On August 12, the U.S. District Court for the Northern District of California dismissed for failure to state a claim a putative class action alleging that a digital wallet provider made unauthorized disclosures of user information to third-party mobile app developers. Svenson v. Google Inc., No. 13-cv-04080, 2014 WL 3962820 (N.D. Cal. Aug. 12, 2014). The named plaintiff claimed that when the digital wallet provider processed payments for apps purchased through an affiliated online store, it also provided certain customer/personally identifiable information to third-party app developers, including email address, account name, home city and state, zip code, and in some instances, telephone number. The plaintiff asserted theories of breach of contract and breach of the implied covenant of good faith and fair dealing, as well as violations of the Stored Communications Act and California’s Unfair Competition Law. The court held that the plaintiff’s breach of contract claim failed, reasoning in part that: (i) the plaintiff was not deprived of the “benefit of the bargain” given that the allegations involved free services and a $1.77 app; and (ii) there was no support for the theory that the economic value of the plaintiff’s information was diminished (because the plaintiff failed to allege that there was a market for the information). Similarly, the court held that the plaintiff’s Unfair Competition Law claims did not allege an economic injury, and that the breach of implied covenant claims were duplicative of the breach of contract claims. The court also dismissed the plaintiff’s Stored Communications Act claims.
On August 11, the Consumer Financial Protection Bureau (the CFPB or Bureau) issued a “consumer advisory” concerning virtual currency and also announced that it would begin accepting consumer complaints about virtual currency or virtual currency companies. These actions are the consumer agency’s first foray into virtual currencies, and they follow a recent GAO report that recommended the CFPB play a larger role in the development of federal virtual currency policy. Read more…
On July 17, the New York Department of Financial Services (NYDFS) proposed a rule intended to govern the virtual currency marketplace. The proposed rule is extremely broad and as currently drafted would appear to capture products provided by traditional brick and mortar banks and other regulated financial institutions. For example, as proposed, the rule could regulate:
- Reward programs, “thank you” offers, or digital coupons that offer cash back or statement credits;
- Generated numbers that access cash;
- Prepaid access and other cards that will allow customers to receive cash, including those customarily exempt such as government funded transfers;
- P2P transfers; and
- Wallet providers where the customer can access cash.
If left unaddressed, these apparent unintended consequences could create a confusing regulatory environment for certain bank and card products. It is also noteworthy that the rule does not provide any customary exclusions for chartered entities, raising substantial preemption questions. Read more…
BuckleySandler Webinar Recap: Top 10 Things You Need to Know About the New York BitLicense Proposed Rule
On August 6, BuckleySandler hosted a webinar, Top 10 Things You Need to Know about the New York BitLicense Proposed Rule. Michael Zeldin, Special Counsel at BuckleySandler, moderated the panel, which featured presentations by Partner Margo H. K. Tank and Counsel Amy Davine Kim of BuckleySandler’s Digital Commerce and Payments Group.
Overall, our presenters agreed that the regulatory framework proposed by the New York Department of Financial Services (DFS) would establish a different and more difficult standard for the virtual currency industry than for the traditional money transmitter industry. The rigorous data security, consumer protection, and anti-money laundering provisions may unintentionally operate as a high barrier to entry into the virtual currency industry while favoring established companies with experience and resources to handle these issues. Our presenters also offered specific areas of improvement and clarification for organizations to take into account when drafting comments on the proposal.
The following provides a more detailed summary of the discussion: Read more…
On August 1, the FTC released a staff report on the agency’s review of shopping apps—those used for comparison shopping, to collect and redeem deals and discounts, and to complete in-store purchases. The FTC staff examined information available to consumers before they download the software onto their mobile devices—specifically, information describing how apps that enable consumers to make purchases dealt with fraudulent or unauthorized transactions, billing errors, or other payment-related disputes. The staff also assessed information on how the apps handled consumer data. The FTC staff determined that the apps studied “often failed to provide pre-download information on issues that are important to consumers.” For example, according to the report, few of the in-store purchase apps provided any information prior to download explaining consumers’ liability or describing the app’s process for handling payment-related disputes. In addition, according to the FTC, most linked privacy policies “used vague language that reserved broad rights to collect, use, and share consumer data, making it difficult for readers to understand how the apps actually used consumer data or to compare the apps’ data practices.” The FTC staff recommends that companies that provide mobile shopping apps to consumers: (i) disclose consumers’ rights and liability limits for unauthorized, fraudulent, or erroneous transactions; (ii) clearly describe how they collect, use, and share consumer data; and (iii) ensure that their strong data security promises translate into strong data security practices. The report also includes recommended practices for consumers.
On August 1, the U.S. Senate passed by unanimous consent H.R. 4386, which will permit FinCEN, in fulfilling its responsibility to supervise registered money services businesses (MSBs), to rely on state agency examinations of MSBs. The bill also covers other non-bank financial institutions such as gaming establishments and jewel merchants. The bill passed the House by voice vote in May. The President, who sought this authority for FinCEN in budget requests, is expected to sign the bill.
On August 6, in remarks at a financial technology conference, the UK’s Chancellor of the Exchequer, George Osborne, outlined the UK government’s plans for the UK to become a world leader in financial innovation and financial technology. Mr. Osborne noted the UK’s science and technology resources and its history of leading the way in financial innovation. He called for new means of banking and payments for consumers and businesses that go beyond just viewing statements online and that “bypass traditional banks altogether, and lend money directly – through peer-to-peer platforms.” Mr. Osborne believes that “with the right backing from government,” London can become “the Fin Tech capital of the world.” To that end, he detailed the government’s plans to support financial innovation, including by: (i) establishing an appropriate tax regime for the industry; (ii) committing funds for government investment programs; (iii) establishing a favorable regulatory regime; (iv) creating a new partnership between Innovate Finance and the British Business Bank to champion financial innovation and technology; and (v) launching a “major program of work exploring the potential of virtual currencies and digital money.” For example, as part of the regulatory changes, Mr. Osborne described several pieces of legislation, including those that will: (i) require the large UK banks to “pass on information on small businesses they reject for loans, so that FinTech Companies and alternative lenders can step in and offer finance instead”; and (ii) allow consumers to use their smart phones to pay in checks.
The New York Department of Financial Services riveted the attention of the virtual currency world (and just about everyone else involved with digital financial services), with its July 17 proposal to issue licenses for Virtual Currency Business Activities. The so-called BitLicense proposal features broad coverage; open ended capital and bonding requirements; personal investigation of founders, investors and even employees; and prior regulatory approval of new products and activities.
These and other aspects of BitLicensing beg the question: will licensing protect the public and investors? Or just drive Bitcoin participants out? (If they leave, they may find roadblocks elsewhere; days before New York’s announcement, France’s Ministry for the Economy and Finance, for example, proposed regulating Bitcoin.) Opportunistic locales for virtual currency operators are already being identified, such as the Isle of Man, a self-governing British Crown Dependency, whose Financial Supervision Commission says it is “not the appropriate time” to introduce a regulatory regime, while warning there is no consumer protection in the digital currency market. Think about this: Tiny Delaware is a corporate legal haven, Switzerland created an international bank haven, and a virtual currency haven may be next. Regulatory exercises like New York’s could advance that option. Read more…
On July 18, FinCEN published SAR Stats—formerly called By the Numbers—an annual compilation of numerical data gathered from the Suspicious Activity Reports (SARs) filed by financial institutions using FinCEN’s new unified SAR form and e-filing process. Among other things, the new form and process were designed to allow FinCEN to collect more detailed information on types of suspicious activity. As such, FinCEN describes the data presented in this first SAR Stats issue as “a new baseline for financial sector reporting on suspicious activity.” The primary purpose of the report is to provide a statistical overview of suspicious activity developments, including by presenting SAR data arranged by filing industry type for the more than 1.3 million unique SARs filed between March 1, 2012 and December 31, 2013. In addition, the redesigned annual publication includes a new SAR Narrative Spotlight, which focuses on “perceived key emerging activity trends derived from analysis of SAR narratives.” The inaugural Spotlight examines the emerging trend of Bitcoin related activities within SAR narrative data. It states that FinCEN is observing a rise in the number of SARs flagging virtual currencies as a component of suspicious activity, and provides for potential SAR filers an explanation of virtual currencies and the importance of SAR data in assessing virtual currency transactions.
On July 17, the New York DFS announced a proposal to establish a licensing regime for virtual currency businesses, the first by any state. In January, the DFS held a two-day hearing on developing a regulatory framework for virtual currency firms, and subsequently sought applications for virtual currency exchanges pending completion of the regulations. The proposed regulations define virtual currency as “any type of digital unit that is used as a medium of exchange or a form of digitally stored value or that is incorporated into payment system technology.” This would include digital units of exchange that: (i) have a centralized repository or administrator; (ii) are decentralized and have no centralized repository or administrator; or (iii) may be created or obtained by computing or manufacturing effort. It would exclude digital units that are used solely within online gaming platforms or that are used exclusively as part of a customer affinity or rewards program.
Under the proposal, the state would require companies engaged in the following activities to obtain a so-called BitLicense: (i) receiving or transmitting virtual currency on behalf of consumers; (ii) securing, storing, or maintaining custody or control of such virtual currency on the behalf of customers; (iii) performing retail conversion services; (iv) buying and selling virtual currency as a customer business (as distinct from personal use); or (v) controlling, administering, or issuing a virtual currency. To obtain a license, a business would be required to, among other things: (i) hold virtual currency of the same type and amount as any virtual currency owed or obligated to a third party; (ii) provide transaction receipts with certain required information; (iii) comply with AML rules; (iv) maintain a cyber security program; and (v) establish business continuity and disaster recovery policies. Licensed entities would be subject to DFS supervision, with examinations taking place no less than once every two calendar years. The proposal will be published in the New York State Register’s July 23, 2014 edition, which begins a 45-day public comment period.
On June 28, California Governor Jerry Brown signed AB 129, which repeals a state ban on the issuance or circulation of anything but lawful money of the United States. As described in a legislative staff analysis of the bill, the repeal is designed to ensure that forms of alternative currency such as digital currency, points, coupons, or other objects of monetary value do not violate the law when those methods are used for the purchase of goods and services or the transmission of payments in California.
On July 4, the European Banking Authority (EBA) released an Opinion that outlines for the EU Council, the European Commission, and the European Parliament requirements that would be needed to regulate virtual currencies. The EBA identified more than 70 risks across several categories and numerous causal drivers for those risks, including that (i) a virtual currency scheme can be created, and then its function subsequently changed, by anyone, and in the case of decentralized schemes, by anyone with a sufficient share of computational power; (ii) payer and payee can remain anonymous; (iii) virtual currency schemes do not respect jurisdictional boundaries and may therefore undermine financial sanctions and seizure of assets; and (iv) market participants lack sound corporate governance arrangements. To address those drivers, the EBA believes a regulatory framework would need to comprise, among other elements: (i) governance requirements for certain market participants; (ii) segregation of client accounts; (iii) capital requirements; and (iv) the creation of “scheme governing authorities” accountable for the integrity of a virtual currency scheme and its key components, including its protocol and transaction ledge. Given that the creation of such a regulatory framework will take time, the EBA recommends that European national prudential regulators take action in the immediate term to discourage financial institutions from buying, holding or selling virtual currencies while no regulatory regime is in place. In addition, the EBA recommends that EU legislators consider declaring market participants at the direct interface between conventional and virtual currencies, such as virtual currency exchanges, to become “obliged entities” under the EU Anti Money Laundering Directive and thus subject to its anti-money laundering and counter terrorist financing requirements. The EBA report follows a recent reportby the inter-governmental Financial Action Task Force (FATF) that provides an overview of virtual currency terms, markets, risks, and law enforcement actions announced to date.
As legal advisors to providers in the digital world, we are always thinking about regulation – whether it is coming, when it is coming, and what it will mean for our clients. After all, it is our mission to keep you on the safe side of the law, so you can create, succeed and prosper. With this in mind, we find the explosion of digital products and the warp-speed at which complex applications are emerging to be both a testament to irrepressible innovation and cause for concern. A recent Op-Ed in the Wall Street Journal (L. Gordon Crovitz, “Uber Shocks the Regulators,” June 16, 2014) notes “permissionless” digital innovation is upsetting traditional regulatory processes. The uber-popular Uber car service demonstrates that traditional taxi regulations are giving way to customer demands. The “old way” of making rules in response to existing providers may be faltering in an era of customer-driven preferences. If so, a sea change in the regulatory function may be looming. Read more…
On June 27, the GAO released a May 2014 report regarding virtual currency. The leaders of the Senate Homeland Security and Governmental Affairs Committee asked the GAO to examine potential policy issues related to virtual currencies and the status of federal agency collaboration in this area. The report summarizes virtual currency policy developments to date, and provides an overview of various interagency working groups and the ways each has so far addressed virtual currencies. The GAO concludes that consumer protection issues have largely not been addressed by the working groups, and recommends that the CFPB identify and join existing interagency working groups to ensure that consumer protection issues are considered as those groups develop virtual currency policies. In response to the report, the CFPB stated that it has been doing its own work on virtual currency, and has collaborated informally, but agreed that it should participate formally in interagency working groups.