Page 36 - GIADA-Oct 2017-Final
P. 36
THE CARLAWYER
The CARLAWYER ©
By Thomas B. Hudson and Nicole F. Munro
Here’s our monthly article on legal cars on credit) to deliver privacy notices to With respect to the FDCPA, the CFPB warns
developments in the auto sales, finance and customers. The FTC alleged that TaxSlayer that a person who meets the definition of
lease world. This month, we’re covering violated the Safeguards Rule by failing to “debt collector” must ensure that phone pay
actions of the Consumer Financial develop a written comprehensive security fees are either expressly authorized by the
Protection Bureau, the Federal Trade program until November 2015, to conduct agreement creating the debt or permitted by
Commission and Congress. As usual, this a risk assessment to identify reasonably law in order to avoid violating Section 808(1)
month’s article features our “Case of the foreseeable internal and external risks to of the FDCPA. The CFPB also expressed
Month” as well as several CFPB actions. security, and to implement information concern that employee and service provider
Why do we include items from other states? security safeguards that would help prevent production incentive programs could create
We want to show you legal developments a cyberattack. incentives to steer borrowers to more costly
and trends. Also, another state’s laws might payment options or to avoid disclosures,
be a lot like your state’s laws. If attorneys The FTC also alleged that the company resulting in a UDAAP.
general or plaintiffs’ lawyers are pursuing violated the Privacy Rule by failing to
particular types of claims in other states, provide its customers with a clear and The CFPB expects companies to review
those claims might soon appear in your conspicuous initial privacy notice and their practices in connection with phone pay
state. to deliver it in a way that ensured that fees to assess potential risk of committing
customers received it. The FTC alleged UDAAPs or violating the FDCPA. The
Note that this column does not offer legal that malicious hackers were able to gain full CFPB suggests that companies consider
advice. Always check with your lawyer to access to nearly 9,000 TaxSlayer accounts doing the following:
learn how what we report might apply to between October 2015 and December • review applicable state and federal
you, or if you have questions. 2015. According to the FTC’s complaint, laws, including the FDCPA, to confirm
the hackers used the information they whether entities are permitted to
This Month’s CARLAWYER© accessed to engage in tax identity theft, charge phone pay fees;
Compliance Tip which allowed them to obtain tax refunds • review underlying debt agreements
by filing fraudulent tax returns. to determine whether such fees are
State attorneys general have targeted car authorized by the contract;
dealers in a number of recent, highly- Guidance on Phone-Pay Fees. On July 31, • review internal and service providers’
publicized enforcement actions. Has the CFPB issued Compliance Bulletin 2017- policies and procedures on phone
the AG in your state been active? How 01: Phone Pay Fees, warning that certain pay fees, including call scripts and
can you find out? That’s easy – just task practices with respect to phone pay fees employee training materials, and revise
your compliance officer with the chore of could result in violating the Dodd-Frank policies and procedures to address any
checking the AG’s website weekly, looking Act’s prohibition against unfair, deceptive, concerns identified during the review,
over the previous week’s press releases, and or abusive acts or practices (UDAAP) as appropriate;
reporting to top management what he or or violating the Fair Debt Collection • review whether information on
she finds. If your AG’s going after dealers, Practices Act. The CFPB identified the phone pay fees is shared in account
those press releases will tell you so, and following conduct that presents the risk of disclosures, loan agreements, periodic
will identify the sorts of conduct the AG is constituting a UDAAP: statements, payment coupon books, on
challenging. • failing to disclose the prices of all the company’s website, over the phone,
available phone pay fees when different or through other mechanisms;
Federal Developments phone pay options carry materially • incorporate pay-by-phone issues in
different fees; regular monitoring or audits of calls
FTC Moves on the Privacy Front. On • misrepresenting the available payment with consumers;
August 29, the FTC announced that options or that a fee is required to pay • review consumer complaints regarding
TaxSlayer, LLC, an online tax preparation by phone; phone pay fees;
service, agreed to settle charges that it • failing to disclose that a phone pay • perform regular reviews of service
violated the Gramm-Leach-Bliley Act’s fee would be added to a consumer’s providers as to their pertinent
Safeguards Rule, which requires financial payment, creating the misimpression practices; and
institutions to implement safeguards to that there was no service fee; and • review that the entity has a corrective
protect the security, confidentiality, and • lack of employee monitoring or service action program to address any
integrity of customer information, and provider oversight, which may lead violations identified and to reimburse
the Privacy Rule, which requires financial to misrepresentations or failure to consumers when appropriate.
institutions (this includes car dealers selling disclose available options and fees. Continued on page 36
34 | GIADA Independent Auto Dealer OCTOBER 2017
