Last week, the FTC published its new 2014
Privacy and Data Security Update. Covering initiatives between
January 2013 and May 2014, the bullet-point digest highlights FTC enforcement
actions on privacy, data security, credit reporting, financial privacy, and Do
Not Call. Among the finance related cases were:
- A Do Not Call list violation against Mortgage
Investors Corporation of Ohio, one of the nation’s leading refinancers of
veterans’ home loans. The company paid a $7.5 million civil penalty, the
largest fine the FTC has ever collected for allegedly violating DNC provisions.
to the complaint, Mortgage Investors called consumers on the DNC Registry,
failed to remove consumers from its company call list upon demand, and
misstated the terms of available loan products during telemarketing calls.
- Several cases for violation of the FCRA and
privacy provisions of the Gramm-Leach-Bliley Act, including:
- TeleCheck Services, Inc., agreed
to pay $3.5 million to settle allegations that they violated the FCRA by
failing to follow proper dispute procedures, including refusing to investigate
- The FTC obtained
a $3.5 million fine for FCRA violations, from Certegy, a check
authorization company, alleging they did not have reasonable procedures to
resolve consumer disputes.
- Time Warner Cable, Inc. agreed
to pay $1.9 million in civil penalties to settle charges that the company
violated the new Risk-Based Pricing Rule of 2011, which requires creditors to
give notice to consumers who are provided less favorable credit terms based on
information in their credit reports.
- Following a test-shopping operation in which FTC
staff members posed as individuals seeking consumer information to make
decisions related to creditworthiness, insurance eligibility or employment, the
FTC issued warning letters to ten
data brokers that appeared to be selling information for FCRA purposes
without following the FCRA requirements.