The CFPB has issued a data spotlight that shows bank overdraft/non-sufficient funds (NSF) fee revenues have declined significantly from their pre-pandemic levels.  

The report states:

Overdraft/NSF revenue for the fourth quarter of 2022 alone was approximately $1.5 billion lower than in the fourth quarter of 2019 – a decrease of 48% compared to before the pandemic, suggesting an annual reduction of over $5.5 billion going forward.  This decrease suggests average annual savings of more than $150 per household that incurs overdraft or NSF fees; many households that have typically paid a high number of overdraft or NSF fees annually have saved much more.

The report also states:

Evidence continues to suggest that financial intuitions are not increasing other checking account fees to compensate for reduced overdraft/NSF revenue.  Across all reporting banks, combined account maintenance and ATM fees remained flat from 2019 to 2022.

In a press release about the CFPB report, the Consumer Bankers Association (CBA) sets forth important findings of the Brookings Institute based on recent research and of the global intelligence firm Curinos in an August 2022 study that supports the CFPB’s analysis.  CBA observes that banks “are working to lower costs while simultaneously protecting access to overdraft because there is a clear need.”  The press release also cites recent comments from leading regulators, legislators, and academics from across the political spectrum that have recognized the positive impact of these changes.  Such comments include CFPB Director Chopra’s statement at CBA LIVE in March 2023 that  “[t]here has been very, very important shifts.  We are very gratified that this industry seems like it’s competing again on [overdraft]. […] This has been a healthy move.”

Despite these positive trends, the CFPB states in the new report, as it did in its Fall 2022 rulemaking agenda, that it is “considering rulemaking activities related to [overdraft/NSF] fees.”  It also states in the new report that it “will also continue to follow other listed fees to discern to what extent these fees might create barriers to account access.”  Such “listed fees” are periodic maintenance fees and ATM fees.

The new data clearly calls into question the need for CFPB rulemaking on overdraft/NSF fees.  We share the CBA’s view that “[a]s the CFPB considers future action, policymakers should recognize these reforms from the nation’s largest banks have occurred without regulatory or legislative intervention and collectively represent a transformational moment in time for the industry.”

STERLING, Ill — VeriFacts, the gold standard for employment and residential verification services in the receivables management industry, is demonstrating their commitment to technology and data science with the addition of Adam Parks to their leadership team as Chief Information Security Officer. 

“VeriFacts has long been known as an organization with an amazing culture that is focused on our people. By adding Adam and his team, we take another step toward our vision of being a technology company, focused on data, and verified by people”, said VeriFacts CEO Stephanie Clark. “We are very excited to be taking our technology to the next level and finding new ways to enhance the services through the application of data science.”  

Adam Parks is a serial entrepreneur with almost 20 years of receivables industry experience focused on the deployment and management of technology and communications systems for creditors, debt buyers, collection agencies and law firms. Through Adam’s other organizations, Adam and his teams will continue to provide communications, technology, and marketing services to their clients. 

“VeriFacts sets the standard for employment verification services and I could not be more excited to be joining the team! They have built a culture of the best people in the industry and my job is to empower them with actionable intelligence and efficiency through technology and data science,” said Adam Parks. “We are growing a team of technology professionals to help update systems and find ways to improve on the quality of VeriFacts’ best-in-class services.” 

As part of this commitment to technology, VeriFacts is re-evaluating all of their existing systems and data workflows looking for opportunities. The application of data science has already started driving workflow changes internally that are yielding immediate results. This new partnership is expected to create opportunities for new products, new data and an improved experience for customers. 

About VeriFacts

VeriFacts, LLC is the top employment location and verification service for the receivables management industry. Having been in business for over 30 years, they are committed to offering guaranteed customer location and employment verification services to creditors across the nation. The VeriFacts brand has become synonymous with high-quality service and a positive customer experience. Over the years, their services have expanded into residential location information, data verification, and unique data aggregation. VeriFacts is proud to be a Certified Women-Owned Business by the WBENC.

The U.S. Court of Appeals for the Seventh Circuit recently affirmed the dismissal of a consumer’s lawsuit against a debt collector, holding that the consumer lacked Article III standing to sue because his allegations of ʺconfusion” and “alarm” were not sufficiently concrete to result in an injury in fact.

A copy of the opinion in Pucillo v. National Credit Systems, Inc. is available at:  Link to Opinion.

The consumer previously leased an apartment, and when he filed for Chapter 7 bankruptcy, he listed as a debt past‐due rent he allegedly owed the property management company. The bankruptcy court proceeded to grant the consumer a discharge, including any debt owed to the property manager.

That bankruptcy discharge was listed on the consumer’s credit reports, but the property manager was not notified of the consumer’s bankruptcy. Ten weeks before the discharge, the property manager placed the consumer’s account with a collection agency. Over the next 18 months, the collection agency sent the consumer two collection letters, stating that if payment was made, the collector “will update credit data it may have previously submitted regarding this debt.”

The week before the consumer received the second letter, he filed suit under the federal Fair Debt Collection Practices Act, 15 U.S.C. § 1692e, for allegedly demanding payment of a debt not owed and Section 1692c(c) for purportedly failing to cease communications and cease collections. The consumer alleged that the collection agency’s continued communications “confused and alarmed” him. The collection agency did not give information to a credit reporting agency — before or after his bankruptcy discharge.

The trial court dismissed the consumer’s complaint for lack of Article III standing, and the consumer timely appealed.

Article III of the U.S. Constitution limits the jurisdiction of federal courts to cases and controversies. U.S. CONST. art. III, § 2. To establish Article III standing to sue, “[a] plaintiff must have (1) a concrete and particularized injury in fact (2) that is traceable to the defendant’s conduct and (3) that can be redressed by judicial relief.” Pierre v. Midland Credit Mgmt., Inc., 29 F.4th 934, 937 (7th Cir. 2022).

On the first element, a concrete injury is “‘real,’ and not ‘abstract.’” Spokeo, Inc. v. Robins, 578 U.S. 330, 340 (2016). “Qualifying injuries are those with a close relationship to a harm traditionally recognized as providing a basis for a lawsuit in American courts.” Pierre, 29 F.4th at 938.

The Seventh Circuit began by noting that the ruing of the Supreme Court of United States in TransUnion LLC v. Ramirez limited the intangible harms that can be considered concrete. 141 S. Ct. 2190, 2210 (2021). Specifically, the Supreme Court held that a risk of harm qualifies as a concrete injury only for claims for “forward‐looking, injunctive relief to prevent the harm from occurring.” Id.

The Seventh Circuit reasoned that the Supreme Court’s TransUnion decision weakened the consumer’s standing argument because he was only seeking monetary damages in this action. Additionally, although the consumer claimed that he was “confused and alarmed” about the status of his bankruptcy discharge and his credit score, he provided no facts showing that his emotional response led to actionable injury. Because the consumer did not “otherwise act to [his] detriment in response to anything,” Pierre, 29 F.4th at 939, the Court concluded that the risk he pleaded of possible futility to his bankruptcy or potential harm to his credit did not satisfy the standing requirement of a concrete and particularized injury in fact.

Resisting this conclusion, the consumer argued that his injuries were of the same kind held actionable under common law invasion of privacy tort theories, specifically “invasion of privacy” and “intrusion upon seclusion.” An intangible harm can qualify as a concrete injury in fact, but only when the harm bears a “close relationship” to a traditional harm given redress in courts at common law. Spokeo, 578 U.S. at 340–341.

The Seventh Circuit observed that ʺinvasion of privacy” and “intrusion upon seclusion” are actually not distinct torts. Instead, “invasion of privacy” encompasses four theories of wrongdoing, including “intrusion upon seclusion.” Persinger, 20 F.4th at 1192. Intrusion upon seclusion “occurs when a person ‘intrudes … upon the solitude or seclusion of another or his private affairs or concerns’ and this ‘intrusion would be highly offensive to a reasonable person.’” Persinger, 20 F.4th at 1192 (quoting RESTATEMENT (SECOND) OF TORTS § 652B)

The Seventh Circuit noted that the phrase “intrusion upon seclusion” did not appear in the consumer’s complaint or his supporting declaration. Conceding that the consumer did not need to include this precise phrase in his pleadings, the Court determined that none of his allegations spoke to such a theory of injury in any way. Instead, the consumer’s appellate briefing tried to shoehorn his allegations within that tort theory.

Furthermore, each time the consumer invoked “intrusion upon seclusion,” he claimed that the collection agency’s letters undermined his belief that his bankruptcy discharge created a “fresh start.” However, the Court held that this specific injury was not actionable under the “intrusion upon seclusion” theory, as the potential for the consumer’s bankruptcy case to be undone presented only a risk of harm.

Accordingly, the Seventh Circuit concluded that the trial court correctly found that the consumer had not alleged a concrete and particularized injury in fact, and that there was no Article III standing. Therefore, the Court affirmed the dismissal of the case for lack of standing.

DULUTH, Ga. — Crown Asset Management, a receivables acquisition and management firm in Duluth, GA, is proud to share our recent participation in the inspiring and heartwarming Best Buddies Friendship Walk 2023. We truly believe in the power of community and giving back, and we encourage everyone to join us in supporting this wonderful cause.

About the event

The Best Buddies Friendship Walk is an annual event that takes place in various locations across the country. This year, on Saturday, April 22nd, the Atlanta, GA walk was held at the picturesque Blackburn Park in Brookhaven, Georgia. The event brings people together to celebrate friendships and promote inclusivity for individuals with intellectual and developmental disabilities (IDD). As part of our corporate social responsibility, we were honored to contribute to Best Buddies International’s mission and participate in the event.

Event highlights

The Friendship Walk features several exciting activities designed to engage participants and create a fun, inclusive environment for all. Some highlights of this year’s event included:

[article_ad]

• A 0.4-mile walk, accessible for all ages and abilities;
• A delicious pancake bar hosted by Snooze Eatery, ensuring everyone was well-fed and energized;
• A variety of yard games and inflatables for attendees to enjoy;
• Crafts and fun photo ops, adding a touch of creativity and color to the festivities;
• And live entertainment, including an enthusiastic DJ and energetic skits that kept spirits high throughout the day.

Team building and community impact

Participating in the Friendship Walk served as an excellent team-building opportunity for our staff at Crown Asset Management. Together, we shared a memorable experience while giving back to our community and supporting a cause that aligns with our values of fairness and respect. The event also allowed us to connect with other local businesses and organizations, fostering a sense of unity and collaboration in our community.

Fundraising opportunities

We made a difference! With collective efforts, we supported Best Buddies International by creating opportunities for one-to-one friendships, integrated employment, leadership development, and inclusive living for people with IDD. In addition, participating in the walk and related fundraising events allowed us to contribute to a more inclusive society where everyone is treated with dignity and respect.

Celebrating top fundraisers and teams

We wholeheartedly extend our appreciation to everyone who has championed the cause of Best Buddies in Georgia, with a special mention to the top fundraisers and teams. Your steadfast dedication, relentless hard work, and unyielding commitment have made a profound impact on the lives of individuals with IDD. As we eagerly await next year’s walk, your passion for change and your devotion to fostering a world where everyone can thrive inspires us. We look forward to seeing even more people join us in this remarkable endeavor.

Getting involved

Curious to learn more about Best Buddies International and the Friendship Walk? Dive into the details at bestbuddiesfriendshipwalk.org/georgia where you can learn how to actively take part in the walk, make a donation, or offer your valuable volunteer time. You can contribute significantly to making a difference and nurturing a more inclusive and supportive community.

Join in supporting this cause

Crown Asset Management is proud to have participated in the Best Buddies Friendship Walk 2023 and invites you to join them in supporting this incredible cause. Together, we can make a lasting impact on the lives of individuals with IDD and promote a more inclusive, compassionate world where everyone is valued and celebrated.

About Crown Asset Management

Founded in 2004, Crown Asset Management, LLC, is a professional receivables management firm that outsources purchased accounts to a nationwide, proprietary network of collection agencies and law firms. Utilizing a cutting-edge predictive analytical model during pre-purchase portfolio due diligence, our team focuses on achieving appropriate financial returns while ensuring the best possible experience for consumers. Crown Asset Management is an RMAI Certified Receivables Business headquartered in Duluth, GA.

We’re beginning to get a clearer picture of Buy Now, Pay Later borrowers. While it has been long speculated that BNPL borrowers chose to use that option because of a lack of credit, the CFPB released a report based on data from their 2022 Making Ends Meet Survey which makes it clear that BNPL borrowers do have access to other credit, and they are using it. In fact, BNPL borrowers are more likely to “actively use other credit products” than consumers who don’t use BNPL loans. According to their analysis, 95% of BNPL borrowers “had at least one credit record in another account, compared to 86% of non-borrowers.”

BNPL Borrowers Have Lower Credit Scores

Another finding from the report is less of a surprise: BNPL borrowers have lower credit scores than non-borrowers. The average credit score of BNPL borrowers is in the subprime range. Typically, as the analysis notes, subprime borrowers encounter higher interest rates on traditional loans and credit cards, which makes BNPL products more attractive to those consumers.

 The report did not lead the CFPB to any conclusions about whether BNPL use might lead to more delinquencies on the borrower’s other obligations, but they did note that BNPL borrowers are twice as likely than non-borrowers to be delinquent on one of their other credit obligations, like credit cards, personal loans, auto loans, student loans or mortgages.

However, as inflation remains high and despite a strong labor market, lower-income consumers (especially those with subprime credit scores) are feeling the pinch more than higher-income consumers. If those consumers are also overextending their financial situation using BNPL products, it’s easy to speculate that those borrowers will be impacted negatively in the event of a recession.

Credit Warping Remains a Concern

The findings also contribute to another ongoing concern in the credit world: credit warping. Consumers are not using only BNPL products or traditional credit, they are using both, and without accurate reporting from BNPL lenders, we still don’t have a clear picture of consumers’ credit health. This puts lenders in a perilous situation, since consumers’ credit scores are likely artificially inflated. Even if a potential borrower looks good on paper, it’s possible for the borrower to have many other open lines of credit through BNPL lenders which are not reflected on their credit report, and therefore invisible to traditional lenders, or even other BNPL lenders.

Consumers are at risk of becoming overleveraged, and that leaves lenders at risk of being unable to collect on delinquent accounts in the event of an economic downturn.

Other findings from the report include:

• Buy Now, Pay Later borrowers had significantly higher usage in several other loan products when compared to non-borrowers, including retail accounts (62% compared to 44%), personal loans (32% compared to 13%), and student loans (33% compared to 17%).

• Black, Hispanic, and female consumers are more likely than average to use Buy Now, Pay Later products, along with consumers with income between $20,001-$50,000.

• Eighteen percent of Buy Now, Pay Later borrowers had at least one reported delinquency in another account, compared to 7% of non-borrowers. Delinquency rates were substantially higher for credit (9%) and retail cards (8%) among Buy Now, Pay Later borrowers compared to non-borrowers (3% and 1% respectively).

For more reading on BNPL Borrowers, check out:

BNPL is Primed for Growth

BNPL Growing Pains Show Need for Greater Consumer Focus

A Guide to Buy Now, Pay Later and Digital Debt Collections

——

Every Thursday, Collections & Recovery sends out an exclusive email packed with analysis on the newest trends in collections strategy, the shift to digital collections, best practices for vendor management, and deep-dives into regulatory and compliance issues that matter to you. The only way to get it is to subscribe.

NEW YORK, N.Y. — Skit.ai, the leading Conversational Voice AI solution provider in the Account Receivable Management (ARM) industry, revealed the success of its partnership with Eagle Accounts Group, Inc. an Indianapolis-based business specializing in debt collection services since 1972. Skit.ai’s compliant, configurable and easy-to-deploy Voice AI solution was strategically deployed to automate Eagle Accounts Group’s collection efforts, enabling  them to scale drastically, increasing connectivity, performance, while reducing collection cost. 

The successful deployment of Skit.ai’s Augmented Voice Intelligent Platform addressed a few challenges faced by Eagle Accounts Group, such as limited scalability, high agent training costs, and escalating collection costs. Delivering an impressive 18% increase in collection, a 31% rise in connectivity, and a high engagement rate of 60%, while being fully compliant. The Skit.ai platform paved the way for Eagle Accounts Group to transition from traditional processes and strategies, enabling them for business expansion.

“Skit.ai’s Conversational Voice AI solution has surpassed our expectations by catalyzing a transformation of our collection processes. Increase in collections, connectivity, account penetration and our capacity to handle a more substantial debt portfolio are proof of the efficacy of their solution. Furthermore, Skit.ai’s solution has contributed to an impressive rise in agent productivity,” said Ryan Johnson, Office Manager, Eagle Accounts Group. 

He further added “Significantly, this solution has played a vital role in the expansion of our business. With newer capabilities such as scalability, and improved performance, we have been successful in improving our existing client relationships and in onboarding new clients.”


The Skit.ai team played an instrumental role in facilitating a seamless transition for Eagle Accounts Group from their existing systems to cutting-edge Voice AI technology. This implementation did more than modernize the collection procedures. It markedly improved overall productivity, leading to streamlining of processes. As a result, it has instilled a renewed sense of optimism within the organization.

“Eagles Accounts Group was able to implement scalable processes through this partnership. Our solution boosted Agent Productivity, Collections, and Connectivity by 168%, 18%, and 31% respectively, showcasing the impact our solution can have in the ARM Industry.” stated Sourabh Gupta, Founder, and CEO of Skit.ai

To learn more about how Skit.ai’s has aided Eagle Accounts Group Inc, scale their operations and increase their collection performance book a meeting with an expert at Skit.ai.

About Eagle Accounts Group, Inc: 

Eagle Accounts Group, Inc. located in Indianapolis, Indiana was established in 1972 and offers state, regional and nationwide debt collection services and is licensed, bonded and insured for your protection providing debt collection, asset recovery, dispute resolution, billing, pre-collection programs and court services. Eagle Accounts Group has the highest regard for the security and integrity of their client’s data. https://eagleaccounts.com/

About Skit.ai: 

Skit.ai is the leading Conversational Voice AI company in the ARM industry, enabling collection agencies to streamline and accelerate revenue recovery. Skit.ai’s Compliant, Configurable, and Easy-to-deploy solution enables enterprises to automate nearly one million weekly consumer conversations. Skit.ai has been awarded several award & recognitions, including Disruptive Technology of the Year 2022 by CCW; Stevie Bronze Winner 2022 by The International Business Awards; Gold Globee CEO Awards 2022. Skit.ai is headquartered in New York City, NY.  https://Skit.ai

The Sixth Circuit recently affirmed a district court’s dismissal of a Fair Debt Collection Practices Act (FDCPA) and Michigan Regulation of Collection Practices Act (RCPA) suit, holding that the plaintiff lacked standing. The litigation, Van Vleck v. Leikin, Ingber, & Winters, P.C., arose from the defendant law firm’s service of process on the plaintiff in a different lawsuit.

In the underlying suit, in April 2020 the law firm’s process server served the plaintiff in person with a summons and complaint seeking to collect a debt on behalf of the law firm’s client. The summons, which was the standard pre-pandemic state court form, indicated that the plaintiff had twenty-one days to answer the complaint. The summons did not notify the plaintiff that the Michigan Supreme Court had temporarily suspended that deadline due to the COVID-19 pandemic.

The plaintiff then filed suit against the law firm that served him in the Eastern District of Michigan. The plaintiff first alleged that the law firm had violated the FDCPA and RCPA by serving him in person despite the stay-at-home order and by using a young, unmasked process server who might “spread[]” the COVID-19 virus. The plaintiff also alleged that the standard summons’ non-disclosure of the deadline suspension was false and misleading. The law firm moved to dismiss for lack of standing. In response, the plaintiff argued that the in-person service had caused him injury akin to battery or abuse of process.

The district court judge dismissed the FDCPA claim without prejudice for lack of a concrete injury and declined to exercise pendent jurisdiction over the state law claims. The plaintiff moved to vacate the dismissal arguing that the court had improperly considered extrinsic evidence when analyzing the nature of the alleged injury. The plaintiff also moved to amend the complaint and to certify a question to the Michigan Supreme Court. The district court denied his motions and the plaintiff appealed the decision to the Sixth Circuit.

The court of appeals made quick work of the plaintiff’s standing claims. The court first held that the plaintiff had waived the argument that the service of process constituted an invasion of privacy because he had raised it for the first time in his motion to vacate and had not argued it on appeal.

The court also rejected the plaintiff’s argument that his injury was closely related to a battery because the plaintiff had voluntarily opened the door and taken the summons and complaint from the process server without first putting on a mask, and there were no allegations of involuntary physical contact. The court also noted that the “extrinsic evidence” to which the plaintiff objected was merely corroborative, not dispositive.

Next, the court rejected the plaintiff’s argument that the service constituted a concrete injury because it was closely related to the common law tort of abuse of process, conveying a false sense of urgency to answer the complaint during the pandemic and causing him to hire an attorney to represent him in court. The court of appeals explained that the use of the standard summons and personal service were not analogous to an abuse of process because the plaintiff did not plausibly allege that the firm or the process server acted with an ulterior purpose, intending to deprive the plaintiff of the knowledge of the suspended deadline.

Finally, the court ruled that the plaintiff’s alleged general emotional distress and financial injuries did not rise to a level sufficient to convey standing. Therefore, the court of appeals affirmed the district court’s dismissal of the plaintiff’s claims and denial of the plaintiff’s subsequent motions in full.

This case serves as a helpful reminder that mere procedural deficiencies may not be sufficient to constitute standing and defendants should not be too quick to move to the merits where no actual injury was suffered by a plaintiff.

PETALUMA, Calif. — The Cascade365 Family of Companies is excited to announce that Mary Sand has joined the team as Director of Client Services.

Mrs. Sand will lead the continued growth of the Cascade365 Client Services team, further enhancing and building upon Cascade365’s strong tradition of providing its clients with best-in-class support.

Mrs. Sand joins Cascade365 with over 30 years of experience in healthcare receivables management and revenue cycle operations. Prior to joining Cascade365, Mrs. Sand served as Vice President of Operations at RevSolve/USCB. Amongst Mrs. Sand’s many accomplishments at RevSolve/USCB, she was instrumental in creating and managing the Client Services and Onboarding departments.  Mrs. Sand has a strong track record in cultivating and maintaining communication channels with clients, administering project management plans, improving business workflows, increasing departmental productivity and accuracy, and identifying and acting upon client/company synergies. 

“I am thrilled that Mary has joined Cascade365,” said Lee Brockett, Chief Executive Officer of the Cascade365 Family of Companies. “Mary’s experience and leadership will enable Cascade365 to not skip a beat as we increase in client volume and complexity.  Cascade365 is steeped in a strong culture of providing best-in-class pricing/client economics as well as patient/consumer experience.  The ‘third leg of the stool’ is client services, making sure that Cascade365’s clients receive the best services possible. Mary will be instrumental in Cascade’s ongoing success as we continue a trajectory of growth and increased footprint within the healthcare vertical.”

“I am beyond honored to work with the talented team at Cascade365 and look forward to furthering their efforts and strong contribution to healthcare and revenue cycle” said Mrs. Sand.  “Cascade365 is a true leader in the marketplace of healthcare accounts receivable management, which includes debt purchase, master servicing, collections, and specialty finance.  I am excited to support the organization’s endeavors, including growing a best-in-class Client Services team and helping to structure innovative client service practices.”

About The Cascade365 Family of Companies 

Cascade365 is a brand identity representing a family of companies focused on the responsible liquidation of accounts receivable.  Headquartered in the San Francisco Bay area, the Cascade365 Family of Companies are recognized leaders in the accounts receivable management, revenue cycle and specialty finance industries. Cascade365’s suite of products and services include AR Purchase and Finance, Master Servicing, Third Party Collections, and Revenue Cycle Optimization.  The Cascade365 Family of Companies believes in promoting financial accountability while treating patients in a fair, dignified, and lawful manner.  

Montana Gov. Greg Gianforte on May 19 signed into law Senate Bill 384, the Montana Consumer Data Privacy Act, making Montana the ninth state to enact a comprehensive consumer data privacy law, following California, Virginia, Colorado, Utah, Connecticut, Iowa, Indiana, and Tennessee. The law will take effect Oct. 1, 2024.

Applicability

The law applies to persons that conduct business in Montana or persons that produce products or services that are targeted to residents of Montana and:

• control or process the personal data of not less than 50,000 consumers, excluding personal data controlled or processed solely for the purpose of completing a payment transaction; or
• control or process the personal data of not less than 25,000 consumers and derive more than 25% of gross revenue from the sale of personal data.

Exemptions

Importantly, the law exempts financial institutions and affiliates, or personal data subject to the Gramm-Leach-Bliley Act. Other exemptions include covered entities or business associates governed by the Health Insurance Portability and Accountability Act, and the use of personal information to the extent the activity is regulated by and authorized under the Fair Credit Reporting Act.

Consumer Rights

Consumers are provided the right to:

• confirm whether a controller is processing the consumer’s personal data and to access the personal data;
• correct inaccuracies in the consumer’s personal data;
• delete personal data about the consumer;
• obtain a copy of the consumer’s personal data previously provided by the consumer;
• opt out of the processing of personal data if the purpose is for targeted advertising, sale of the personal data, or profiling in furtherance of solely automated decisions that produce legal or similarly significant effects concerning the consumer.

Sensitive Data

A controller may not process “sensitive data” without a consumer’s consent.

“Sensitive data” includes:

• data revealing racial or ethnic origin, religious beliefs, a mental or physical health condition or diagnosis, information about a person’s sex life, sexual orientation, or citizenship or immigration status;
• the processing of genetic or biometric data for the purpose of uniquely identifying an individual;
• personal data collected from a known child; or
• precise geolocation data.

Contract Requirements

A contract between a controller and a processor must include certain provisions to:

• ensure that each person processing personal data is subject to a duty of confidentiality with respect to the personal data;
• at the controller’s direction, delete or return all personal data to the controller as requested;
• on the reasonable request of the controller, make available to the controller all information in the processor’s possession necessary to demonstrate the processor’s compliance;
• engage any subcontractor pursuant to a written contract that requires the subcontractor to meet the obligations of the processor with respect to the personal data; and
• allow and cooperate with reasonable assessments by the controller or the controller’s designated assessor.

Data Protection Assessments

A controller must conduct and document a data protection assessment if the processing involves:

• targeted advertising;
• the sale of personal data;
• certain profiling;
• sensitive data.

Enforcement

The Attorney General has the exclusive authority to enforce the law. Prior to taking any action, the Attorney General must provide a controller or processor 60 days to cure the violation. In the absence of a cure, civil penalties not to exceed $7,500 may be sought for each violation. The cure provision expires April 1, 2026.

Maurice Wutscher Impression

The Montana law is very similar to the non-California data privacy laws recently enacted, so it should cause few additional compliance challenges.

For a chart comparing the state comprehensive data privacy acts, and more information and insight from Maurice Wutscher on data privacy and security laws and legislation, click here.