Consumer Financial Services Law Monitor

Consumer Financial Services Law Monitor

monitoring the financial services industry to help companies navigate through regulatory compliance, enforcement, and litigation issues

Cyber Security, Information Governance & Privacy

Subscribe to Cyber Security, Information Governance & Privacy RSS Feed

NY AG Announces Settlement with Health App Developers Over Marketing and Privacy Practices

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, State Attorneys General, CFPB, & FTC
On March 23, New York Attorney General Eric Schneiderman announced settlements with three health-related applications sold in Apple’s App Store and Google’s Play Store.  The settlements arose from allegations of misleading claims and irresponsible privacy practices.  Under the terms of the settlements, the developers agreed to provide additional information about how the apps were tested,… Continue Reading

TCPA Class Action Dismissed Based on Lack of Vicarious Liability

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, Debt Buyers & Collectors
The United States District Court for the Southern District of California recently granted summary judgment in favor of defendant United Student Aid Funds, Inc. (“USAF”) in a Telephone Consumer Protection Act class action, holding that the plaintiff had failed to prove that USAF is vicariously liable for the acts of its third party servicers.  In… Continue Reading

SuperAmerica Convenience Store Agrees to $3.5 Million TCPA Class Action Settlement

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
The parties in Soular v. Northern Tier Energy, LP et al. recently filed a motion for preliminary approval of a $3.5 million Telephone Consumer Protection Act (“TCPA”) class action in the District of Minnesota.  The three named plaintiffs in the case alleged that they received unsolicited marketing text messages from the defendant convenience store, known… Continue Reading

Bebe’s Motion to Decertify TCPA Classes Denied by California Federal Court

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
On February 10, the United States District Court for the Northern District of California denied defendant Bebe Stores, Inc.’s motion to decertify the plaintiffs’ proposed classes in a Telephone Consumer Protection Act class action.  In Meyer v. Bebe Stores, Inc., the named plaintiffs alleged that they provided their cell phone numbers to Bebe in connection… Continue Reading

Ninth Circuit Affirms Summary Judgment in Favor of Defendants in TCPA Text Messaging Case

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
The Ninth Circuit recently affirmed the district court’s grant of summary judgment in favor of the defendants in an action under the Telephone Consumer Protection Act regarding text messages about a gym membership. In Van Patten v. Vertical Fitness Group, LLC, Plaintiff-Appellant Bradley Van Patten visited a Gold’s Gym franchise to obtain information about a… Continue Reading

FTC and NJ AG Announce Settlement with Vizio over Collecting Consumer Viewing Habits

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, Featured Posts, State Attorneys General, CFPB, & FTC
Protection of personal information.On February 6, the FTC and the New Jersey Office of the Attorney General announced a $2.2 million settlement with Vizio, Inc. over allegations the TV manufacturer installed software on its TVs to collect viewing data on 11 million consumers without their knowledge or consent.  According to the complaint, Vizio manufactured smart TVs that allowed… Continue Reading

FTC’s Latest Message to IoT Industry Comes as Complaint Against D-Link Alleging UDAP Violation Related to Security Vulnerabilities

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, State Attorneys General, CFPB, & FTC
On January 5, the Federal Trade Commission filed a complaint against D-Link Corporation, a Taiwanese corporation, and D-Link Systems, Inc., a California corporation and a subsidiary of D-Link Corporation.  D-Link sells Internet of Things (“IoT”) devices and software to support such devices.  Specifically, D-Link sells routers which transfer data packets along a network and which… Continue Reading

FDA’s Postmarket Management of Cybersecurity in Medical Devices

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
On December 28, the U.S. Food and Drug Administration issued its “nonbinding recommendations” guidance for addressing post-market cybersecurity vulnerabilities in medical devices under the title “Postmarket Management of Cybersecurity in Medical Devices.”[1] By its terms, the recommendations are for a “risk-based framework for assessing when changes to medical devices for cybersecurity vulnerabilities require reporting to… Continue Reading

Student Loan Servicer Agrees to $17.5M TCPA Class Action Settlement

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, Debt Buyers & Collectors
On January 26, the United States District Court for the Southern District of Indiana granted preliminary approval of a $17.5 million Telephone Consumer Protection Act class action against Navient Solutions Inc.  According to the original Complaint, plaintiff Randy Johnson received multiple telephone calls on his cell phone from Navient, a student loan servicing and collection… Continue Reading

NHTSA and DOT Propose Rule Mandating Vehicle-to-Vehicle Communication on Light Vehicles

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
The National Highway Traffic Safety Administration and the Department of Transportation have issued a Notice of Proposed Rulemaking for autonomous and connected cars.  The NPRM “proposes to establish a new Federal Motor Vehicle Safety Standard” under 40 CFR 571 to mandate vehicle-to-vehicle (V2V) communications for new light vehicles and to standardize the message and format… Continue Reading

NY AG Settles with Acer for $115,000 over Data Breach

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, Featured Posts, State Attorneys General, CFPB, & FTC
DATA Security SizedOn January 26, New York Attorney General Eric Schneiderman announced a settlement with Acer Service Corporation over an alleged data breach involving more than 35,000 credit card numbers, including the credit card information and other personal information of 2,250 New York residents.  As part of the settlement, Acer agreed to pay $115,000 in penalties and… Continue Reading

Ninth Circuit Agrees to Remand Action to State Court Based on Spokeo

Posted in ALL CFS Blog Entries, Credit Reporting & Data Brokers, Cyber Security, Information Governance & Privacy, Payment Processing & Cards
The Ninth Circuit in Medellin v. IKEA U.S. West Inc. recently remanded a plaintiff’s appeal to the district court with instructions to dismiss the case after the plaintiff admitted that she lacked Article III standing to proceed in federal court.  As background, Rita Medellin’s class action complaint alleged that IKEA violated the Song-Beverly Credit Card… Continue Reading

Telecommunications Service Provider Does Not Have Standing to Sue Under TCPA

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, Debt Buyers & Collectors
In Telephone Science Corporation v. Asset Recovery Solutions, the United States District Court for the Northern District of Illinois recently held that Telephone Science Corporation (“TSC”), a telecommunications company, did not have standing to pursue its Telephone Consumer Protection Act claims against Asset Recovery Solutions, LLC (“ARS”), a debt collection company. TSC operates a service… Continue Reading

New York Financial Regulator Revises Proposed Cybersecurity Regulation

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, State Attorneys General, CFPB, & FTC
On December 28, the New York Department of Financial Services (“NY DFS”) released its highly anticipated revised cyber security rule.  As we previously noted here, the proposed regulations would require banks, insurance companies, and other financial services institutions to establish and maintain a cybersecurity program and to take other measures to protect against data breaches… Continue Reading

Summary Judgment Motion is Filed in TCPA Class Action Involving Airbag Recall

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
According to the complaint in Ibrahim v. American Honda Motor Co., Inc., defendants Sterircycle, Inc. and Stericycle Communication Solutions, Inc. (collectively referred to herein as “Stericycle”) violated the Telephone Consumer Protection Act by making unauthorized telephone calls using a prerecorded or artificial voice to the cellular telephones of individuals throughout the nation. Stericycle’s calling program… Continue Reading

Federal Communications Commission Chairman Tom Wheeler Announces Resignation on Dec. 15, 2016, Signaling Potential Reform to the Telephone Consumer Protect Act (TCPA)

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, Debt Buyers & Collectors
Federal Communications Commission Chairman Tom Wheeler said Thursday that he’ll step down from his post on Jan. 20, 2017. Wheeler was appointed by President Obama three years ago to lead the FCC. Prior to his October 2013 confirmation as the 31st chairman of the FCC, Wheeler served as managing director at venture capital firm Core… Continue Reading

Medical Services Company to Pay $9.25M in TCPA Class Action Settlement

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
The United States District Court for the Eastern District of Louisiana recently granted final approval of a $9.25 million Telephone Consumer Protection Act class action against Advanced Care Scripts, Inc. (“ACS”).  According to the class action complaint, ACS engages in the management and dispensing of specialty medications and oral oncology products.  To advertise their services,… Continue Reading

Insurer Denies Coverage in TCPA Class Action

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
As we previously reported, US Coachways entered into a $49.9 million Telephone Consumer Protection Act class action settlement.  Because the motor coach leasing company could not fund the settlement, the company tendered a claim for the action to its insurer, Illinois Union Insurance Company, who subsequently denied coverage to US Coachways.  US Coachways assigned its… Continue Reading

Telephone Company Settles TCPA Class Action for $11 Million

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
On December 14, the parties in Mey v. Frontier Communications Corp. filed a motion for preliminary approval of a settlement of a Telephone Consumer Protection Act class action. According to the Complaint, Frontier, a telephone company that offers voice, broadband, satellite video, and wireless internet data access for individuals and small businesses, uses telemarketing to… Continue Reading

Responding to a Data Breach: The FTC’s Guide

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, State Attorneys General, CFPB, & FTC
The FTC issued a new video and updated guide for businesses on how to respond to a data breach.  The three steps identified in the guide and discussed in the video are: Secure your operations – This step focuses on preventing further attacks due to the same vulnerabilities. Mobilize your breach response team Engage a… Continue Reading

Cross-Motions for Summary Judgment Filed in Costco FCRA Class Action

Posted in ALL CFS Blog Entries, Credit Reporting & Data Brokers, Cyber Security, Information Governance & Privacy, Payment Processing & Cards
As we previously reported, the named plaintiff in Paci v. Costco Wholesale Corporation filed a Fair Credit Reporting Act putative class action against Costco alleging that the retailer’s receipts contained more digits of the payment card’s account number than is permitted under the Act.  The parties recently filed cross-motions for summary judgment.  Costco argued that… Continue Reading

Text Messaging TCPA Class Action Against Workforce Staffing Company Results in $5 Million Settlement

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
In Joseph v. TrueBlue, Inc., the named plaintiff brought a Telephone Consumer Protection Act (TCPA) class action against the workforce staffing company for its alleged text messaging advertisements.  TrueBlue recently agreed to a $5 million settlement to end the case.  According to the amended class action complaint, TrueBlue sent text message “Job Alert” advertisements to… Continue Reading

FTC Issues Comments on NHTSA’s Federal Automated Vehicles Policy

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, State Attorneys General, CFPB, & FTC
On November 21, the Director of the Bureau of Consumer Protection of the Federal Trade Commission commented on the National Highway Traffic Safety Administration’s Federal Automated Vehicles Policy.  The Director opened the comment with a brief review of the FTC’s focus on privacy and security efforts related to connected devices and the Internet of Things: … Continue Reading

Parties Seek Final Approval of $2.15 Million TCPA Class Action Settlement Against Marketing Services Company

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
On November 17, the named plaintiff in Toney v. Quality Resources, Inc., et al. asked an Illinois federal court for final approval of a Telephone Consumer Protection Act (TCPA) class action settlement agreement.   As background, in December 2012, Sarah Toney ordered three pairs of children’s slippers online from a website operated by Stompeez.  The website… Continue Reading