Archives for January 2023

The U.S. Court of Appeals for the Ninth Circuit recently affirmed the trial court’s dismissal of a putative class action suit brought under the federal Telephone Consumer Protection Act because another panel of the Ninth Circuit had previously held that an autodialer must generate and dial random or sequential telephone numbers under the TCPA’s plain text.

A copy of the opinion in Colin Brickman v. Meta Platforms, Inc. is available at:  Link to Opinion.

The named plaintiff in this class action alleged that the defendant company violated the TCPA, 47 U.S.C. § 227, by sending unsolicited “Birthday Announcement” text messages to consumers’ cell phones; he alleged that these text messages were sent through an autodialer that used a “random or sequential number generator” (RSNG) to store and dial the telephone numbers of the consumers being texted. The plaintiff did not argue that the RSNG actually generated the consumers’ phone numbers, but that the RSNG was used to determine the order in which the phone numbers were stored and dialed.

The defendant disagreed with the plaintiff’s interpretation of the autodialer provision and argued that a TCPA-defined RSNG must actually generate the phone numbers in the first instance.

The trial court dismissed the class action suit with prejudice, and the plaintiff timely appealed.

As you recall, the TCPA generally bans calls made to a telephone if the call is generated by an “automated telephone dialing system,” commonly referred to as an “autodialer”. Id. § 227(b)(1)(A). The statute defines an autodialer as a piece of equipment with the capacity “to store or produce telephone numbers to be called, using a random or sequential number generator [an RSNG],” and “to dial such numbers.” Id. § 227(a)(1)(A).

The question on appeal was whether a TCPA-defined autodialer must use an RSNG to generate the telephone numbers that are dialed. 

During the Ninth Circuit’s deliberations, another panel of the Ninth Circuit decided Borden v. eFinancial, LLC, 53 F.4th 1230 (9th Cir. 2022), which held that “an [autodialer] must generate and dial random or sequential telephone numbers under the TCPA’s plain text.” Id. at 1231. Therefore, the Ninth Circuit here concluded that the defendant here also did not violate the TCPA because it did not use a TCPA-defined autodialer that randomly or sequentially generated the telephone numbers in question.

The plaintiff countered that Borden did not control the outcome here because he said that Borden addressed the “production” prong of §227(a)(1)(A), not the “storage” prong at issue here. But the Ninth Circuit observed that the Borden panel did not limit its holding to the “production” prong. Borden instead interpreted the definition of an autodialer in its entirety, finding that the text and context of the TCPA “make[] clear that the number in ‘number generator’ . . . means a telephone number.” Borden, 53 F.4th at 1233. This is true regardless of whether the numbers are stored or produced.

Thus, the Ninth Circuit affirmed the judgment of the trial court.

Judge VanDyke issued a concurring opinion recognizing that the Ninth Circuit was compelled to follow Borden’s precedent, but also disagreeing with the precedent because it concluded that the word “number” means the same thing in all instances where it appears in the TCPA’s definition of an autodialer. Specifically, Borden decided that a “random or sequential number generator” in the definition must mean a “random or sequential phone number generator” because the other times that the word “number” is used in the definition clearly refer to a phone number. Id. at 1233 

But Judge VanDyke reasoned that Borden’s interpretation of autodialer overlooks that the phrase “random or sequential number generator” has a known meaning as a computational tool which is not limited to generating phone numbers, as the Supreme Court of the United States acknowledged in Facebook, Inc. v. Duguid, 141 S. Ct. 1163, 1172 n.7 (2022). Specifically, in footnote 7, Duguid stated: “an autodialer might use a random number generator to determine the order in which to pick phone numbers from a preproduced list. It would then store those numbers to be dialed at a later time.” Id.

Furthermore, Judge VanDyke determined that to interpret the TCPA as Borden did removes any independent meaning for the word “store” in the clause “store or produce.” The judge noted that the interpretive quandary presented in Duguid was whether “using a random or sequential number generator” refers back to both “produce” and “store.” But the Supreme Court gave “store” an independent meaning from “produce” in Duguid, footnote 7, in that a random or sequential number generator might also be used to determine the “order in which to pick” preproduced telephone numbers “stored” in the RSNG, regardless of how they were generated.

Nevertheless, Judge VanDyke concluded that the Borden panel erroneously nullified the significance of the word “store” in the clause “store or produce,” by sneaking the term “produced” back into the relative clause, redefining an autodialer as equipment that can “store…telephone numbers to be called, [which are produced] using a random or sequential [telephone] number generator.” By removing any independent meaning for “store” from the TCPA’s definition of autodialer, Judge VanDyke stated that the Borden panel silently cut the legs out from under the Supreme Court of the United States’ interpretive rationale in Duguid.

ROSEVILLE, Minn — Frontline Asset Strategies recognizes that it has a presence in its offices and its communities. Frontline actively supports local charities and participates in events that create positive change in their neighborhoods, cities, and the global community around them. This year, as Frontline does every year, they donated to our favorite charitable organization—Marine Toys for Tots. 

“Toys for Tots is our favorite charity and one we support each and every holiday season,” says Tom Clement, Chief Sales Officer, and Partner at Frontline Asset Strategies. “Our team takes pride in all of our community involvement efforts throughout the year but each holiday season our donation to Toys for Tots helps children and families buy toys, spread joy, and bring light into the world, even for just a moment.” 

Toys for Tots 

Since 1947, Toys for Tots has been on the minds of millions of American families. An organization that has taken the country’s hearts, Toys for Tots has supported 281 million children and families to date and has distributed over 627 million toys. This 2022 holiday season marks the 75th anniversary of this incredible organization and to mark the event Toys for Tots has been holding dozens of events throughout the country including an Alaskan Toy Delivery for the first time in its history, a Hollywood Christmas Parade, a celebratory parachute jump, and much more. 

With over 800 individual Toys for Tots communities throughout the 50 states and U.S. territories, Toys for Tots is one of the largest charitable organizations in the country. 

A Culture of Change

The Frontline team has been growing its budding culture and is off to a strong start. Frontline Asset Strategies places emphasis on a positive, determined mindset focused on helping others not only in the office but in the community. The team is proud of its community involvement taking place among new friends and coworkers motivated to build on the strong foundation laid by FAST’s long-successful MN headquarters.

Frontline is rooted in its core values of finding the right people, building strong consumer-centric values, remaining an evolutionary organization, and focusing on the right tasks. These values help Frontline not only provide fair, transparent collection and recovery solutions through advanced technologies and positive experiences but also be a leader in the communities it serves. 

Learn More Online

To learn more about Marine Toys for Tots or to discover more of their 75th Anniversary events, please visit their website. To discover ways to donate your time, money, or toys, visit their donations page where you can participate in virtual toy boxes. 

To discover how Frontline Asset Strategies has positioned itself as a leader in its community, visit their About page on their website. 

About Marine Toys for Tots

The mission of the Marine Toys for Tots Foundation is to assist the U. S. Marine Corps in providing a tangible sign of hope to economically disadvantaged children at Christmas. This assistance includes providing day-to-day leadership and oversight of the Program, raising funds to provide toys to supplement the collections of local Toys for Tots Campaigns, providing promotional and support material, and defraying the costs of conducting annual Toys for Tots Campaigns. 

About Frontline Asset Strategies

Founded in 2008, Frontline Asset Strategies is a nationally licensed and bonded full-service collection agency specializing in accounts receivables management solutions that assist clients with maximizing the recovery of delinquent and non-performing accounts. The Frontline Asset Strategies team works with integrity and transparency to deliver positive consumer interactions that exceed expectations. They are headquartered in Roseville, MN with an additional location in Jacksonville, FL.

Recently, in Velez v. Absolute Resolutions Investments., LLC, the district court for the Northern District of Illinois confirmed the long-standing principle that not all communications sent from a debt collector to a debtor are governed by the Fair Debt Collection Practices Act (FDCPA). Instead, the communications must be in connection with the collection of a debt to fall within the statute’s purview.

As background, the defendants, Absolute Resolutions Investments, LLC (ARI) and Absolute Resolutions Corporation (ARC), were debt collectors who regularly worked together to collect consumer debts. ARI acquired a debt owed by the plaintiff. In February of 2021, the plaintiff’s attorney informed the defendants that the plaintiff was represented by counsel. Counsel sent a second letter in May of 2021 asking ARI to stop collection and reporting of the debt because the plaintiff had been affected by the COVID-19 crisis. In response, ARI suspended collection of the account and opened an investigation.

On June 17, 2021, ARC, acting as records custodian for ARI, sent a letter directly to the plaintiff rather than his attorney. The letter indicated that the defendants needed additional time to investigate the plaintiff’s dispute of the credit reporting of his account and that they would request the consumer reporting agencies to delete the reporting while the investigation was in progress. Based on this letter, the plaintiff filed suit alleging the defendants violated FDCPA § 1692c(a)(2), which prohibits debt collectors from communicating with a consumer in connection with the collection of any debt “if the debt collector knows the consumer is represented by an attorney with respect to such debt.”

The defendants moved for summary judgment, arguing that the plaintiff had not suffered an injury-in-fact sufficient to confer standing under Article III of the Constitution. The court noted that stress and annoyance alone do not amount to “concrete harm for standing purposes.” But the plaintiff alleged that the stress caused him financial harm because it prompted him to refuse freelance work that he ordinarily would have performed. The court held that was evidence of a tangible harm sufficient to confer standing.

However, the court also noted that the FDCPA does not apply to every communication between a debtor and a debt collector. Based on a “common sense inquiry” as to its purpose, the court found that the June 2021 letter did not amount to a communication in connection with the collection of a debt. Rather, the letter merely acknowledged the plaintiff’s dispute, stated that ARC would investigate, and told the plaintiff that ARC had asked the consumer reporting agencies to delete the credit reporting of the account. Because it found that the FDCPA did not apply to the letter, the Court granted summary judgment in favor of the defendants.

The CFPB has issued a proposed rule to establish a system for the registration of nonbanks subject to CFPB supervision that use “certain terms or conditions that seek to waive consumer rights or other legal protections or limit the ability of consumers to enforce their rights.”  Arbitration provisions are among the terms that would trigger registration.  The CFPB did not issue an Advance Notice of Proposed Rulemaking to seek public input before issuing the proposal.  Comments on the proposal must be filed by March 13, 2023 or 30 days after the date it is published in the Federal Register, whichever is later.

Ever since Rohit Chopra was sworn in more than a year ago as CFPB Director, consumer advocates have been lobbying him to ban the use of arbitration provisions (or at least class action waivers contained therein) in consumer financial services contracts.  Until now, he has wisely resisted that pressure because of the Congressional Review Act (CRA), which prohibits a federal agency from promulgating a regulation that is “substantially the same” as one that Congress has overridden in a CRA resolution.  On November 1, 2017, then President Trump signed into law a joint CRA resolution passed by the House and Senate overriding the CFPB’s final arbitration rule that (1) banned the use of class action waivers in arbitration provisions in consumer financial services contracts, and (2) required companies to report certain information about consumer financial services arbitrations involving such companies.  In the CFPB’s exhaustive report on the study it conducted before proposing the rule, the CFPB had concluded that the record did not support the promulgation of a rule that would ban arbitration altogether. 

Unfortunately, Directors Chopra has caved in to the constant pressure of consumer advocates to ban arbitration (or class action waivers contained therein) by proposing a registry for nonbanks supervised by the CFPB that would require reporting to the CFPB and public disclosure about their use of arbitration provisions (and class action waivers contained therein).  Director Chopra is undoubtedly hoping that companies will abandon the use of arbitration provisions (and class action waivers contained therein) rather than run the risk of, at worst, an enforcement action by the CFPB, or public shaming.  To put it bluntly, the CFPB is trying to accomplish its objective of eliminating arbitration through a back door approach.  To avoid the criticism it would face from the industry had the CFPB sought to adopt a new regulation that dealt only with arbitration provisions, the CFPB has broadened the scope of the proposed registry to include other contract provisions that the CFPB Director dislikes. 

In issuing the proposal, the Bureau relies on its authority under Consumer Financial Protection Act (CFPA) sections 1022(b) and (c) and 1024(b).  CFPA section 1022(b) authorizes the Bureau to prescribe rules “as may be necessary or appropriate to enable the Bureau to administer and carry out the purposes and objectives of the Federal consumer financial laws, and to prevent evasions thereof.”  CFPA section 1022(c) authorizes the Bureau to prescribe rules to collect information from covered persons for purposes of monitoring for risks to consumers in the offering or provision of consumer financial products or services, including “rules regarding registration requirements applicable to a covered person, other than an insured depository institution, insured credit union, or related person.”  Section 1022(c) also authorizes the Bureau to publicly release information obtained pursuant to section 1022, subject to limitations specified therein.  Finally, Section 1024(b) authorizes the Bureau to exercise supervisory authority over certain nonbank covered persons.

Key aspects of the proposal include the following:

Supervised registrants  

Unless covered by one of the proposal’s limited exclusions, any nonbank subject to CFPB supervision that uses “covered form contracts” containing a “covered term or condition” would be a “supervised registrant” required to register.  Among the proposal’s limited exclusions are exclusions for companies with less than $1 million in annual receipts and companies that engage in de minimis use of contracts containing covered terms and conditions.  Another exclusion applies to:

“A person that used covered terms or conditions in covered form contracts in the previous calendar year solely by entering into contracts for residential mortgages on a form made publicly available on the Internet required for insurance or guarantee by a Federal agency or purchase by the Federal National Mortgage Association, the Federal Home Loan Mortgage Corporation (or its successors), or the Government National Mortgage Association.  This exclusion does not apply if the person obtained a court or arbitrator decision in the previous calendar year on the enforceability of a covered term or condition in a covered form contract as described in [the rule].”

Nonbanks subject to CFPB supervision consist of:

• Regardless of its size, a provider of residential mortgage loans or certain related services, payday loans, or private education loans;

• A provider considered to be “a larger participant of a market for other consumer financial products or services;” and

• A nonbank as to which the CFPB has exercised its risk-based supervisory authority.

Covered terms or conditions.  

A “covered term or condition” is defined as any provision in “a covered form contract” that expressly purports to  establish “a covered limitation on consumer legal protections” applicable to the offering of or provision of a consumer financial product or service.  A “covered limitation on consumer legal protections” is defined as any covered term or condition (irrespective of legal validity or enforceability):

• Precluding the consumer from bringing a legal action after a certain period of time;

• Specifying a forum or venue where a consumer must bring a legal action in court;

• Limiting the ability of the consumer to file a legal action seeking relief for other consumers or to seek to participate in a legal action filed by others;

• Limiting liability to the consumer in a legal action including by capping the amount of recovery or type of remedy;

• Waiving a cause of legal action by the consumer, including by stating a person is not responsible to the consumer for a harm or violation of law;

• Limiting the ability of the consumer to make any written, oral, or pictorial review, assessment, complaint, or other similar analysis or statement concerning the offering or provision of consumer financial products or services by the supervised registrant;

• Waiving, whether by extinguishing or causing the consumer to relinquish or agree not to assert, any other identified consumer legal protection, including any specified right, defense, or protection afforded to the consumer under Constitutional law, a statute or regulation, or common law; or

• Requiring that a consumer bring any type of legal action in arbitration.

In its discussion of the proposal, the Bureau notes that if an arbitration agreement contains specific express waivers (such as a jury trial waiver), the waiver would trigger separate reporting. It also notes that in the context of auto finance agreements, if a limitation in the sale also purports to establish a covered limitation on legal protections the consumer may have, including recourse, against a finance company purchasing the associated retail installment contract, the limitation may also qualify as a covered term or condition.

Covered form contract

A “covered form contract” is defined as “a written agreement between a covered person and a consumer that was drafted before the transaction for use in multiple transactions and contains a covered term or condition.”  (While the Bureau’s press release announcing the proposal and Director Chopra’s statement about the proposal make numerous references to “non-negotiable” or “take it or leave it” contracts, the Bureau notes in its discussion of the proposal that it “is not proposing to expressly limit the definition of a covered form contract to contracts that do not reflect any negotiation.”)  A “supervised registrant” would be required to register if it “use[s] a covered term or condition,” which is defined as “entering into a covered form contract” or “obtaining a court or arbitrator decision ruling on the enforceability of a covered term or condition in a covered form contract.”  The proposal lists the circumstances under which a company is considered to “enter into” a covered form contract.  In addition to providing a new consumer financial product or service that is governed by a covered form contract, such circumstances include:

• Adding a covered form contract to a pre-existing consumer financial product or service, such as when a loan servicer or debt collector uses a covered form contract for a payment plan, a payment authorization, or a debt modification or settlement;

• Providing a new consumer financial product or service that is subject to a pre-existing covered form contract and the provider is a party to the contract; or

• Acquires or purchases a consumer financial product or service subject to a covered form contract even if the seller is not subject to CFPB supervision or a covered person, such as when a larger participant auto finance lender acquires a retail installment sales contract from an automobile dealer excluded from the Bureau’s supervisory authority. 

Registration requirement

Each calendar year, a supervised registrant would be required to provide “identifying” and “administrative” information to the Bureau, together with information about its use of covered terms and conditions in the previous calendar year.  Such information would include:

• The consumer financial products and services for which the registrant uses covered terms and conditions;

• Each state or jurisdiction in which the products or services are offered or provided;

• For each covered form contract entered into, various items of information that include each type of covered limitation on consumer legal protections and specified information for each type of limitation that varies with the nature of the limitation.  For example, for any limitation on liability to the consumer, waiver of a cause of action by the consumer, or limitation on consumer reviews, the registrant must provide the text of the limitation or waiver; and

• Whether, as a party to a legal action, the registrant obtained one or more court or arbitrator decisions regarding enforceability of a covered term or condition in a covered form contract and, if so, certain information relating to such decisions, included the type of covered term or condition involved in the decision and whether the decision enforced or declined to enforce the covered term or condition at issue.   

Despite the CFPB’s claim that it should be “straightforward in most cases” for a company to determine whether it must register, the proposal includes an option for a company to file a notice of non-registration.  A company using that option would be required to file a notice with the registration system stating that it is not registering “because it has a good faith basis to believe that it is not a supervised registrant, or that it is not registering terms or conditions contained in a contract that it uses because it has a good faith basis to believe that the contract is not a covered form contract or that the terms or conditions are not covered terms or conditions.  In its discussion of the proposal, the Bureau states that when a company makes a “non-frivolous filing,” it would not bring an enforcement action based on the company’s failure to comply with the registration requirement unless the Bureau first notified the company that it believed the company did qualify as a supervised registrant or that its contract terms or conditions are covered terms or conditions and has provided the company with a reasonable opportunity to comply.

The Bureau’s proposal has quickly drawn criticism as an attempt by the Bureau to both scare and shame companies that use covered terms and conditions, thereby placing pressure on companies to discontinue their use even if legally permissible.  The Bureau’s discussion of how the registry will facilitate its risk-based supervision of nonbanks seems to carry an implicit threat that companies that use covered terms and conditions are more likely to face heightened scrutiny.  According to the Bureau, the registry will inform its prioritization of which entities to examine.  As an example, the CFPB states “when covered terms and conditions violate anti-waiver and other legal prohibitions in Federal consumer financial law, the proposed registry could highlight where this may be a problem, potentially facilitating prioritization of supervisory action or, in some cases, potentially, enforcement action.”  Indeed, the Bureau expresses the view that “a company that uses an unlawful covered term or condition may have a poor compliance management system and thus may be more likely to violate Federal consumer financial law.”  And going a step further, the Bureau warns that “the existence of a covered term or condition in some circumstances may be indicative of a violation of law, since a company that would go to such lengths to include certain terms or conditions in its contracts may be acting in other ways to undermine the underlying rights addressed by the waivers or limitations.”  Moreover, the Bureau indicates that because use of covered terms and conditions would require a company subject to CFPB supervision to register, the registry would allow the CFPB to identify companies subject to its supervision of which it was previously unaware and which it could then examine.

The Bureau also suggests that the registry may drive business to companies that do not use covered terms and conditions (and therefore would not be registered).  It states that “companies that do not include covered terms and conditions in their contracts may consider using their absence from being required to register and other information in the registry from competitors to market their consumer financial products and services as potentially less risky for consumers.”

As we study the proposal in greater depth, an issue that will merit further consideration is whether the proposal is a proper exercise of the various authorities cited by the Bureau.  With regard to the proposal’s inclusion of arbitration provisions, we will also be looking at the proposal in light of the Bureau’s previously-issued final arbitration rule.  As we note above and as the Bureau acknowledges in its proposal, that rule was overturned by Congress under the CRA in late 2017.   The CRA provides that “a new rule may not be reissued in substantially the same form, and a new rule that is substantially the same as [the voided] rule may not be issued, unless the reissued or new rule is specifically authorized by a law enacted after the date of the joint resolution disapproving the original rule”  

The proposed rule requires reporting of arbitration awards and court orders enforcing or not enforcing the arbitration provision.  Moreover, the Bureau has requested comments on whether it should also require supervised registrants to submit information concerning other terms of the arbitration provision, including the identity of the arbitration administrator.  These  requirements appear to overlap, at least in part, with the Bureau’s disapproved final arbitration rule insofar as it required the submission of information concerning arbitration proceedings for publication on the Bureau’s website.  The Bureau has described the reporting function of the final rule as follows:

“The rule also makes the individual arbitration process more transparent by requiring companies to submit to the CFPB certain records, including initial claims and counterclaims, answers to these claims and counterclaims, and awards issued in arbitration.  The Bureau will collect correspondence companies receive from arbitration administrators regarding a company’s non-payment of arbitration fees and its failure to follow the arbitrator’s fairness standards.  Gathering these materials will enable the CFPB to better understand and monitor arbitration, including whether the process itself is fair.  The materials must be submitted with appropriate redactions of personal information. The Bureau intends to publish these redacted materials on its website beginning in July 2019.”

Close scrutiny is warranted to ensure that the Bureau is not starting down a path that would accomplish indirectly what Congress prevented it from doing directly when it disapproved the Bureau’s final arbitration rule, i.e., prohibit the enforcement of class action waivers in consumer arbitration agreements.  Throughout its proposal, the Bureau continues to assert its preference for class actions over arbitration, which it characterizes as a “contract term that limits enforcement of consumer rights.”  It laments that the “risks that class actions are not available … remain in particular after the Bureau’s 2017 rulemaking to address them was voided by a joint resolution of Congress signed by the President.”  And, it cites its 2015 empirical study of arbitration as support for its continuing belief that arbitration is inferior to class actions as a procedure for resolving consumer disputes.  Nevertheless, as we have observed on numerous occasions, the data contained in the Bureau’s own study show that individual arbitration is faster, less expensive and more beneficial financially to consumers than class action litigation. 

Unfortunately, while the Bureau touts its present proposal as an opportunity to educate consumers on the risks posed by arbitration provisions and other contract terms, it has not spent any resources educating consumers about the benefits of arbitration.  Congress obviously concluded that arbitration provisions are not unfair to consumers when it overturned the Bureau’s final rule.  Close attention must be paid to ensure that the Bureau does not thwart the will of Congress by characterizing arbitration provisions and class action waivers as being unfair to consumers and implicitly threatening companies with enforcement actions or public shaming if companies do not eliminate them from their consumer contracts

BUFFALO, NY – Huntington Debt Holding, a nationally licensed receivables management firm located in Buffalo, NY, recently donated to the SPCA Serving Erie County, the second-oldest humane society in the country. Huntington’s corporate values of integrity, security, and trustworthiness start with our unwavering dedication to our community, employees in the community, and the families that we help serve. 

A Commitment to the Animals

The Society for the Prevention of Cruelty to Animals (SPCA) began in England in 1824 and has evolved into an international organization dedicated to the safety and well-being of animals. The SPCA of Erie County began in 1867, just one year after the first American SPCA began in New York City. What started as an organization dedicated to helping the horses working along the Erie Canal, the SPCA of Erie County today has over 100 events per year helping house, treat, and care for animals of all kinds from dogs and cats to lizards and squirrels. 

As long-time members of the Erie County community, we believe it is important to reciprocate the valuable work the SPCA does for our area and help in any way possible not only as a sign of good faith for the community but also for our employees who have deeply loved family pets. Huntington has long been focused on providing the best possible customer experience for our clients and that is only possible through a strong company culture founded on transparency, community involvement, and honesty. 

Ways to Help

The SPCA Serving Erie County has thousands of ways to help. With our help, and the help of countless other volunteers in the Erie County community, the SPCA is able to put on special events that support the animals like adoption events, raffles, and park meet and greets. For those who have conflicting schedules, the SPCA also has dozens of ways to donate or volunteer your time through adoption programs, donation sponsorships, or even foster care programs. 

Huntington Debt Holding is proud to be a trusted partner to some of the nation’s largest credit issuers and Erie County’s largest animal welfare organization. Being involved with national clients, local charity organizations, and our employees have helped make us a better place to work and a more trusted partner. 

To donate to the SPCA Serving Erie County, visit their website and check out the dozens of ways to donate, volunteer, or provide support online. To learn more about how Huntington Debt Holding specializes in account recovery strategies, visit Huntington’s website. 

About SPCA Serving Erie County

The SPCA Serving Erie County is a place for animals who, in their greatest time of need, have nowhere else to turn. We invite you to learn more about our organization and how you can help put an end to animal cruelty.12,000 animals are assisted annually by the SPCA Serving Erie County.

About Huntington Debt Holding

Huntington Debt Holding, LLC is a nationally licensed receivables management firm that specializes in the acquisition and management of non-performing accounts receivable portfolios and is proud to be a trusted partner to some of the nation’s largest issuers. Our team upholds the highest standards of compliance and integrity to provide a positive experience throughout every transaction. Huntington Debt Holding is located in Amherst, New York.

The upward trend in data privacy legislation continued in 2022. According to the National Conference of State Legislatures, “[a]t least 35 states and the District of Columbia in 2022 introduced or considered almost 200 consumer privacy bills,” which is a significant increase from 160 bills in 2021. 

Many of these bills were limited in scope, relating to, for example, biometric, genetic and geolocation data, data brokers, and internet service providers.

State Comprehensive Consumer Data Privacy Legislation – By The Numbers

Twenty-eight states introduced a total of 54 comprehensive consumer data privacy bills in 2022. This is legislation that restricts the use of personal information and conveys certain rights to consumers, similar to the California Consumer Privacy Act, Virginia Consumer Data Protection Act, Colorado Privacy Act, Utah Consumer Privacy Act and Connecticut Data Privacy Act.

Some of the key provisions that are commonly tracked include consumer rights, exemptions and exclusions from coverage, contractual and security standards, and whether there is a private right of action. The following chart shows the prevalence of those provisions in the 2022 legislation.

Federal Comprehensive Consumer
Data Privacy Legislation

The American Data Privacy and Protection Act, H.R.8152, was introduced on June 21, 2022.  Similar to the state laws, the ADPPA gives consumers the right to access, correct, delete, and export covered data, and to opt out of certain transfers of covered data. The legislation reflects bipartisan compromise, generally preempting state laws that are covered by provisions of the ADPPA and providing a private right of action beginning four years after enactment. It appears doubtful this legislation will move during the remainder of the current Congress, but it is likely this, or similar legislation will be considered in the upcoming session.

New State Comprehensive Consumer Data Privacy Laws

The Utah Consumer Privacy Act was signed into law on March 24, 2022, and not long after, on May 10, the Connecticut Data Privacy Act became law.  They become effective Dec. 31, 2023, and July 1, 2023, respectively.

Although there are some differences worthy of attention, these laws are very similar to those enacted in Virginia and Colorado and include:

• Right to access
• Right to correct (Connecticut only)
• Right to delete
• Right to obtain
• Right to opt out of processing
• Right to appeal a refused request
• Data and Entity-level Gramm-Leach-Bliley Act exemptions
• Requirements for contracts between controllers and processors
• Risk assessments for processing certain data (Connecticut only)
• No private right of action

There are limitations that apply to consumers’ rights as well as exceptions to complying with their requests, and these laws are generally perceived as industry friendly.

Amended State Data Breach Notification Laws

Indiana H.B. 1351 went into effect July 1, 2022, and now specifies a timeframe of 45 days from the discovery of a breach to make the required disclosure.

Arizona H.B. 2146 went into effect July 22, 2022, and now requires a notification to the Arizona Department of Homeland Security in the event of a breach that affects more than 1,000 individuals, in addition to the current requirement to notify the attorney general.

Maryland H.B. 962 became effective Oct. 1, 2022, and, in part, provides a more detailed definition of “genetic information, expands the “reasonable security” requirement beyond those who own or license personal information to those who maintain it, and specifies the content of a breach notification.

Pennsylvania S.B. 696 becomes effective May 2, 2023, and, among other things, expands the definition of “personal information” to include medical and health information, and a user name or e-mail address in combination login credentials.

State Rulemaking

California – The California Privacy Protection Agency continues its rulemaking focused primarily on the amendments to the CCPA by the California Consumer Privacy Rights Act. The most recent activity was a 15-day comment period on the modified text of the proposed regulations, which closed on Nov. 21, 2022

Colorado – The Colorado Department of Law issued proposed rules regarding the Colorado Privacy Act with a comment period open through Feb. 1, 2023.

New York – The New York Department of Financial Services issued proposed amendments to its Cybersecurity Regulations with a comment period open through Jan. 9, 2023.

Federal Rulemaking

FTC Advance Notice of Proposed Rulemaking – The FTC issued this ANPR on Commercial Surveillance and Data Security seeking input to shape potential rules that will “crack down on harmful commercial surveillance and lax data security.”  The focus of the ANPR overlaps in part with recent state consumer data privacy laws and federal regulation, but the definition of “commercial surveillance” is broad, referring to “the collection, aggregation, analysis, retention, transfer, or monetization of consumer data and the direct derivatives of that information.”  The ANPR includes 95 questions spread out among numerous topics. The comment period closed Oct. 21, 2022.

CFPB SBREFA Outline – The CFPB issued a Small Business Regulatory Enforcement Fairness Act Outline “to assess the impact on small entities that would be directly affected by the proposals under consideration prior to issuing a proposed rule regarding section 1033.”  Section 1033 (12 U.S.C. § 5333) of the Consumer Financial Protection Act, a/k/a, the Dodd-Frank Act, generally allows a consumer access to transactional information that a business holds related to products or services that were provided to the consumer. The comment period is open through Jan. 25, 2023.

Federal Guidance

CFPB Circular – The CFPB issued Circular 2022-04 to address this question: “Can entities violate the prohibition on unfair acts or practices in the Consumer Financial Protection Act (CFPA) when they have insufficient data protection or information security?”  Unsurprisingly, the answer was “yes.”  The CFPB provided three examples of conduct that could “increase the likelihood that an entity’s conduct triggers liability under the CFPA’s prohibition of unfair practices.”

1. The failure of a covered person or service provider to require MFA for its employees or offer multi-factor authentication as an option for consumers accessing systems and accounts.

2. The failure of a covered person or service provider to have adequate password management policies and practices.

3. The failure of a covered person or service provider to routinely update systems, software, and code (including those utilized by contractors) or fail to update them when notified of a critical vulnerability.

Important Dates in 2023

-January 1, 2023

California Consumer Privacy Act Amendments go into effect. The changes include, among many others:

• Sensitive Personal Information – This new subcategory of personal information includes, in part, social security numbers, driver’s license and other identification numbers, account or debit/credit card numbers in combination with login credentials, geolocation, racial or ethnic origins, religious or philosophical beliefs, etc. Consumers have enhanced rights with regard to sensitive personal information.

• New Consumer Rights – Consumers will now have the right to request correction of inaccurate information, and the right to opt out of the “sharing” of personal information. “Sharing” is limited to providing personal information “to a third party for cross-context behavioral advertising.”

• Notice at Collection – In addition to the current requirement to inform consumers “at or before the time of collection” of the categories of personal information to be collected and the purposes for which it will be used, the notice must also state whether the personal information is sold or shared, provide the same information for sensitive personal information, and state the length of time the categories of personal information and sensitive personal information will be retained, or the criteria that will be used to determine the period.

• Privacy Notice – Privacy notices will need to be updated to reflect, among other things, the new rights afforded consumers.

Virginia Consumer Data Protection Act goes into effect.

– May 2, 2023

Pennsylvania Data Breach Notification Law amendments go into effect.

– June 9, 2023

Gramm-Leach-Bliley Act Safeguards Rule – The Federal Trade Commission issued a final rule amending the Safeguards Rule on Dec. 9, 2021. Many of the changes became effective Jan. 10, 2022, but the effective date of some of the most important changes go into effect June 9, 2023, including:

• Designating a Qualified Individual to oversee the information security program
• Implementing specific risk assessment requirements
• Implementing specific safeguards to control risks
• Implementing continuous monitoring or periodic penetration testing and vulnerability assessments
• Implementing policies and procedures to ensure personnel are able to enact the information security program
• Performing periodic risk assessments of service providers
• Establishing a written incident response plan
• Preparing written reports, at least annually, by the Qualified Individual to the board of directors or equivalent governing body

– July 1, 2023

Colorado Privacy Act goes into effect.

Connecticut Data Privacy Act goes into effect.

– December 31, 2023

Utah Consumer Privacy Actgoes into effect.

Conclusion

With the prospect of a federal consumer data privacy law lagging, we expect that 2023 will continue to bring increased effort in this area by state legislatures and state and federal regulators. 

A recent opinion issued by the Tenth Circuit serves as further confirmation that plaintiffs bringing Fair Debt Collection Practices Act (FDCPA) claims in federal court must allege sufficient concrete injury — tangible or intangible — to confer Article III standing. The holding also underscores that FDCPA claims predicated on disclosure of debtor information to third parties must be public. A debt collector’s limited, private disclosure to its mailing vendor does not suffice.

The plaintiff’s allegations in Shields v. Professional Bureau of Collections of Maryland, Inc., focused on three letters she received from the defendant in July and August 2019 seeking payment on her outstanding student loan debt. Each letter contained the balance at the time the debt was assigned to the defendant as well as the balance owed as of the date of the mailing, the latter being substantially higher. According to the plaintiff, each of the letters failed to explain the differing amounts and failed to inform her that her debt could potentially increase due to fees, interest, and other charges. In addition to the allegedly misleading substance, the plaintiff claimed that the defendant’s disclosure of her debt to its mailing vendor violated FDCPA provisions prohibiting public disclosure of debtor information.

Based on these allegations, the plaintiff filed suit in the U.S. District Court for the District of Kansas in April 2020. The defendant moved to dismiss on the grounds that the complaint failed to allege concrete injury sufficient to confer Article III standing. In response, the plaintiff submitted a declaration attempting to bolster her allegations of harm and a proposed amended complaint alleging the same.

Treating the defendant’s motion as a facial challenge to subject matter jurisdiction, the district court refused to consider the supplemental declaration and dismissed the case without prejudice for lack of subject matter jurisdiction. The plaintiff moved for reconsideration and to reopen the case based on the allegations in her proposed amended complaint, which the district court denied. On appeal, the plaintiff argued that the defendant harmed her in two distinct ways sufficient to confer Article III standing: (1) by wrongfully disclosing her debt to its mailing vendor, and (2) by including misleading and/or confusing information as to the amount of debt owed. The Tenth Circuit rejected both arguments.

As to the plaintiff’s alleged “disclosure injury,” the Tenth Circuit, citing to Hunstein III discussed here, held that the limited disclosure of the plaintiff’s debt to a mailing vendor did not implicate the kind of intangible harm redressable at common law. While a debt collector’s “use of billboards to publicly shame a private citizen into paying his debt” would qualify as actionable public disclosure under the FDCPA, the plaintiff’s “alleged harm was that one private entity (and, presumably, some of its employees) knew of the debt.” The latter is “not the same kind of harm as public disclosure of private facts, which is concerned with highly offensive information being widely known.”

The plaintiff’s other claimed injury — her purported confusion as to the amount of debt owed — met a similar fate. First, because the defendant’s motion was construed as a facial challenge to subject matter jurisdiction — one based solely on the allegations in the pleadings — the appellate court held that the district court did not err in refusing to consider the plaintiff’s declaration in opposition. Confined to the allegations in the complaint, the Tenth Circuit determined that the plaintiff failed to allege that the letters “caused her to do anything.” Absent allegations of reliance, the appellate court held the plaintiff’s “confusion and misunderstanding . . . insufficient to confer standing” under the standard set by the Supreme Court in Transunion LLC v. Ramirez.

Troutman Pepper’s Take:

The Tenth Circuit’s opinion in Shields is one more nail in the coffin of mailer-vendor FDCPA claims, and further reinforces that aggrieved plaintiffs bringing suit in federal court under the FDCPA must allege concrete injury to meet Article III standing requirements.

LENEXA, Kan. — One True Holding Company d/b/a/ TrueML, a financial technology software company developing machine learning-driven products that enable intelligent, digital communication in the financial services space, today announced that Thomas Overton will join as Chief Technology Officer.

TrueML develops software using patented machine learning technology to create a digital-first process that aligns with consumer communication preferences. As a mission-driven company, TrueML aims to bring solutions to the marketplace that redefine how creditors and consumers engage in debt collection. 

TrueML’s mission is supported by data scientists, financial services industry experts and customer experience enthusiasts collectively building technology to serve people in a digital-first way by recognizing their unique needs and preferences as human beings and endeavoring toward ensuring nobody gets locked out of the financial system. 

“I am excited to join an organization driven to change the way an ages-old industry functions through digital innovation,” said Overton. “Technology is at the heart of TrueML and machine learning is a key aspect of the company’s overall growth strategy. The data scientists and engineers are incredibly talented and take the opportunity to produce a meaningful impact on the customer experience very seriously. I look forward to working with and empowering this team to deliver a world-class technology platform that gives consumers agency over their financial health.”

With 25 years of experience in the technology space and a background as a full stack engineer and architect, Overton brings a broad range of skills from leadership, operational excellence, and scalable architecture to data governance and regulatory compliance. Overton most recently served as CTO and acting CISO at Crunchyroll as part of Sony where he directed technology strategy, guided architectural design, and ensured secure and compliant operations for the company’s portfolio of cloud-hosted OTT, E-commerce, and game services. In 2018, he facilitated the acquisition of Crunchyroll by WarnerMedia, and in 2021 operated in a leading role to successfully complete Sony’s acquisition of Crunchyroll for ~$1.2 billion. Previously, Overton’s unique media and tech background led his path through systems engineering, data center build outs, color science, software development for B2B and B2C products, running an R&D division, and eventually leading product and engineering teams.

“At TrueML, we are building digital solutions to real problems, and the pace of innovation is high. We expect significant continued growth in 2023, and having experienced leadership for this focus area is critical to ensure that what we’re building is not only effective and sustainable, but also compliant and scalable,” said Steve Carlson, President of TrueML. “I’m confident that Thomas’ leadership and technical expertise will support our business goals and, as a result, our mission to deliver industry-leading software that will transform the experiences of millions more financially distressed consumers in the coming years.”

To learn more about TrueML, its subsidiaries and their products, visit www.TrueML.co, and follow on social media @TrueMLco.

About TrueML

TrueML is a software company developing machine learning-driven products that prioritize customer experience and revolutionize the experience of consumers seeking financial health. The mission-driven team of data scientists, financial services industry experts and customer experience fanatics are building technology to serve people in a way that recognizes their unique needs and preferences as human beings and endeavoring toward ensuring nobody gets locked out of the financial system. 

The CFPB has published its Fall 2022 rulemaking agenda as part of the Fall 2022 Unified Agenda of Federal Regulatory and Deregulatory Actions.  The agenda’s preamble indicates that “[t]he Bureau reasonably anticipates having the regulatory matters identified [in the agenda] under consideration during the period from December 1, 2022 to November 30, 2023.”

The new agenda includes 6 new active rulemakings that did not appear on the Spring 2022 agenda.  Perhaps some possible “good news” here is that Director Chopra is listening to calls for him to use notice-and-comment rulemaking (including revisions to Official Staff Commentaries) to further his priorities instead of relying primarily on supervision and enforcement as well as a potpourri of other methods that lack the transparency and predictability of rulemaking.  While the agenda does not include any “larger participant” rulemaking, the CFPB is currently considering petitions urging it to engage in rulemaking to define larger participants in the market for personal loans and in the market for data aggregation services.  Other potential areas of rulemaking not included in the agenda are buy-now-later, earned wage access, and liability for peer-to-peer payment fraud.

The six new agenda items are:

• Registration of nonbanks subject to certain enforcement orders.  In December 2022, the CFPB issued a notice of proposed rulemaking (NPRM) released a proposed rule that would require certain “covered nonbanks” to register with and submit information to the CFPB when they become subject to certain orders from local, state, or federal agencies and courts involving violations of certain consumer protection laws.  The Bureau provides no estimated dates for further action on the NPRM.

• Registration of nonbanks regarding standard form contract terms and conditions.  The agenda item indicates that the CFPB is developing a proposed rule that would require supervised nonbanks to register with the Bureau and provide information about their use of certain terms and conditions in standard-form contracts.  The proposed rule would be focused on collecting information on non-negotiable standard terms or terms that are not prominently advertised in marketing.  Based on media reports about remarks given by Director Chopra at a September 2022 event, it appears that “forced” arbitration provisions are among the types of non-negotiated consumer contract terms that the CFPB has in mind.  With the Bureau designating the rulemaking to be in the “proposed rule stage” and giving a December 2022 estimate for issuance of a NPRM, it would appear that issuance of a NPRM is imminent. 

• Overdraft fees.  The agenda item indicates that the CFPB is considering whether to propose amendments to the Regulation Z overdraft rules.  Although the CFPB has continued to make overdrafts a supervisory focus under Director Chopra and he has warned that overdraft practices can result in UDAAP violations, the CFPB has previously been silent on whether it planned to engage in rulemaking on overdrafts.  The Bureau designates the rulemaking to be in the “prerule stage” and estimates pre-rule activity in November 2023.  (In the preamble, the CFPB indicates that it uses the November 2023 date for further activity on prerule stage items as a placeholder.)

• Fees for insufficient funds.  The agenda item indicates that the Bureau is considering new rules regarding NSF fees (but notes that lately some financial institutions have stopped charging NSF fees.)  Like overdraft fees, the CFPB has continued to make NSF fees a focus under Director Chopra but has not previously indicated that it planned to engage in rulemaking on NSF fees.  The Bureau designates the rulemaking to be in the “prerule stage” and estimates pre-rule activity in November 2023. 

• Credit card penalty fees.  The agenda item indicates that the CFPB is considering whether to propose amendments to the Regulation Z rules on credit card penalty fees that implement the CARD Act, including the penalty fees safe harbors.  In June 2022, the CFPB issued an ANPR regarding credit card late fees.  As the CFPB gives a January 2023 estimate for issuance of an NPRM, it would appear that issuance of a proposed rule on credit card penalty fees is also imminent.  An annual inflation adjustment for 2023 to the Regulation Z credit card safe harbor amounts was conspicuously missing from the other annual TILA adjustments announced by the CFPB in late December (which, in our view, represented an inexcusable delay).  Because no adjustments for 2023 were announced, the 2022 safe harbor amounts remain in effect.  The CFPB’s addition of rulemaking on credit card penalty fees to the new agenda supports our suspicion that the CFPB’s delay in announcing the 2023 adjustments was tied to the ANPR.

• Fair Credit Reporting Act rulemaking.  The agenda item indicates only that the Bureau is considering whether to amend Regulation V (which implements portions of the FCRA).  The Bureau designates the rulemaking to be in the “prerule stage” and provides no estimated dates for further rulemaking action.  The CFPB’s press release earlier this week about its annual report on consumer complaints submitted to the CFPB regarding Equifax, Experian, and TransUnion includes a statement from Director Chopra indicating that the CFPB “will be exploring new rules to ensure that the [three companies] are following the law, rather than cutting corners to fuel their profit model.”  We are not aware of any other statements from Director Chopra that shed light on the nature of the new rules he has in mind.  The Bureau designates the FCRA rulemaking to be in the “prerule stage” and estimates pre-rule activity in November 2023. 

As the agenda correctly indicates, this is the first time that the two nonbank registration rulemakings and the credit card penalty fees rulemaking have been included in the CFPB’s rulemaking agenda (which means although now designated as “proposed rule stage” items, the two nonbank registration rulemakings were never included in prior agendas as a “prerule stage” item or a long-term action).  The agenda incorrectly indicates that this is the first time that an overdrafts rulemaking has been included in the CFPB’s rulemaking agenda.  An overdraft fees rulemaking was previously designated as a “prerule stage” item in the CFPB’s rulemaking agendas under former Director Cordray.  In the CFPB’s Spring 2018 rulemaking agenda issued under former Acting Director Mulvaney, it was designated as an “inactive” item.” 

The four agenda items that previously appeared on the Spring 2022 agenda are:

• Small Business Lending Data.  Section 1071 of Dodd-Frank amended the ECOA, subject to rules to be adopted by the Bureau, to require financial institutions to collect and report certain data in connection with credit applications made by small businesses, including women- or minority-owned small businesses.  The Bureau issued a NPRM in August 2021 and the comment period ended on January 6, 2022.  The Bureau estimates issuance of a final rule in January 2023 (which would be in advance of the court-ordered March 31, 2023 deadline for issuing a final rule). 

• Personal Financial Data Rights (previously titled “Consumer Access to Financial Information”).  Section 1033 of Dodd-Frank addresses consumers’ rights to access information about their own financial accounts, and permits the CFPB to prescribe rules concerning how a provider of consumer financial products or services must make a consumer’s account information available to him or her, “including information related to any transaction, or series of transactions, to the account including costs, charges, and usage data.”  In November 2016, the Bureau issued a request for information  about market practices related to consumer access to financial information and, after holding a symposium in February 2020, the Bureau issued an ANPR in connection with its Section 1033 rulemaking in November 2020 and issued a SBREFA outline in October 2022.  The CFPB estimates that it will issue a SBREFA report in February 2023.

• Amendments to FIRREA Concerning Automated Valuation Models.  The Bureau is participating in interagency rulemaking with the Federal Reserve, OCC, FDIC, NCUA and FHFA to develop regulations to implement the amendments made by the Dodd-Frank Act to the Financial Institutions Reform, Recovery, and Enforcement Act of 1989 (FIRREA) concerning appraisals.  The FIRREA amendments require implementing regulations for quality control standards for automated valuation models.  The Bureau released a SBREFA outline in February 2022 and a SBREFA report in May 2022.  It estimates that the agencies will issue a NPRM in March 2023.

• Property Assessed Clean Energy Financing.  In March 2019, the CFPB issued an ANPR to extend TILA ability-to-repay requirements to Property Assessed Clean Energy transactions.  The Bureau gives an April 2023 estimate for issuance of a NPRM.

So you might recall a few months ago there was a new bill introduced to expand the TCPA’s ATDS definition. My sources told me it was going nowhere. I told you it was going nowhere. And it went nowhere.

Well now, FCC Chairwoman Jessica Rosenworcel just leaned in and requested a pack of Senators to look into doing precisely what the new bill would have accomplished–expanding the ATDS definition anew:

Fix the definition of autodialer: Because robotexts are neither prerecorded nor artificial voice calls, the Telephone Consumer Protection Act (TCPA) only provides consumers protection from robotexts if they are sent from autodialers. Last year’s Supreme Court decision, Facebook v. Duguid, narrowed the definition of autodialer under the TCPA, resulting in the law only covering equipment that generates numbers randomly and sequentially. Consequently, equipment that simply uses lists to generate robotexts means that fewer robotexts may be subject to TCPA protections, and as a result, this decision may be responsible for the rise in robotexts over the past year.

Hmmm…

The letter also brags about the FCC’s efforts to combat robocalls. You can read it here: FCC Letter

Obviously expanding the TCPA’s autodialer definiton is the wrong fix here. The TCPA is simply not an effective tool to combat robocalls–never was, never will be.  While R.E.A.C.H. promise to do what the TCPA cannot–stop up to a billion unwanted calls a month!–the unconstitutional TCPA should be put out to pasture completely.

And I already gave Congress the alternative the nation needs (in this post). Will anyone listen?