modify the Rules to “ensure their continued relevance” and “keep pace with the ingenuity of identity thieves.” The suggestions include: (i) that notices of changes to email addresses and cell phone numbers be sent to both the prior and updated addresses and phone numbers, an expansion of the current use of mailing addresses; (ii) the encouragement of more current forms of authentication, including multi-factor authentication, to replace examples which imply that knowledge-based authentication by itself is sufficient; and (iii) the addition of new suspicious activity examples related to the use of an account, such as a covered account accessed by unknown devices or IP addresses, an unauthorized user unsuccessfully trying to guess account passwords through multiple attempts, and attempts by foreign IP addresses to access multiple accounts in a close period of time.
Bank settles ride-sharing overdraft suit for $22 million
On January 31, the U.S. District Court for the Southern District of New York granted final approval and class certification to a $22 million settlement resolving class action allegations that a national bank improperly charged overdraft fees on “one-time, non-recurring” transactions made with a ride-sharing company. The court found that the bank mischaracterized these one-time charges as recurring transactions, which allowed the bank to charge overdraft fees of $35. Prior to the court’s approval of the settlement, 12 state Attorneys General sent a letter to the court arguing that the agreement’s release of liability to the ride-sharing company was inequitable. The court found, however, that the release “does not compromise the fairness, reasonableness, and adequacy of the settlement,” where, among other things, plaintiffs’ counsel investigated the viability of claims against the ride-sharing company and concluded that litigation against the company could present problems for the proposed class and for individual recovery. The $22 million settlement constitutes 80 percent of all revenues charged by the bank as a result of the overdraft fees. The court also approved $5.5 million in attorneys’ fees and $50,000 in costs.
Florida Attorney General settles with car rental company for misleading fee disclosures
On January 22, the Florida Attorney General announced a settlement with a car rental automotive group resolving allegations the company did not adequately disclose add-on fees for cashless tolls and other related add-on charges. According to the settlement, the Attorney General launched an investigation after receiving consumer complaints alleging the company did not clearly disclose that consumers would be charged $15 per cashless toll, in addition to the actual toll fees. Additionally, consumers who opted into an add-on product that would allow them to go through cashless tolls without penalty alleged the company misled them regarding that product’s fees. The settlement requires the company to (i) clearly and conspicuously disclose all fees regarding cashless tolls or associated products within written agreements; (ii) provide clear disclosures regarding fees on their website, online reservation system, confirmation emails and at the rental counters; (iii) refund fees paid for tolls or the associated add-on product to consumers who were charged between January 1, 2011 and January 7, 2019, and who submit claim forms; and (iv) provide accurate disclosures on damage waivers. The settlement also prohibits the company from charging consumers for a higher car class when the car class reserved by a consumer is unavailable.
State Attorneys General weigh in on small-dollar lending RFI
On January 22, a coalition of 14 state Attorneys General submitted a comment letter responding to the FDIC’s Request for Information (RFI) on small-dollar lending. (See previous InfoBytes coverage on the RFI here.) According to the letter, while the coalition welcomes the FDIC’s interest in encouraging FDIC-supervised financial institutions to offer responsibly underwritten and prudently structured small-dollar credit products that are economically viable and address consumer credit needs, the coalition simultaneously raises several legal risks affecting state-chartered banks seeking to enter this space.
- Banks face challenges when entering into relationships with “fringe lenders,” specifically with respect to the potential evasion of state restrictions related to state usury laws, “rent-a-bank” lending, and tribal sovereign immunity. The coalition recommends that the FDIC discourage banks from entering into such relationships.
- State-chartered banks are still subject to state unfair or deceptive acts or practices laws and state-law unconscionability claims. The coalition recommends that the FDIC encourage banks to evaluate consumers’ ability to repay, factoring in conditions such as consumers’ monthly expenses, their ability to repay a loan’s entire balance without re-borrowing, and their “capacity to absorb an unanticipated financial event. . .and, nonetheless, still be able to meet the payments as they become due.” The coalition recommends that the FDIC include the factors banks should consider before extending small-dollar loans to consumers in any guidance that it issues.
Retailer settles multistate data breach investigation for $1.5 million
On January 8, a national retailer reached a $1.5 million multistate settlement with 43 states and the District of Columbia to resolve an investigation following a 2013 data breach of customer payment card information. According to the Illinois Attorney General’s announcement, the retailer will implement provisions to prevent future breaches, such as (i) complying with Payment Card Industry Data Security Standard requirements; (ii) maintaining a system to collect and monitor network activity; (iii) updating software that maintains and safeguards personal information; and (iv) devaluing payment card information through the use of encryption and tokenization technology to obfuscate payment card data. The retailer must also retain a third-party professional responsible for conducting an information security assessment and report, as well as outlining corrective measures.
Fifteen states urge the 4th Circuit against allowing non-tribal payday lenders to receive tribal immunity
On December 27, 2018, fifteen state Attorneys General filed an amici brief with the U.S. Court of Appeals for the 4th Circuit opposing the use of structures in which non-tribal payday lenders affiliate with tribal lenders to benefit from their tribal immunity and avoid state usury caps. The brief was filed in an appeal from a district court ruling, which held that a Michigan-based payday lender could not claim tribal immunity in a consumer class action because it could not prove it was an actual tribal entity. The Attorneys General argue that granting tribal immunity to non-tribal lenders would “bar enforcement of state consumer protection laws as well as, potentially, investigations into their activities.” The brief rejects the payday lender’s arguments that the plaintiff should bear the burden of negating “arm-of-the-tribe immunity” and instead urges the court to place the burden on the entity seeking the immunity. Allowing a non-tribal entity to benefit from sovereign immunity without “rigorous demonstration”, the Attorneys General argue, “may well undermine the purpose for tribal immunity” and “would have serious consequences for States’ ability to protect consumers.”
The brief was filed by the District of Columbia and the States of Connecticut, Hawaii, Iowa, Illinois, Maine, Maryland, Massachusetts, Minnesota, New Jersey, New York, North Carolina, Pennsylvania, Vermont, and Virginia.
For-profit education company forgoes collection on almost $494 million in student loans
On January 3, an Illinois-based for-profit education company settled with 49 state attorneys general, agreeing to forgo collection of nearly $494 million in debts owed by almost 180,000 students nationally. According to the Illinois Attorney General’s announcement, after a seven-year investigation into the company’s practices, the participating states allege that, among other things, the company (i) deceived students about the total costs of enrollment; (ii) failed to adequately disclose that certain programs lacked programmatic accreditation, which would negatively affect a student’s ability to get a license or employment in that field; and (iii) misled prospective students about post-graduate job rates. Under the settlement, the company has agreed to forgo collection of debts owed by students who either attended a company institution that closed before Jan. 1, 2019, or whose final day of attendance at two participating online institutions occurred on or before Dec. 31, 2013. In addition to the debt relief, the settlement also requires the company to, among other things, reform its recruiting and enrollment practices, including providing students with a single page disclosure that covers the (i) anticipated total direct cost; (ii) median debt for completers; (iii) programmatic cohort default rate; (iv) program completion rate; (v) notice concerning transferability of credits; (vi) median earnings for completers; and (vii) the job placement rate.