Like most industries today, Consumer Finance Services businesses are being significantly impacted by the novel coronavirus (COVID-19). Troutman Pepper has developed a dedicated COVID-19 Resource Center to guide clients through this unprecedented global health challenge. We regularly update this site with COVID-19 news and developments, recommendations from leading health organizations, and tools that businesses can use free of charge.

To help you keep abreast of relevant activities, below find a breakdown of some of the biggest COVID-19 driven events at the federal and state levels to impact the Consumer Finance Services industry this past week:

Federal Activities

State Activities

Privacy and Cybersecurity Activities

Federal Activities:

  • On January 14, four House Republicans introduced legislation to “abolish” the Consumer Financial Protection Bureau (CFPB). Rep. Byron Donalds (R-FL) issued a press release, indicating Ted Cruz (R-TX) would sponsor the legislation in the Senate. For more information, click here.
  • On January 14, the CFPB announced it settled a lawsuit, alleging that the Taskforce on Federal Consumer Financial Law did not comply with the Federal Advisory Committee Act. For more information, click here.
  • On January 13, the CFPB released a bulletin, reminding debt collectors and credit bureaus of their legal obligations in light of the No Surprises Act, which protects consumers from certain unexpected medical bills. Companies that try to collect on medical bills prohibited by the No Surprises Act, or who furnish information to credit bureaus about such invalid debts, may face significant legal liability under the Fair Debt Collection Practices Act and the Fair Credit Reporting Act. The bulletin advises credit bureaus that the accuracy and dispute obligations apply to debts stemming from charges that exceed the amount permitted by the No Surprises Act. For more information, click here.
  • On January 13, a group of U.S. state banking regulators dropped a lawsuit, seeking to block the federal government from granting bank charters to fintech companies after the company that was first in line modified its business plan. For more information, click here.
  • On January 13, the Federal Trade Commission (FTC) settled charges against a business credit reporting company, arising from allegations that the company engaged in deceptive and unfair practices. The company agreed to an order, requiring substantial changes in its operations that would benefit small- and mid-sized businesses. Under the proposed order, the company also would provide refunds to certain businesses that purchased the company’s products in the belief that using the products would improve their business credit scores and ratings. For more information, click here.
  • On January 12, Congressman Tom Emmer (R-MN) introduced a bill, prohibiting the Federal Reserve from issuing a central bank digital currency (CBDC) directly to individuals. The bill contains a single amendment to the Federal Reserve Act, extending Section 13 to ban the Federal Reserve from offering products or services directly to an individual, maintaining an account on behalf of an individual, or issuing a CBDC directly to an individual. For more information, click here.
  • On January 11, the FTC issued a blog post to help consumers take advantage of the U.S. Department of Education’s decision to extend the pause on federal student loan payments. For more information, click here.
  • On January 10, the CFPB announced that it sued several debt-collection companies and their owners for illegal debt-collection practices. The CFPB alleges that the defendants placed consumer debt with, or sold consumer debt to, collection companies that used unlawful and deceptive collection tactics. The defendants knew, or should have known, the collection companies made false threats and false statements to consumers. For more information, click here.
  • On January 10, the Government Accountability Office (GAO) identified virtual currency kiosks as one reason driving an increase in the use of crypto payments to facilitate illegal activities, such as human and drug trafficking. According to the report, virtual currency kiosks are less regulated than crypto exchanges, and transactions are more difficult to trace. The GAO believes the Internal Revenue Service (IRS) and the Financial Crimes Enforcement Network (FinCEN) should do more to regulate crypto automated teller machines (ATMs), and its report indicates the agencies agreed with its two recommendations to tighten crypto ATM regulations. For more information, click here.
  • On January 10, the FTC issued an alert about a new cryptocurrency payment scam involving impersonators convincing consumers to send money obtained from a cryptocurrency ATM via a quick response code. For more information, click here.

State Activities:

  • On January 13, one of the nation’s largest student loan servicers entered into a $1.85 billion settlement agreement with a coalition of 39 attorneys general. New York Attorney General Leticia James stated that the servicer “deceived thousands of student loan borrowers into costly, long-term, forbearance plans, causing students to pay more than they should have.” Under the terms of the agreement, the servicer would cancel $1.7 billion in subprime, private student loan balances — with an additional $95 million in restitution payments to borrowers and $142.5 paid to the states. For more information, click here.
  • On January 10, New York Attorney General Letitia James issued a consumer alert to warn New York homeowners about deceptive practices related to the Homeowner Assistance Fund (HAF). According to the alert, the “HAF is a federally funded program designed to assist homeowners who are experiencing financial hardship due to the coronavirus disease 2019 (COVID-19) pandemic,” with New York state receiving approximately $540 million in HAF funding. Attorney General James warned homeowners against scams that request upfront HAF application fees or fees for upfront mortgage assistance. For more information, click here.
  • On January 10, California Attorney General Rob Bonta urged the Federal Communications Commission (FCC) to take action to prevent a “flood of illegal foreign-based robocalls that ‘spoof’ U.S. phone numbers by imposing additional obligations on the U.S.-based telecom companies that first receive such calls.” According to the attorney general’s press release, the FCC attributes “the majority of robocall scams are perpetuated by foreign actors who gain access to the U.S. phone network through ‘gateway providers.'” Attorney General Bonta urged the FCC to implement caller ID frameworks that detect and block robocalls with spoofed caller IDs. For more information, click here.
  • On January 10, New York State Assemblywoman Rodneyse Bichotte Hermelyn introduced a bill that would ban debt collectors from attempting to collect debts using social media platforms, which is in contradiction with the CFPB’s Regulation F. Under the bill, collectors would be prohibited from joining or requesting to join a consumer’s social media network or communicating or attempting to communicate with a debtor using a social media platform for the purpose of collecting or attempting to collect a debt owed by such debtor. For more information, click here.

Privacy and Cybersecurity Activities:

  • On January 13, the U.S. Chamber of Commerce sent a letter to Congress, urging members to pass a federal privacy legislation. The letter was signed by various groups, local affiliates of the chamber, and others. The letter urges a “comprehensive privacy legislation” to avoid a patchwork of state laws. To read the letter, click here.
  • On January 13, U.S. Senators Bill Cassidy (R-LA) and Ben Ray Luján (D-NM) joined U.S. Representative Lori Trahan (D-MA-03) in introducing the Terms-of-Service Labeling, Design, and Readability (TLDR) Act, which would require commercial websites and mobile apps to create a simple and readability summary of their terms-of-service agreements. To read the press release, click here.
  • On January 13, the Brookings Institute released a study on how COVID-19 has impacted internet users’ privacy. This report examined websites between April 9 and August 27, 2020, and it noted that third-party data sharing “increased with internet use as the pandemic progressed and users relied more on online alternatives.” However, websites “that asked for permission before placing cookies on users’ browsers have been shown to reduce their third parties over time as their traffic surged over the pandemic.” To read the press release and report, click here.
  • On January 10, Massachusetts released a “much-anticipated” digital vaccine card through a system called SMART Health Card — a system already used in California, Connecticut, and New York, among other states. To read about the release, click here. For further Troutman Pepper analysis on digital vaccine records, click here.
  • On January 7, Florida State Senator Jennifer Bradley reintroduced the Florida Privacy Protection Act, a comprehensive privacy bill that previously failed in the Florida Senate last year. The bill would create affirmative obligations on companies that collect consumer personal information and provide consumers with certain rights. To view the bill, click here.
  • On January 10, Indiana State Representative Carey Hamilton introduced a comprehensive privacy bill that would require businesses to disclose certain information to consumers, allow consumers to request information from businesses, and assign enforcement of consumer privacy to the Indiana division of consumer protection. To view the bill, click here.
  • On January 10, Washington State Senator Reuven Carlyle reintroduced the Washington Privacy Act for a fourth consecutive session, along with companion bill Senate Bill 5813. The senate bill includes provisions on children’s privacy, data brokers, and the Global Privacy Control. To view the bill, click here.
  • On January 7, House Representative Vandana Slatter introduced a separate Washington state privacy bill, which would “establish mechanisms for consumers to exercise control over their data; and requires companies to be responsible custodians of data as technological innovations emerge.” To view the bill, click here.