InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
State AGs Sue Department of Education for Withholding Promised Student Loan Debt Relief
On December 14, state attorneys general from California, Massachusetts, Illinois, and New York, filed lawsuits (see here and here) against the U.S. Department of Education (Department) in federal courts in California and Washington, D.C., accusing the Department of withholding student loan debt relief to tens of thousands of borrowers determined to have been defrauded by a now-defunct chain of for-profit colleges. According to the complaints, the Department promised borrowers expedited discharges of their federal student loans, reimbursements of previously paid amounts, and, according to the California complaint, “streamlined review procedures” to quickly process relief. However, the attorneys general made a variety of claims, including asserting that the Department has (i) since January 20, 2017, delayed approval of all pending borrower-defense claims; (ii) pursued unlawful debt-collection actions against borrowers, such as seizing students’ tax refunds and garnishing their wages in violation of the Administrative Procedure Act; and (iii) failed to justify the “disparate and unequal treatment of similarly situated claimants.” In addition to a request that the court vacate denials of covered borrower-defense claims, the attorneys general seek, among other things, that the Department (i) resume discharging the loans of affected borrowers; (ii) cease the alleged unlawful collections; and (iii) according to the Massachusetts, Illinois, and New York lawsuit, provide ancillary relief “including refunding amounts already seized from . . . borrowers pursuant to the unlawful certification for offset or administrative wage garnishment.”
The lawsuits follow other challenges and proposals of state attorneys general to the Department related to its oversight of federal student loans (see previous InfoBytes coverage here, here, and here).
Seventeen State AGs Express Mulvaney Concerns to Trump and Emphasize AG Consumer Protection Authority
On December 12, seventeen state attorneys general sent a letter to President Trump expressing concern about OMB Director Mulvaney leading the CFPB. The AGs emphasize Mulvaney’s past criticisms of the Bureau as evidence that Mulvaney should be disqualified from the position, even in the acting capacity. Notably, the AGs stress their statutory authority to enforce state and federal consumer protection laws, noting they “will continue to enforce those laws vigorously regardless of changes to CFPB’s leadership or agenda.” They go on to state that if the CFPB does not do the job, the states will “redouble our efforts at the state level to root out such misconduct and hold those responsible to account.”
The letter, led by New York AG Eric Schneiderman, was signed by the following state AGs: California, Connecticut, District of Columbia, Hawaii, Illinois, Iowa, Maine, Maryland, Massachusetts, Minnesota, New Mexico, North Carolina, Oregon, Vermont, Virginia, and Washington State.
Virginia AG Announces Settlement With Internet Lender Over Licensing Claims and Origination Fees
On November 30, Virginia Attorney General Mark R. Herring announced a settlement with a Chicago-based “open-end credit plan internet lender” to resolve alleged violations of the Virginia Consumer Protection Act (VCPA). Specifically, the Attorney General’s Office alleged that the lender misrepresented that it was licensed to conduct lending activity in Virginia and charged unlawful origination fees during a statutorily required grace period. According to a press release issued by the Attorney General’s office, the settlement requires the lender to provide more than $3 million of refunds and interest forgiveness to borrowers, and pay the state $30,000 in civil money penalties, costs, and fees. The settlement also contains a permanent injunction that prohibits the lender from misrepresenting its status as a licensed Virginia lender and violating the VCPA.
Ride-Sharing Company Announces Data Breach; State Attorneys General Launch Investigations
On November 21, a ride-sharing company disclosed via press release a 2016 data breach that exposed the personal data of 57 million riders and drivers. According to the company, an outside forensic investigation revealed that in October 2016 hackers obtained approximately 600,000 driver names and license numbers, along with rider names, email addresses, and mobile phone numbers. The company claimed that hackers did not obtain driver or passenger social security, credit card, bank account, birth date, or trip location information. Though the company stated that it has taken action to address the delay in notifying affected individuals and regulators, lawsuits filed by the State of Washington and the City of Chicago claim that the company capitulated to hackers’ demands and “paid the hackers to delete the consumer data and keep quiet about the breach.”
According to a letter from the company to the Washington attorney general attached to the state’s complaint, the company “is taking personnel actions with respect to some of those involved in the handling of the incident.” The company further stated that it has “implemented and will implement further technical security measures, including improvements related to both access controls and encryption.”
According to sources, three separate class action lawsuits have been filed against the company as a result of the 2016 breach (see here, here, and here) and five attorneys general (New York, Illinois, Connecticut, Massachusetts, and Missouri) have launched investigations.
The 2016 data breach follows a settlement in January of that year with the New York Attorney General related to allegations that the company failed to promptly disclose a 2014 data breach. The 2014 data breach involved an alleged failure to prevent unauthorized access to the company’s consumer and driver data maintained on a third-party cloud service provider. As previously reported in InfoBytes in August, the company reached a settlement with the FTC related to the 2014 data breach; however, that settlement was entered into before the company disclosed the existence of the 2016 breach.
In a related development, on November 27, the U.S. District Court for the Northern District of California dismissed without prejudice a putative class action lawsuit against the company related to the 2014 data breach. The court held that the driver’s name, license number, and limited banking information disclosed in the breach was not the type of personally identifiable information that could expose plaintiffs to the risk of identity theft. Accordingly, the court dismissed the case for lack of Article III standing. The court also granted plaintiffs a final opportunity to amend their complaint to address the standing deficiencies.
Missouri AG Announces Investigation Into Tech Company’s Privacy Policies and Use of Consumer Data
On November 13, Missouri Attorney General Joshua Hawley announced that his office has issued a civil investigative demand (CID) to a major California-based technology company as part of an investigation into suspected violations of the Missouri Merchandising Practices Act and the state’s antitrust laws. The investigation is focused on certain business practices, including, with respect to privacy issues, the company’s collection, use, retention, storage, sale, and dissemination of information and data about its users and their online activities. The CID requests documents and communications related to, among other things, (i) the company’s privacy policies; (ii) the collection and sharing of data that constitutes “personal information” related to the company’s users; (iii) disclosures concerning the collection of consumers’ credit or debit card transactions; (iv) data the company discloses or shares with third parties, and the identification of third-party partners; and (v) how the company tracks users’ online activities. The company has until January 22, 2018 to comply.
Illinois AG and FTC Reach $9 Million Settlement With Phantom Debt Collector
On October 31, Illinois Attorney General Lisa Madigan and the Federal Trade Commission (FTC) announced settlements with three operators of a fake debt collection scheme in Chicago. According to the Attorney General’s office, the three individuals and associated companies identified people who had recently applied for or received a short-term loan and then posed as a law firm to collect on the debt. The companies also sold fictitious loan debt portfolios to other debt buyers, who then attempted to collect on the fake debts. The settlements require the operators to surrender at least $9 million in assets (which will be used to refund impacted consumers) and, among other things, ban them from the debt collection business and from selling debt portfolios.
Alabama AG Announces Permanent Injunction Against Credit Repair Company
On October 30, Alabama Attorney General Steve Marshall announced that a state court granted a permanent injunction against a credit repair company and its owner/operators for allegedly engaging in deceptive and illegal credit repair practices. According to the Office of the Attorney General, defendants allegedly (i) used deceptive advertising that guaranteed improved credit scores and made various false promises; (ii) charged consumers before services were completed or charged rates different from those that were advertised; (iii) failed to allow consumers to cancel the service within three days as required by federal law governing credit repair businesses; and (iv) indiscriminately disputed negative credit report items--a practice known as “jamming”—to create the illusion of improved credit and a temporary rise in credit score. The order permanently closes the company, bans the defendants from engaging in any credit repair or consumer finance activity, and prohibits defendants from owning or managing any business in Alabama or involving Alabama consumers.
New York AG, Credit Card Servicer Enter Into Agreement to Refund Credit Card Fees
On October 30, New York Attorney General Eric T. Schneiderman announced an agreement with a credit card servicer and marketer to resolve allegations that the servicer failed to disclose upfront fees in its direct mail marketing materials. According to Attorney General’s office, the servicer failed to disclose a $125 “off-the-top first year fee” for a low-limit card product, which effectively reduced the card’s credit limit from $500 to $375. Under the terms of the agreement, the servicer is required to improve the disclosures in its direct mail marketing and issue refunds of the $125 fee to affected New York consumers.
Virginia AG Announces Settlement With Internet Lender Over Licensing Claims and Excessive Interest
On October 25, Virginia Attorney General Mark R. Herring announced a settlement with a Nevada-based internet lender to resolve allegations that the lender violated the Virginia Consumer Protection Act by misrepresenting it was licensed by the state’s Bureau of Financial Institutions and collecting interest exceeding the state’s general usury limit. According to a press release issued by the Attorney General’s office, the settlement requires the lender to provide refunds and interest forgiveness of more than $265,000 to borrowers, and pay the state $50,000 in civil money penalties, costs, and fees. A permanent injunction also prohibits the lender from, among other things, misrepresenting its licensing status and collecting interest exceeding the amount allowed by the state’s general usury statute.
State Attorneys General Announce $220 Million Settlement With German Bank for Allegedly Artificially Manipulating LIBOR Interest Rates
On October 25, New York Attorney General Eric T. Schneiderman announced, in coordination with 44 other state attorneys general, a $220 million settlement with a German bank (bank) to resolve allegations that the bank manipulated the U.S. Dollar London InterBank Offered Rate (LIBOR) and other benchmark interest rates and defrauded government and non-profit entities across the nation. The settlement is the second related to alleged LIBOR manipulations brought by state attorneys general, and is more than twice the amount announced last year with a London-based financial institution and related international investment bank. (See previous InfoBytes summary here.) According to AG Schneiderman, the multi-state investigation revealed that from 2005 to 2010, the bank failed to disclose to “affected governmental and not-for-profit counterparties” that (i) it had made false LIBOR submissions inflating borrowing costs linked to the London and U.S. dollar interbank offered rates; (ii) bank traders tried to influence other banks’ LIBOR submitters to make rate alterations in order to benefit their own trading positions; and (iii) the bank was cognizant of the fact that other banks manipulated LIBOR submissions and that “LIBOR was a false rate.” Under the terms of the settlement, affected entities will be eligible to receive a portion of the settlement fund, with the remainder to be used for investigation expenses and other purposes.