FTC "Red Flags Rule" Enforcement Begins in May 2009
The Federal Trade Commission announced that it would suspend its enforcement of its new "Identify Theft Red Flags Rule," 16 CFR 681.2, until May 1, 2009, allowing subject institutions additional time to prepare for compliance with the new identity theft rules and regulations. FTC enforcement was previously expected to begin November 1, 2008, and the FTC announcement does not affect other federal agencies' enforcement of the original deadline.
The FTC has issued some guidance on complying with the rule, promulgated pursuant to the 2003 Fair and Accurate Credit Transactions Act ("FACTA"). Generally, the rule requires financial institutions and creditors to develop and implement written identify theft prevention programs for "covered accounts." Specifically, institutions "must provide for the identification, detection, and response to patterns, practices, or specific activities–known as 'red flags'–that could indicate identity theft." The FTC has also issued details related to its enforcement policy.
9th Circuit Rescuscitates California Privacy Law
The Ninth Circuit has partially revived a part of California's erstwhile Financial Information Privacy Law. In American Bankers Association v. Lockyer, the Court held California Financial Code §4053(b)(1) has non-preempted applications and reformed that section to sever its preempted portions.
American Bankers v. Lockyer is a preemption dispute that is as old as the 2003 California Financial Information Privacy Act, California Financial Code §4050 et seq., commonly known as SB1. In American Bankers Association v. Gould, 412 F.3d 1081 (9th Circuit 2005), plaintiffs alleged that the federal Fair Credit Reporting Act ("FCRA") preempted SB1's regulation of information sharing between financial institutions and their affiliates. The Ninth Circuit held that the regulation of nonpublic personal information in 15 U.S.C. 1681t(b)(2) preempted any application to consumer report information in section 4053(b)(1).
The Court remanded for a determination whether any portion of SB1's affiliate sharing regulations in section 4053(b)(1) survived preemption and whether any preempted section was severable. On remand, the district court held that no portion of section 4053(b)(1) survived preemption and that the preempted applications were not severable. Defendants appealed.
Continue Reading...ID on Merchandise Return Not a Violation of Song-Beverly
In Absher, plaintiff used a credit card to purchase a locking gas cap from Autozone and immediately tried to return it after he discovered in the store's parking lot that it was the wrong size for his car. Autozone's cashier swiped plaintiff's credit card and asked him to fill out a form with personal identification information, including his name, address, telephone number and signature. Plaintiff filled out the form, and two weeks later sued Autozone in a class action, alleging that Autozone violated Civil Code §1747.08(a)(3) by utilizing a form with spaces for his personal identification information. The trial court granted Autozone's motion for summary judgment. Plaintiff appealed.
Continue Reading...
The Bell Tolls for Some FACTA Class Actions
On June 3, 2008, President Bush signed the Credit and Debit Card Receipt Clarification Act, retroactively amending the statute "to declare that any person who printed an expiration date on any receipt provided to a consumer cardholder at a point of sale (POS) or transaction between December 4, 2004, and the enactment of this Act, but otherwise complied with FCRA requirements for such receipt, shall not be in willful noncompliance by reason of printing such expiration date on it."
This revision does not remove all liability in this circumstance—a merchant may still be liable for actual damages for a negligent violation—but the amendment significantly reduces the prospect of onerous statutory penalties for a willful violation and, as a result, makes class certification in these cases less likely.
No Identity Theft Claim Against Bank That Sold Account
Continue Reading...
