BCFP Revitalizes Efforts to Enact FDCPA Regulation

BCFP Revitalizes Efforts to Enact FDCPA Regulation On October 17, 2018, the Bureau of Consumer Financial Protection (BCFP), formerly known as the CFPB, announced that it plans to issue a Notice of Proposed Rulemaking (NPRM) for the Fair Debt Collection Practices Act (FDCPA) by March 2019. The NPRM will address “how to apply the 40-year old [FDCPA] to modern collection processes,” including communication practices and consumer disclosure requirements.

The Highlights

The Dodd-Frank Act granted the BCFP authority to prescribe rules that are necessary to carry out and administer the purposes and objectives of federal consumer financial laws, including the FDCPA. The BCFP has been working on FDCPA rules for a number of years. In 2016, the BCFP went so far as to issue an outline of proposed debt collection rules and convened a panel pursuant to the Small Business Regulatory Enforcement Fairness Act. However, the BCFP’s change in leadership delayed further progress on the rules until now.

The first quarter 2019 NPRM will pick up where the BCFP left off in 2016 and is the next step towards issuing final rules. The NPRM will likely contain the following sections:

Background Section – Provides information about the relevant markets and other applicable legal requirements;
Section-By-Section Analysis – Provides an analysis of the proposed regulatory text and official commentary;
Proposed Impact Analysis – Assesses the benefits and costs to affected consumers and companies; and
Proposed Regulatory Text and Official Commentary – Provides the proposed regulatory text and official commentary.

The public, including affected companies and industry groups, will then have a period of time, usually 60 to 90 days, to provide feedback and comments. Once the comment period is closed, the BCFP will review all comments, make revisions to the proposed regulatory text and official commentary as it deems appropriate, and issue final rules.

Impacted Industries

These rules will likely impact anyone currently subject to the FDCPA, including debt collection companies, debt purchasers, debt sellers, small dollar lenders, mortgage servicers, credit card companies, student loan servicers, and auto finance companies.

What It Means

All consumer finance companies currently subject to the FDCPA should carefully follow the development of these rules. The FDCPA, which is in many ways a vague statute, has been largely unchanged since it was enacted over 40 years ago. In the absence of regulations, courts have been largely responsible for clarifying statutory ambiguity and determining how the FDCPA applies to new technologies, often resulting in differing opinions across different jurisdictions. The absence of binding regulations has created a landscape full of ambiguity and litigation risk. The BCFP’s rules will bring more clarity to the interpretation of the FDCPA. Additional clarity should allow companies to significantly reduce FDCPA litigation risk. However, additional clarity will also require companies to invest significant resources towards complying with the new rules.

O Canada! What Canada’s Nationwide Legalization of Cannabis Means for American Financial Institutions

By Whitt Steineker, James W. Wright Jr. and Riley McDaniel on October 17, 2018 Posted in Anti-Money Laundering, Broker-Dealer, Commercial Lending, FFIEC, FinCEN, OFAC, SEC

O Canada! What Canada’s Nationwide Legalization of Cannabis Means for American Financial Institutions Today marks a significant shift in cannabis policy, both domestically and internationally, as Canada becomes the first industrialized nation in the world, and only the second nation overall, to legalize cannabis. This follows the passage of The Cannabis Act in June of this year, which legalized cannabis at all levels of government.

With this blessing from the highest level of the Canadian government, Canada’s legal-cannabis industry is expected to grow to $7.2 billion by 2019. Combined with the $21 billion in sales expected in 2021 in the United States in states where cannabis has been permitted under state law, this presents a lucrative and growing North American market for cannabis. Fueled by the desire to enter the largely untapped legal-cannabis market and hungry for capital, cannabis companies have begun listing on stock exchanges in both Canada and the United States. Several major players in the Canadian cannabis industry have up-listed to United States exchanges. In the last eight months alone, Canopy Growth, the largest Canadian cannabis company, up-listed to the New York Stock Exchange, Cronos up-listed to the NASDAQ, and Tilray became the first cannabis IPO on a United States exchange. Following the lead of these companies, Aurora Cannabis officially filed to list on the New York Stock Exchange just last week.

Alternatively, because United States exchanges refuse to list companies that violate United States federal law, United States cannabis-related businesses have looked north. The Canadian Securities Exchange, in particular, has become a haven for United States cannabis businesses seeking to raise capital but unable to list on the major United States exchanges. Prominent United States cannabis businesses Acreage Holdings – backed by former Speaker of the House John Boehner – and LivWell have announced plans to follow in the footsteps of MedMen and list on the Canadian Securities Exchange this fall.

These developments raise issues for American financial institutions providing, or seeking to provide, services for cannabis businesses from both nations. The federal prohibition on cannabis in the United States still looms large for financial institutions. As discussed in a recent post in this series, many financial institutions have chosen to avoid working with cannabis-related businesses altogether rather than navigate the compliance and reporting requirements associated with these businesses.

With the legalization of cannabis at all levels of Canadian government, the trend of Canadian cannabis businesses listing on United States exchanges likely will continue, adding more complexity and uncertainty to an already murky landscape. And while the official legalization of cannabis in Canada is a significant development in the growing trend of loosening cannabis laws here and abroad, it also presents a risk to both American investors and financial institutions transacting with these businesses. Anyone investing in or transacting with companies listed on either country’s exchanges should also carefully consider the legal and financial risk those relationships may carry. In particular, investors and financial services providers should note that whether the proceeds of a cannabis-related business originate in Canada or the United States may determine whether criminal liability or compliance obligations under American law attaches to those proceeds. While the cannabis industry in Canada and elsewhere celebrates this landmark legislation, American companies investing in or providing financial services to cannabis-related businesses should take a fresh look at their compliance programs to ensure consistency with the most recent rules and guidance in this rapidly evolving space.

Eleventh Circuit Rules Reverse Mortgage Companies Not Prohibited from Foreclosing on Non-Borrowing Spouses

By James W. Wright Jr. and Lance W. Waters on October 15, 2018 Posted in FHA, HUD, Litigation Developments, Loan Acceleration, Mortgage Servicing, Reverse Mortgage

Eleventh Circuit Rules Reverse Mortgage Companies Not Prohibited from Foreclosing on Non-Borrowing Spouses Mortgagees of Home Equity Conversion Mortgages (“HECMs,” more commonly known as reverse mortgages) obtained a significant victory in an important federal appellate court, which ruled last month that non-borrowing spouses are not protected from foreclosure by the statute authorizing the HECM program. In Estate of Jones v. Live Well Financial, Inc., the United States Court of Appeals for the Eleventh Circuit concluded that 12 U.S.C. § 1715z-20(j)’s safeguards do not limit a mortgagee’s “right to foreclose under the terms of its valid mortgage contract.” The Eleventh Circuit decision represents a significant development since the United States District Court for the District of Columbia determined in Bennett v. Donovan that HUD violated Section 1715z–20(j) by insuring reverse mortgages that permitted the loan obligations to come due upon the borrower’s death regardless of whether the non-borrowing spouse was still alive.

In 2014, Caldwell Jones acquired a reverse mortgage that was secured by his Stockbridge, Georgia, home and covered by HUD’s mortgage insurance program. Jones shared the home with his wife and daughter, though Jones was named the sole “borrower” under the security deed. Jones died in 2014. The assignee, Live Well Financial, Inc. (“Live Well”), subsequently initiated foreclosure proceedings. Jones’ wife, Vanessa Jones, petitioned for injunctive relief to prevent the foreclosure sale. The petition asserted that Section 1715z-20(j) prohibited Live Well from foreclosing while Vanessa Jones resided in the home. The Superior Court of Henry County, Georgia, enjoined the foreclosure sale proceedings, Live Well removed the case to federal court, and the district court granted Live Well’s motion to dismiss.

On appeal, Vanessa Jones and the Estate of Caldwell Jones argued that the district court’s dismissal violated Congress’s intent in Section 1715z-20(j) to “protect the non-borrowing surviving spouse of a [r]everse [m]ortgage [b]orrower from displacement from their residential home.” Section 1715z-20(j) provides, in excerpted part, that:

The Secretary may not insure a [HECM] under this section unless such mortgage provides that the homeowner’s obligation to satisfy the loan obligation is deferred until the homeowner’s death, the sale of the home, or the occurrence of other events specified in regulations of the Secretary. For purposes of this subsection, the term “homeowner” includes the spouse of a homeowner.

12 U.S.C. § 1715z-20(j) (emphasis added).

The court agreed that Section 1715z-20(j) reflected an intent to “safeguard widowed spouses like Vanessa” by including the spouse of a homeowner in its definition of “homeowner.” However, Judge Newsom reasoned: “[Section] 1715z-20(j)’s plain language applies only to HUD and speaks only to what the Secretary can and cannot do . . . . Section 1715z-20(j) says nothing about private contractual obligations one way or the other, and thus cannot be read to alter or affect the enforceability of the mortgage contract or its terms.” As with all standard HECMs, the mortgage at issue in Estate of Jones deferred foreclosure following a borrower’s death “only as long as a ‘surviving Borrower’ still lives in the mortgaged property.” Vanessa Jones was not designated a “borrower” under the mortgage contract. Thus, the Eleventh Circuit affirmed the district court’s dismissal, and Live Well’s “private contractual right” to demand payment.

The Eleventh Circuit’s jurisdiction over federal cases originating in Florida, a state of particular relevance to the reverse mortgage industry due to the number of HECM loans in the state, highlights the significance of Estate of Jones. Without deciding whether HUD should have insured the mortgage at issue, the Eleventh Circuit in Estate of Jones joins the Fifth Circuit’s unpublished Jeansonne v. Generation Mortgage Co. decision in rejecting the argument that Section 1715z–20(j) precludes a mortgagee’s contractual “right to foreclose under the terms” of a valid mortgage contract. In addition to Florida’s Third District Court of Appeal opinion in OneWest Bank, FSB v. Palmero, Estate of Jones should help reduce litigation against foreclosing HECM mortgagees where a surviving spouse is not a “borrower” under the mortgage contract.

HUD OIG Report Could be Precursor to Increased Partial Claim Reimbursement Demands

By James W. Wright Jr. and Ryan R. Priddy on October 11, 2018 Posted in Compliance, Federal Agencies, FHA, HUD, HUD Requirements, Loan Modification, Loss Mitigation, Mortgage Servicing, Regulatory Supervision

HUD OIG Report Could be Precursor to Increased Partial Claim Reimbursement Demands On September 21, 2018, the Department of Housing and Urban Development (“HUD”)’s Office of Inspector General (“OIG”) completed a review of HUD’s partial claims program. In many ways, the title of the OIG audit report, “HUD Did Not Have Adequate Controls To Ensure That Partial Claim Notes for FHA Loans Were Properly Tracked for Future Collection,” speaks for itself. As OIG reports typically drive process changes within HUD program offices, FHA mortgagees may need to brace for increased partial claim reimbursement demands, which typically total tens of thousands of dollars per loan.

A partial claim is a loss mitigation tool that allows lenders to advance funds on behalf of borrowers to reinstate a delinquent FHA-insured mortgage. The partial claim defers the repayment of mortgage principal through an interest-free subordinate mortgage that is not due until the first mortgage is paid off. HUD has strict guidelines requiring lenders to provide HUD with partial claims notes and mortgages within specific timeframes; failure to comply with those guidelines results in the lender being required to reimburse HUD for the total value of the partial claim plus the incentive fee (a “bonus” paid to the lender for each eligible loan that the lender enrolls in the partial claims program).

The OIG audited HUD’s partial claims program from January 1, 2013, until August 31, 2017, a timeframe that accounted for 407,984 partial claims totaling $11.7 billion. The OIG reviewed 695 of those partial claims at random and found that 421 (60.6%) contained deficiencies in the boarding process, i.e. entering the partial claims into HUD’s SMART system, and 394 (56.7%) contained deficiencies in HUD’s tracking of partial claims documents. For many of these deficient partial claims, the mortgage documents were either missing or had not been properly recorded before being sent to HUD.

In light of the error rate of tracking partial claim collateral documents, the OIG recommended that HUD reach out to lenders to obtain the missing documents or get them re-recorded, and also recommended that HUD require reimbursement for any loans for which the missing documents could not be obtained. The OIG report also recommended that HUD develop and implement additional controls to ensure these problems do not persist, meaning compliance by lenders will likely be under a microscope going forward.

In the last eighteen months, FHA mortgagees have seen an uptick in HUD making partial claim reimbursement demands from lenders that failed to strictly comply with HUD’s guidelines to timely provide HUD with the partial claims documents. This OIG report indicates that HUD will likely continue to aggressively pursue partial claims reimbursements from lenders who failed to comply with the guidelines, and may begin to pursue such reimbursements even more aggressively. In light of the report, FHA mortgagees would be well-advised to consider their potential liability and exposure from historic partial claim filings, ensure their current partial claims procedures strictly comply with HUD’s requirements, and consider all options when responding to a partial claim reimbursement demand from HUD.

Hold the Phone: Ninth Circuit Ruling Means Your Smartphone Is an Auto-Dialer

By Dylan C. Black on September 27, 2018 Posted in Class Actions, TCPA

Hold the Phone: Ninth Circuit Ruling Means Your Smartphone Is an Auto-Dialer Can your phone store telephone numbers and dial them? If so, it’s an “automatic telephone dialing system” under the Telephone Consumer Protection Act (TCPA), said the Ninth Circuit Court of Appeals last week. The opinion in Marks v. Crunch San Diego creates a circuit split on the issue and highlights the difficulty courts have in applying statutory language from a pre-smartphone world to the technological capacity of the devices that half of you are using right now to read these words.

The facts of Marks are simple enough: Marks received three promotional text messages from Crunch Fitness gym over an 11-month period. The messages were sent from a system called Textmunication, which can store telephone numbers and send text messages to stored numbers. Seeking to represent a class, Marks sued under the TCPA, which generally prohibits the use of an auto-dialer to send such promotional text messages without the recipient’s consent. Crunch moved for summary judgment, saying that the Textmunication system was not an auto-dialer because it did not have a random or sequential number generator, and was not configured in a way that would permit this capacity to be added. The district court granted Crunch’s motion.

The Ninth Circuit reversed after analyzing language in the TCPA that the panel found to be “ambiguous on its face.” That finding was important because, the Marks court explained, a court can use “canons of statutory construction, legislative history, and the statute’s overall purpose to illuminate Congress’s intent” if language is ambiguous. The TCPA provision at issue says that a device is an auto-dialer if it has “the capacity (A) to store or produce telephone numbers to be called, using a random or sequential number generator, and (B) to dial such numbers.” Guided by its analysis of the TCPA’s overall statutory scheme, the Marks court explained “that the statutory definition of [an auto-dialer] is not limited to devices with the capacity to call numbers produced by a ‘random or sequential number generator,’ but also includes devices with the capacity to dial stored numbers automatically.” Thus, the panel concluded, the TCPA says it’s an auto-dialer if a device can (A) store telephone numbers to be called, or (B) produce telephone numbers to be called, using a random or sequential number generator. In other words, if your phone can store telephone numbers and dial them automatically, it’s an auto-dialer.

Arriving at this conclusion required some grammatical gymnastics. In the Ninth Circuit’s formulation, the statutory phrase “to be called” modifies both telephone numbers that are stored and telephone numbers that are produced. So far, so good. But the statute has an additional limiting phrase after “to be called,” set off by a comma: “using a random or sequential number generator.” Unlike “to be called,” the Ninth Circuit applied this second limiting phrase to only one of the things that comes before it. In effect, the comma before “using” causes the phrase to jump over “telephone numbers to be called” and modify “produce,” but not “store” – even though “telephone numbers to be called” is the object of both “store” and “produce.” That is a lot of work for a comma to do!

For those doing business with customers in the states covered by the Ninth Circuit, the immediate significance of the Marks decision is to highlight how careful everyone must be before sending an unconsented-to text, including those of us who have phones that can store and dial telephone numbers. But for companies defending TCPA class actions in the Ninth Circuit, all is not necessarily lost. For example, if some of the calls or texts at issue were made without the auto-dialer functionality, consider raising a typicality defense. A text sent by a person typing numbers into a phone – even if the device fits the statutory definition of an auto-dialer – causes a different kind of harm than a text sent by a machine that sent thousands of texts at once, even if both communications technically violate the TCPA. Also, if the class is a putative (b)(3) class and the class definition includes calls or texts to reassigned numbers, consider challenging commonality or predominance: the reasonableness of the caller’s belief that it had consent to call or text likely must be determined on an individual basis.

The Marks decision also sets up a circuit split on the auto-dialer issue. Earlier this year, the D.C. Circuit in ACA, Int’l v. FCC struck down the 2015 FCC rule interpreting the TCPA, in part because of the rule’s expansive definition of auto-dialer. The D.C. Circuit warned that such a broad definition – which was pretty close to “can store telephone numbers and dial them” – would make “nearly every American … a TCPA-violator-in-waiting, if not a violator-in-fact” because “every uninvited communication from a smartphone infringes federal law.”

If the FCC engages in additional rulemaking on the auto-dialer issue, FCC Chairman Ajit Pai, who dissented from the 2015 rule on the same grounds articulated by the D.C. Circuit, will preside over the process.

Federal Appeals Court Holds that Landlord May Be Liable for Deliberate Indifference to Tenant-on-Tenant Discrimination

By A. Michelle Canter, Heather Howell Wright and Christopher K. Friedman on September 24, 2018 Posted in Fair Housing, HUD, Tenant Protection

Federal Appeals Court Holds that Landlord May Be Liable for Deliberate Indifference to Tenant-on-Tenant Discrimination The United States Court of Appeals for the Seventh Circuit recently addressed a matter of first impression regarding landlord liability under the Fair Housing Act (FHA): whether a landlord may be liable under the FHA for failing to address tenant-on-tenant discrimination. The court answered with a resounding “yes,” holding that the FHA creates liability where a landlord has actual notice of harassment based on protected status and chooses not to take reasonable steps within their power to stop the harassment. According to Lambda Legal, who brought the lawsuit, “the court has now put all landlords on notice that they have an obligation to take action to stop known harassment.” The effects of this decision will be felt nationwide and will certainly spark additional litigation against landlords and property-management companies.

Martha Wetzel moved into Glen Saint Andrew Living Community after Judy Kahn, her partner of 30 years, died. Wetzel’s tenancy at Glen Saint Andrew was governed by a lease agreement that guaranteed three meals served in a central location, access to the community room, and use of the laundry facilities. The agreement also conditioned Wetzel’s tenancy on refraining from “activity that [St. Andrew] determines unreasonably interferes with the peaceful use and enjoyment of the community by other tenants” or “a direct threat to the health and safety of other individuals.”

Wetzel alleges that she spoke openly to tenants and staff about her sexual orientation. According to Wetzel, she “was talking to the ladies and getting to know people, and they were talking about their children” when she volunteered that she raised a son with Judy Kahn. “They were shocked that I had a partner who was a woman . . . I could feel it.” According to the complaint, Wetzel’s fellow tenants responded with verbal and physical abuse. For instance, one resident “told Wetzel that he reveled in the memory of the Orlando massacre[,]” and another told her that “homosexuals will burn in hell.” One resident “rammed his walker into Wetzel’s scooter forcefully enough to knock her off a ramp,” and another “bashed her wheelchair into a dining table that Wetzel occupied, flipping the table on top of Wetzel.” In yet another instance, Wetzel was struck from behind hard enough to throw her from her scooter, causing her to suffer a “bump on her head and a black eye.”

Wetzel reported the abuse to Glen Saint Andrew’s staff, who “told Wetzel not to worry about the harassment, dismissed the conduct as accidental, denied Wetzel’s accounts, and branded her a liar.” Wetzel also alleged that Glen Saint Andrew took steps to retaliate against her by “relegate[ing] [her] to a less desirable dining room location . . . barr[ing] her from the lobby except to get coffee and halt[ing] her cleaning services, thus depriving her of access to areas specifically protected in the Agreement.” Glen Saint Andrew also purportedly accused her of smoking in her room and withheld the customary rent reminder in an apparent effort to manufacture a justification for her eviction. Ultimately, Wetzel filed a lawsuit against Glen Saint Andrew and several individual defendants, claiming that they violated the FHA by failing to “ensure a non-discriminatory living environment and retaliat[ing] against her for complaining about sex-based harassment.”

The defendants moved to dismiss, asserting that the FHA does not make a landlord liable for tenant-on-tenant harassment unless the landlord’s inaction was caused by discriminatory animus, and that – to the extent that Wetzel’s lawsuit relied on 42 U.S.C. § 3604(b) – this section does not apply to harassment claims brought by a tenant already occupying her home (post-acquisition harassment claims). The trial court agreed with the defendants and dismissed Wetzel’s claims. Wetzel appealed to the Seventh Circuit Court of Appeals.

Recognizing that the text of the FHA itself does not contain a test for landlord liability, the Seventh Circuit looked to Title VII, which governs employment discrimination, and Title IX, which governs discrimination in education. Under Title VII, an employer may be liable when its own negligence is the cause of prohibited harassment. Similarly, courts interpreting Title IX have held that school districts may be liable for student-on-student harassment when the district decides to remain idle even though it has actual knowledge of the harassment. The Seventh Circuit, therefore, reasoned that, because Title VII and IX are functionally equivalent to the FHA, the FHA must likewise allow liability for deliberate indifference to harassment: “Wetzel may be in [uncharted] territory . . . the Supreme Court’s interpretation of analogous anti-discrimination statutes satisfies us that her claim against St. Andrew is covered by the Act.”

The court also rejected Glen Saint Andrews’ arguments premised on Wetzel’s post-acquisition harassment claims. Specifically, the court recognized that 42 U.S.C. § 3604(b) protects individuals against discrimination in the “provision of services or facilities in connection” with the “terms, conditions, or privileges of sale or rental.” Here, the court held that Wetzel’s allegations that her fellow tenants’ harassment “impeded her from eating the meals she had paid for at the dining hall, visiting the lobby and other common spaces, and obtaining access to the laundry room” were sufficient to assert a post-acquisition claim because these actions deprived Wetzel of services and facilities to which she was entitled. The court also relied on the common law of property, which affords tenants the privilege of using the “totality of the rented premises.” Finally, the court rejected Glen Saint Andrews’ contention that Wetzel’s retaliation claim required allegations of discriminatory animus because, under well-settled law within the Seventh Circuit, the only claim under the FHA that requires intentional discrimination is an interference claim.

Although the Seventh Circuit’s admittedly “broad” reading of the FHA increases the risk of liability for landlords and property management companies, there are two important questions the Wetzel court left open that could limit the decision’s reach. First, while the court held that landlords are liable for deliberate indifference to tenant-on-tenant discrimination when they have actual notice, the court said nothing about constructive notice. On this issue, though, the U.S. Department of Housing and Urban Development (HUD) regulations hold landlords responsible for deliberate indifference when they “knew or should have known of the discrimination” See 24 C.F.R. § 100.7(a)(1)(iii) (emphasis added).

Second, the Wetzel case involves an assisted living facility that provides various services to its tenants, and where the staff has a heightened level of responsibility over tenants’ wellbeing. This fact made it easier for the court to draw a comparison to Title IX, which applies to educational institutions. It is not altogether clear how a court would apply this analysis to other types of facilities.

Nevertheless, landlords and property management companies would be well-served to review their policies relating to harassment complaints, and provide training sessions with staff members regarding both their internal policies and the requirements of the FHA.

Can You Hear Me Now? Important Considerations for Avoiding Penalties under the TCPA after ACA International

By J. Douglas Minor Jr. and Benjamin William Perry on September 20, 2018 Posted in Automobile Finance, Compliance, Consumer Protection Act, Credit Card, Debt Collection, Mortgage Servicing, Student Loan Servicing, TCPA

Can You Hear Me Now? Important Considerations for Avoiding Penalties under the TCPA after lACA Internationa In a previous blog post, we examined the “mixed bag” result of the D.C. Circuit Court of Appeals opinion in ACA International v. Federal Communications Commission. The ACA International decision narrowed the scope of potential liability for businesses under the Telephone Consumer Protection Act (TCPA) by striking down inconsistent and overly broad portions of the Federal Communications Commission’s (FCC) guidance regarding the definition of an automated telephone dialing system (ATDS). Prior FCC orders’ extraordinarily broad interpretation of an ATDS had the effect of encompassing smartphones within the provisions of the TCPA, resulting in potential liability for texts and phone calls from ordinary consumers. The D.C. Circuit’s decision to invalidate the FCC’s guidance without providing lower courts with a clearer ATDS definition has spawned confusion and uncertainty among district courts, and created more questions than answers.

After overturning several inconsistent portions of the prior FCC orders, the ACA International court acknowledged that numerous questions remain regarding the proper interpretation of the TCPA, including, among others:

Whether the definition of a “random or sequential number generator” includes a scenario where a business uses software to auto-dial from a list of phone numbers (known as “predictive dialers”), such as in the case of debt collectors, as opposed to generating random phone numbers;
Whether a predictive dialer would qualify as an ATDS in a scenario where a list of numbers is generated separately from a separate device and loaded into the predictive dialer; and
Whether a call must actually be made using the automated-dialing technology in order to trigger the TCPA, or whether the equipment must simply have the capacity to do so.

Only two federal appeals courts have issued opinions since ACA International was decided in March of this year. In King v. Time Warner Cable Inc., the Second Circuit Court of Appeals’ view of “capacity” under the TCPA focused on whether a dialing system has “the present capacity to function as an autodialer by generating random or sequential telephone numbers and dialing those numbers” without additional modifications, regardless of whether the auto-dialing capabilities were used for the offending call. The Third Circuit Court of Appeals reached a similar conclusion in Dominguez on Behalf of Himself v. Yahoo, Inc., concluding that courts should analyze the extent of modification necessary to obtain autodialing capabilities. Dominguez tracked the analysis in ACA International, in which the D.C. Circuit appeared to draw a distinction between a device that could obtain the ability to generate and dial random numbers based on “flipping of a switch” versus a “top-to-bottom reconstruction of the equipment.” This issue is one of the few for which ACA International provided specific guidance.

The meaning of the phrase “random or sequential number generator” and whether that applies to predictive dialers is not addressed in King. The Second Circuit explicitly left such “complicated questions” to be addressed by the district court upon remand. In Dominguez, meanwhile, the Third Circuit affirmed summary judgment in favor of the defendant on the basis that the defendant’s automated text messaging system did not qualify as an ATDS because it lacked the ability to generate and dial random or sequential numbers.

King and Dominguez serve as recent evidence that the TCPA continues to pose significant risks to unwary businesses in the aftermath of ACA International. The open questions contemplated by ACA International will likely result in continued uncertainty for the foreseeable future. In this environment, pertinent policies and procedures and dialing software capabilities must be continually reassessed to ensure their compliance with both evolving case law and future FCC guidance, including:

Automation – Businesses should consider available options for software that requires human intervention to dial consumers’ phone numbers and does not possess the capacity to generate random phone numbers, either currently or with slight modification.
Controls – Businesses should ensure that consumers’ cell phones are flagged to avoid auto-dialed and pre-recorded calls to their cell phones. It is important to note that companies can still be held liable for calls to consumers’ home phones if the consumer is charged for the call (known as the TCPA’s “call-charged provision”).
Consent – Consent is an absolute defense, and the status of the consumers’ consent to receive phone calls should be monitored at all times. The ACA International decision reinforced that consumers can revoke consent “through any reasonable means” expressing a desire to cease communications, which presumably includes oral revocation but involves a “totality of the facts and circumstances” analysis. If the consumer revokes his/her consent, businesses should terminate auto-dialed and pre-recorded messages to that consumer immediately. In most jurisdictions, written consent can be established through a business relationship in which the consumer provides his/her cell phone number in conjunction with that relationship.

A proactive compliance approach is the best defense against the potentially calamitous consequences of failing to promptly respond and adapt to the shifting TCPA landscape.

ICO and Cryptocurrency Enforcement Update

By Steve Snyder on September 14, 2018 Posted in Blockchain, Digital Currency / Cryptocurrency, SEC

ICO and Cryptocurrency Enforcement Update September 11, 2018, was a big day for Initial Coin Offering (ICO) and crypto-related enforcement activity. In the Eastern District of New York, Judge Raymond Dearie issued an order neglecting to dismiss an indictment against Maksim Zaslavskiy for securities fraud relating to Zaslavisky’s involvement with an ICO for “REcoin” and another referred to as “Diamond.” This case originated with a civil complaint filed almost a year ago in September 2017, which was stayed pending the criminal case filed in January 2018. Meanwhile, FINRA filed a complaint against Timothy Ayre for “attempt[ing] to attract public investment in his worthless public company, ‘Rocky Mountain Ayre,’” which purportedly touted “the first minable coin backed by marketable securities.” And rounding it out, the SEC issued back-to-back orders regarding the resolution of enforcement actions against TokenLot LLC and Crypto Asset Management LP. The following is a brief summary of each of these developments.

Zaslavskiy – 17CR147 (E.D.N.Y.)

Summary: The defendant was indicted for securities fraud and conspiracy to commit securities fraud in relation to both REcoin and Diamond. Defendant brought a motion to dismiss alleging that REcoin and Diamond did not involve securities and that the securities laws are unconstitutionally vague as applied.

Detail: REcoin was purportedly a cryptocurrency backed by real estate holdings, and Diamond was purportedly backed by diamonds. The court’s order contained two separate analyses relating to the defendant’s conduct, with the court noting that the “Indictment charges a straightforward scam.” This characterization presumably relates to the allegation that despite the names and representations, defendant never purchased any real estate or diamonds to back the purported cryptocurrencies. The court first analyzed whether a reasonable jury could find that REcoin and Diamond were investment contracts. In concluding yes, the court was careful to note that the ultimate question of whether REcoin and Diamond were investment contracts was a fact-specific question left to the ultimate fact-finder. Nevertheless, the court analyzed them with the Howey analysis (see Howey, 328 U.S. 293 (1946)). The court found that a reasonable jury could conclude for both REcoin and Diamond that (1) investors invested money, (2) in a common enterprise, and (3) the investors expected profits solely from the managerial efforts of defendant and his co-conspirators.

A second analysis focused on the question of whether U.S. securities laws are unconstitutionally vague as applied to defendant’s conduct. The court notes that the defendant attempted to frame the question as whether the laws were vague when applied to cryptocurrencies, but the court declined to opine so broadly, limiting its analysis to defendants’ conduct without apparently reaching the question of whether REcoin or Diamond were properly classified as cryptocurrencies. In its analysis the dourt found that the defendant failed to demonstrate that a person of ordinary intelligence would not have had sufficient notice that the charged conduct was proscribed. This is perhaps the most interesting aspect of the ruling as it cites Howey as making “it reasonably clear at the relevant time that [the charged] conduct was criminal.” In supporting that conclusion the court cited established case law delineating the meaning of “investment contract.” However, the court also noted some guidance relating to cryptocurrency, citing an SEC Report from late July 2017, a Wall Street Journal article from January 2018, and a public SEC statement from December 2017. Defendant’s purportedly criminal conduct started in January 2017 and ended in October 2017, a few months after the SEC report and before the other materials cited. Also, the quote from the January 2018 Wall Street Journal article that the court includes in a parenthetical merely says “some products that are labeled as virtual currencies have characteristics that make them securities.” The mentions of cryptocurrency leave some room for additional guidance as it is unclear if the court would view REcoin or Diamond as improperly labeled cryptocurrencies, or whether they were properly labeled cryptocurrencies and nevertheless securities. Instead, the court seems to consider the question of whether REcoin or Diamond were properly labeled cryptocurrencies as moot because they were schemes, as alleged, which “fall within the ordinary concept of a security.”

Conclusion: The court denied the motion to dismiss, and the case will proceed to trial.

FINRA – Timothy Tilton Ayre (CRD No. 2091556)

Summary: According to the complaint, Ayre made material omissions and false statements regarding his “worthless public company, Rocky Mountain Ayre, Inc.” (RMTN) in violation of the Exchange Act and FINRA Rule 2020. Ayre subsequently is alleged to have acquired rights to a digital token “HempCoin” and packaged it as a security offering. FINRA further alleges he did not file a registration with the SEC, and no sales were exempt from registration. He also is alleged to have sold convertible debt in RMTN without registering the sale. These offers and sales of unregistered securities violated the Securities Act and FINRA Rule 2010 according to the allegation. FINRA claims jurisdiction over Ayre due to his prior registration as a broker-dealer.

Detail: Ayre’s case has some interesting aspects as outlined in the following allegations from the complaint. RMTN was traded over the counter and quoted on OTCM’s Pink Market. RMTN was a rebrand of Ayre’s company ATI, which was a holding company that owned a bistro at the time of the change. The complaint cites the HempCoin website and the statement “Hemp coin is the First Minable Coin Backed by Marketable Securities,” saying it “made clear that the cryptocurrency was a security.” The “Marketable Securities” referred to in the HempCoin statement are shares in “RMTN,” and presumably the conclusion in the statement that HempCoin was a security is predicated on Ayre saying it was “backed” by RMTN. This is echoed in a later section relating to the cause of action for unlawful sales of an unregistered security, where the complaint affirmatively states that “Ayre created a security when he purchased the rights to HempCoin and ‘backed’ the cryptocurrency with shares of RMTN. . . .” The complaint also describes a litany of improper actions purportedly taken by Ayer unrelated to whether HempCoin is a security. Ayer is alleged to have made material misstatements and omissions in public filings about RMTN, including misstatements about the business itself (that it was acquiring “fast-growing food and hospitality and, manufacturing and retail businesses”), failure to disclose the terms of the HempCoin Asset Purchase Agreement, and inflating the company’s disclosed assets.

Relief Requested: The complaint seeks a finding that the respondent willfully violated the Exchange Act in making material misrepresentations and omissions, violated FINRA Rule 2010 with negligent misrepresentations, and violated the Securities Act for the offer and sale of unregistered securities and for making private security transactions.

SEC – TokenLot LLC (33-10543)

Summary: Respondents acted as unregistered broker-dealers by operating a website allowing investors to buy digital tokens such as Bitcoin, Ether, and others (secondary sales), and by facilitating investment in nine ICOs.

Resolution: Respondents consent to cease-and-desist, agree to “develop and execute a plan to refund ICO’s proceeds,” “refund[] investors’ payments for certain secondary market sales,” pay approximately $500,000 to the SEC in disgorgement, and are barred from association with any broker, dealer, etc.

SEC – Crypto Asset Management, LP (CAM) (33-10544)

Summary: Respondents formed CAM for the purpose of managing Crypto Asset Fund, LLC (CAF), a pooled investment vehicle investing in digital assets. CAM violated the Securities Act through unregistered sales of securities through interstate commerce, unregistered sale of interest in an investment company, and obtaining money by means of untrue statement of material fact or omission. The latter was predicated on CAM’s statement that CAF was the “first regulated crypto asset fund in the United States.” CAM remediated by making a rescission offering, disclosing prior misstatements, and began offering securities pursuant to Regulation D Rule 506(c) exemption from registration.

Resolution: Respondents were censured and order to pay a penalty in the amount of $200,000 to the SEC.

CalCoPA – Does It Apply to Your Organization?

By Steve Snyder and Erin Jane Illman on September 5, 2018 Posted in Compliance, Cybersecurity, Data Privacy, State Law Developments

As discussed in Part 1, the California Consumer Privacy Act of 2018 (CalCoPA) is a game-changing privacy act that sets a new bar for consumer privacy rights in the U.S. The primary reason it differs from existing legislation is that it goes beyond merely having to provide assurances or notices and requires organizations to be prepared to respond to individual requests with disclosures regarding consumers’ data collection and use.

The Act was Amended last week to add some explicit preemptions and to extent the timetable for the California Attorney General to promulgate rules and procedures governing opt-out to the sale of personal information and for making and responding to the requests for disclosures discussed below, among other things. It is likely that CalCoPA will be amended again, but nevertheless organizations should not delay in considering its impact. Although the act references January 1, 2020, affected organizations should start considering its implications as soon as possible. January 1, 2020, is the date that consumers can “request a business to disclose the categories and specific pieces of personal information that it collects about the consumer, the categories of sources from which that information is collected, the business purposes for collecting or selling the information, and the categories of 3rd parties with which the information is shared.” An important point is that those disclosures must cover the preceding 12 months. In other words, as of January 1, 2019, affected organizations must have made what could be significant changes to the way they process and track data to insure they can comply with the disclosure requirements.

At a high level the disclosures will have to cover essentially all the details as to what information is collected from and about a consumer for the preceding 12 months, as well as essentially all the details as to what information about a consumer was sold to other entities in the preceding 12 months. We will not get into the specifics on those disclosures here, because we first need to address the critical threshold question that you should be asking—will my organization be subject to CalCoPA?

Figure 1 shows a quick reference flow chart to tell if your organization is subject to CalCoPA. Although the decision points are fairly straightforward, some elaboration is necessary.

The first point of note is that CalCoPA only applies to entities operated for “profit or financial benefit” of owners or shareholders. If your organization fits that description you have to consider whether you collect personal information about California residents and do business in California. Although the act uses the term “consumer” throughout, it defines consumer to mean California resident. However, the location of the consumer during the collection is not limited so if you collect personal information from a California resident in any context it could be applicable.

While the precise delineation of “doing business in California” is not provided, there are other California regulations that have provided a definition. One that may be a good reference point is from the California Corporations Code that defines “doing business” as “transact[ing] intrastate business,” which is further specified as “entering into repeated and successive transactions of its business in [California].” Given that CalCoPA is a privacy law, one might expect the protection to be broadly construed such that this doing business requirement may not provide much limitation. California could construe this act’s “doing business” to mean not much more than entering into transactions where a California consumer’s personal information is obtained and where the transaction involves either the consumer, the organization, or possibly some other aspect of the transaction physically located in California. An example of a situation that is likely safely excluded is if the organization only interacts with California consumers in a physical location outside of California, such as a brick and mortar store in another state. However, such a store that then ships store purchases to residents back in California may be in a gray area until further guidance is available.

If your organization does (or may) collect California residents’ personal information and does business in California, CalCoPA will only apply if one or more of three thresholds are met: your organization (1.) has reasonably large annual revenue (>$25,000,000), (2.) processes (receives, buys, sells, shares) personal information for over 50,000 consumers annually, or (3.) derives over half of its revenue from selling consumers’ personal information. Keep in mind that “consumer” here is still limited to California residents. So the first category relates to the size of the company only, while the other two relate to how much California consumer information the company handles on a gross and relative scale, respectively.

One important twist involves the second threshold, which in full states: “(B) Alone or in combination, annually buys, receives for the business’ commercial purposes, sells, or shares for commercial purposes, alone or in combination, the personal information of 50,000 or more consumers, households, or devices.” Unpacking the definitions of personal information, which includes a large number of categories including identifiers such as Internet Protocol (IP) addresses, and the defintion of “device,” which is “any physical device capable of connecting to the Internet,” suggests this threshold should be studied carefully as it may be the lowest bar for many companies. The full list of categories of personal information are listed below, but consider that merely collecting the IP address of separate devices could make this threshold fairly easy to meet.

Organizations should quickly get a handle on whether CalCoPA will apply to them, or if it may in the future in view of evolving business developments. If so, they should begin to make the changes necessary to insure the ability to comply with the requests for records starting on January 1, 2019.

DEFINITION OF PERSONAL INFORMATION:

(1) “Personal information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information includes, but is not limited to, the following:

(A) Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.

(B) Any categories of personal information described in subdivision (e) of Section 1798.80.

(D) Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

(E) Biometric information.

(F) Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.

(G) Geolocation data.

(H) Audio, electronic, visual, thermal, olfactory, or similar information.

(I) Professional or employment-related information.

(J) Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99).

(K) Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

HUD and DOJ Challenge Facebook’s Advertising Platforms under the Fair Housing Act

By A. Michelle Canter, Heather Howell Wright and Christopher K. Friedman on September 4, 2018 Posted in Fair Lending, FinTech, HUD

HUD and DOJ Challenge Facebook’s Advertising Platforms under the Fair Housing Act The U.S. Department of Housing and Urban Development (HUD) has filed an administrative complaint against Facebook alleging discriminatory advertising in violation of the Fair Housing Act (FHA). HUD alleges that housing advertisers can use Facebook’s advertising tools and algorithms to exclude applicants based on protected categories such as race, sex, or national origin. Four days after the HUD complaint was filed, the U.S. Attorney for the Southern District of New York filed a Statement of Interest in support of a separate federal lawsuit in which the National Fair Housing Alliance (NFHA) alleges Facebook allows housing advertisers to discriminate against certain protected classes. The NHFA litigation, as well as the actions of HUD and the Justice Department, could have far-reaching implications for financial institutions, lenders, real-estate brokers, property managers, and any other organization advertising real estate over social media. Moreover, these filings signal that HUD and the Justice Department will not be shy about applying Title VIII protections to emerging technologies, such as big data.

In 2016, ProPublica issued a report claiming that housing advertisers could use Facebook’s advertising platforms to exclude users based on protected categories. Following this report, NFHA, a non-profit dedicated to eliminating housing discrimination, began its own investigation of Facebook’s advertising platform. Two years later, NFHA and three other public interest groups filed a complaint in the United States District Court for the Southern District of New York alleging that Facebook’s advertising platform violated the FHA and the New York City Human Rights Law.

The NFHA lawsuit targets housing advertisers’ ability to “exclude” or “include” certain categories of users while using Facebook’s advertising tools. For instance, plaintiffs allege that in 2016, NFHA created an advertisement for a fictitious apartment using Facebook’s “Ad Manager” platform. NFHA then purportedly used Facebook’s “exclude” function to exclude “African-Americans” and “Hispanics” from the advertisement’s audience. NFHA also allegedly used Facebook’s “boost” capability to amplify its posts advertising the fake apartment by sending the post to some users while excluding others who fell within certain protected categories. In 2018, NFHA alleges it conducted a second investigation after Facebook announced it would no longer allow housing, credit, and employment advertisers to exclude users based on racial categories. During this second investigation, NFHA alleges it was still able to create ads and “boost” posts that excluded individuals based on race, sex, family status, and disability status. The plaintiffs seek a declaration that Facebook’s advertising policies violate the FHA and the New York City Human Rights Act, an injunction, compensatory and punitive damages, and attorneys’ fees.

Five months after the NFHA plaintiffs filed their lawsuit, HUD filed a “me-too” administrative complaint alleging similar conduct against Facebook. According to HUD, Facebook allows housing advertisers to discriminate by, among other things, “showing ads only to men or only to women[,]” “showing ads only to users whom Facebook categorizes as interested in the ‘Christian Church,’ ‘Jesus,’ ‘Christ’ or the ‘Bible[,]’” and “drawing a red line around majority-minority zip codes and not showing ads to users who live in these zip codes.” According to the HUD complaint, “[t]he alleged policies and practices of Facebook violate the Fair Housing Act based on race, color, religion, sex, familial status, national origin and disability.”

Finally, on August 17, 2018, the Justice Department – through the U.S. Attorney for the Southern District of New York – filed a statement of interest in support of the NFHA plaintiffs. Specifically, the Justice Department filed its Statement of Interest in response to Facebook’s motion to dismiss, which argued, in part, that Facebook was “merely an interactive computer service” and therefore was immunized from FHA liability by the Communications Decency Act. In the Statement of Interest, the Justice Department rejected Facebook’s characterization, asserting that “[b]y allegedly collecting user data, collating user data, and classifying its users based in part upon protected characteristics, Facebook participates in the ‘mak[ing],’ of an ‘advertisement’ ‘that indicates any preference, limitation, or discrimination.’”

While the NFHA suit and the recent filings by HUD and the Justice Department address alleged publisher liability and do not directly relate to the advertisers themselves, housing advertisers should pay close attention to this litigation. Social media advertising has become an integral part of businesses marketing to consumers and, as illustrated by this litigation, data-driven, targeted marketing likely will create new and unexpected avenues for liability. Moreover, HUD and the Justice Department’s apparent interest in how the FHA applies to social media marketing suggests agencies and regulators may start scrutinizing how housing advertisers use big data and targeted advertising to market and sell housing.