Like most industries today, Consumer Finance Services businesses are being significantly impacted by the novel coronavirus (COVID-19). Troutman Pepper has developed a dedicated COVID-19 Resource Center to guide clients through this unprecedented global health challenge. We regularly update this site with COVID-19 news and developments, recommendations from leading health organizations, and tools that businesses can use free of charge.
Join us on Tuesday, September 29 as a panel of Troutman Pepper class action litigators examine recent developments in class action litigation and provide insights on what the future holds. The panel will dive into the major decisions that were rendered this past year and explore ways for class action practitioners and in-house counsel to effectively and efficiently manage class actions. Please click here to register.
To help you keep abreast of relevant activities, below is a breakdown of some of the biggest COVID-19 driven events at the federal and state levels to impact the Consumer Finance Services industry this past week:
Privacy and Cybersecurity Activities
- On September 18, 2020, the Federal Reserve Board updated its frequently asked questions (FAQs) to clarify the Board’s and Department of Treasury’s expectations for lenders underwriting the Main Street Lending Program. The revised FAQs emphasize that lenders’ underwriting should look back to the borrower’s pre-pandemic condition and forward to their post-pandemic prospects. For more information, click here.
- On September 18, 2020, the Federal Reserve Board issued its Report on Economic Well-Being of U.S. Households. Data collected shows that U.S. families were faring better financially in July than in April, but many still faced uncertainty regarding layoffs and prospects for returning to work. For more information, click here.
- On September 17, 2020, the Federal Reserve Board released its hypothetical scenarios for a second round of bank stress tests. Earlier this year, the first round of stress tests found that large banks were well-capitalized under a range of hypothetical events. An additional round of stress tests is being performed due to the continued uncertainty from the COVID-19 pandemic. Stress tests help ensure large banks can lend to households and businesses even in a severe recession. The exercise evaluates the resilience of large banks by estimating their loan losses and capital levels under hypothetical recession scenarios over nine quarters into the future. For more information, click here.
- On September 16, 2020, the U.S. Department of the Treasury released Treasury International Capital (TIC) data for July 2020. The sum in July of all net foreign acquisitions of long-term securities, short-term U.S. securities, and banking flows was a net TIC outflow of $88.7 billion. Of this, net foreign private outflows were $55.0 billion, and net foreign official outflows were $33.7 billion. For more information, click here.
- On September 18, 2020, the Nevada Department of Business and Industry Financial Institutions Division granted an extension allowing employees of licensed collection agencies to work from home through December 31, 2020 so long as the agencies establish and maintain proper security protocols. For more information, click here.
- On September 17, 2020, Texas Governor Greg Abbott issued an order to continue Texas’ reopening process during the COVID-19 pandemic. The order allows businesses in most of the state that were previously authorized to operate at 50% capacity to move to 75% capacity beginning on September 21, 2020. For more information, click here.
- On September 16, 2020, Connecticut Governor Ned Lamonte issued an order in response to civil preparedness and public health declarations, including amendments to Connecticut’s mandatory self-quarantine for travelers from states with high COVID-19 levels and resumption of non-judicial tax sales pursuant to prior executive orders. For more information, click here.
- On September 14, 2020, the U.S. District Court for the Western District of Pennsylvania ruled that certain restrictions enacted during the COVID-19 pandemic by Pennsylvania Governor Tom Wolf were unconstitutional. For more information, click here.
- On September 11, 2020, the Louisiana Public Service Commission, issued an order to resume telephonic solicitations into the state in compliance with the general provisions of the Louisiana Public Service Commission Do Not Call Program General Order. The prohibition on telephonic solicitations was put in place due to the declaration of a state of emergency in preparation for Hurricane Laura and Marco. For more information, click here.
Privacy and Cybersecurity Activities:
- On September 17, 2020, the National Security Agency (NSA) released best practice guidelines for those working remotely during the COVID-19 pandemic. The guidelines provide information on “how to identify and mitigate personal network compromises to secure data and protect government furnished equipment when used for telework.” While the guidelines were intended for government employees, the NSA shares that “the techniques listed provide valuable insight to prevent compromises on any network.” The guidelines are divided into the Compromised Personal Network Indicators and Mitigations CSI and the Out-of-Band Network Management CSI. To read the full announcement, click here.
- On September 17, 2020, the Federal Trade Commission (FTC) warned consumers that scammers prey on the kindness of the public during disasters. The FTC reminded consumers to be vigilant when donating money, and not to allow individuals to get pressured into donating (that’s what scammers typically do). To read the full post, click here.
- On September 16, 2020, the U.S. Senate Committee on Commerce, Science, and Transportation announced it would hold a hearing on September 23, 2020, to discuss the need for federal data privacy legislation. The hearing will focus on the current need for privacy legislation and on how the COVID-19 pandemic has changed the way privacy is affecting individuals across the country. For those interested in watching a live feed of the hearing, click here. To read the full announcement, click here.
- On September 16, 2020, the Mayor of Miami-Dade County, Carlos Gimenez, held a news conference to discuss the county’s contract tracing application, CombatCOVID MDC. Gimenez stressed that the app collects “no personal information, no GPS or location information[.]” To read the full news report discussing the public’s concerns, click here. For more information about existing privacy guidelines for COVID-19-related apps, read our primer on Law360.
- On September 16, 2020, a Harris Poll study conducted on behalf of Virtru found that 52% of Americans are “willing to allow government agencies, task forces, or health care organizations access to their medical records, beyond COVID-19 test status, if it could offer responders better and more precise data for pandemic response.” While the study was conducted with an emphasis on determining whether Americans would be willing to share their information for contact tracing purposes, the study appears to find that individuals are increasingly likely to share medical information if it would generally assist in the pandemic response. Click here to read more.
- On September 16, 2020, the World Privacy Forum published a report to analyze COVID-19 U.S. Health Insurance Portability and Accountability Act (HIPAA) waivers. The report focuses on the statutory and administrative waivers implemented during the pandemic, analyzing consequences, and providing recommendations on the future and potential reform of waiver eligibility. To read the announcement, click here.
- On September 16, 2020, Axios reported that the COVID-19 pandemic is taking a toll on children’s privacy. Individuals express concern about the use of student data, the level of teacher training to meet data privacy requirements, and the educational inequalities that enable affluent school districts to better deal with privacy and cybersecurity compliance. Click here to read the full report.
- On September 15, 2020, the State of Delaware launched its COVID-19 contract tracing application. COVID Alert DE is “an important tool [to] help fight community spread of this virus,” said Governor John Carney. To read Delaware’s announcement, click here.
- On September 15, 2020, it was reported that the U.S. Office of the National Coordinator and Office for Civil Rights had updated the Department of Health and Human Services Security Risk Assessment Tool (SRA). The tool is designed to “help healthcare providers conduct a security risk assessment as required by the HIPAA Security Rule and the Centers for Medicare and Medicaid Service (CMS) Electronic Health Record (EHR) Incentive Program.” While the tool was released in October 2018, the tool is now designed to be more user friendly. Version 3.2 of the SRA tool may be downloaded by clicking here.