On May 10, the FTC released new guidance on consumer reporting obligations under the FCRA. The guidance is intended to assist companies in understanding whether or not they are subject to consumer reporting requirements under the FCRA. According to the FTC, a company that sells or provides “consumer reports” as defined in Section 603 of the FCRA, 15 U.S.C. § 1681a(d), is considered a “consumer reporting agency” bound by FCRA requirements: “even if you don’t think of your company as a consumer reporting agency, it may be one if it provides information about people to employers for use in hiring or other employment decisions.” The guidance further notes that employment background screening companies are typically subject to FCRA requirements, such as: (i) establishing and following “‘reasonable procedures to assure maximum possible accuracy of the information concerning the individual about whom the report relates’”; (ii) obtaining certifications that verify, among other things, their clients are legitimate and that the credit report will only be used for employment purposes; (iii) providing clients with information regarding their responsibilities under the FCRA, as well as a summary of consumer rights under the FCRA; and (iv) honoring certain rights of applicants and employees, including providing access to files upon request and conducting a reasonable investigation of consumer disputes.
On May 16, the United States Supreme Court issued an opinion vacating the Ninth Circuit’s 2014 ruling that a plaintiff had standing under Article III of the Constitution to sue an alleged consumer reporting agency as defined by the Fair Credit Reporting Act (FCRA), for alleged procedural violations of the FCRA, 15 U.S.C § 1681 et seq. Spokeo v. Robins, No. 13-1339 (U.S. May 16, 2016). According to plaintiff Thomas Robins, the reporting agency violated his individualized (rather than collective) statutory rights by reporting inaccurate credit information regarding Robins’s wealth, job status, graduate degree, and marital status in willful noncompliance with certain FCRA requirements. In a 6-2 opinion delivered by Justice Alito, the Court ruled that Robins could not establish standing by alleging a bare procedural violation because Article III requires a concrete injury even in the context of statutory violation. Here, the Ninth Circuit erred in failing to consider separately both the “concrete and particularized” aspects of the injury-in-fact component of standing. The Court opined that the Ninth Circuit’s analysis was incomplete:
[T]he injury-in-fact requirement requires a plaintiff to allege an injury that is both “concrete and particularized.” Friends of the Earth, Inc. v. Laidlaw Environmental Services (TOC), Inc., 528 U.S. 167, 180-181 (2000) (emphasis added). The Ninth Circuit’s analysis focused on the second characteristic (particularity), but it overlooked the first (concreteness). We therefore…remand for the Ninth Circuit to consider both aspects of the injury-in-fact requirement.
On January 27, the CFPB announced that it published its 2016 list of consumer reporting companies. The list includes contact information for the three largest nationwide reporting companies and various specialty reporting companies concentrating on specific geographic market areas and consumer segments. In addition, the list provides consumers with (i) tips on determining which specialty credit reports may be important to review depending upon the particular circumstances, such as applying for a job or a new bank account; (ii) information regarding how companies confirm the identity of the consumer requesting a copy of his or her credit report; and (iii) information on which companies also provide free credit scores. The CFPB also reminds consumers of their legal rights to (i) obtain the information in their credit reports, per the FCRA; and (ii) dispute inaccuracies contained in the report.
On January 6, the FTC published a report titled, “Big Data: A Tool for Inclusion or Exclusion? Understanding the Issues.” The report, which draws from information from a September 2014 FTC workshop, as well as public comments and research, primarily focuses on the final stage in the life cycle of big data use by addressing the commercial use of consumer data and its effect on low-income and underserved populations. According to the report, participants in the 2014 workshop expressed concern that potential inaccuracies and biases from big data may lead companies to “exclude low-income and underserved communities from credit and employment opportunities.” For example, the report states that, “if big data analytics incorrectly predicts that particular consumers are not good candidates for prime credit offers, educational opportunities, or certain lucrative jobs, such educational opportunities, employment, and credit may never be offered to these consumers.” In order to minimize legal and ethical risks, and to avoid possible exclusion and/or discrimination, the report suggests that companies should obtain an understanding of various laws that may apply to their big data practices, including the FCRA, equal opportunity laws, and the FTC Act. Read more…
On December 17, the CFPB announced a consent order against a Minnesota-based auto dealer and its affiliated financing company for alleged violations of the FCRA and the CFPA. The CFPB alleged that the auto dealer, acting through its financing company, (i) repeatedly furnished inaccurate consumer credit information for more than 84,000 customers from January 2009 through September 2013; and (ii) engaged in deceptive acts and practices by failing to report “good credit” to the credit reporting agencies (CRAs) for tens of thousands of consumers after making written representations that the it would report positive credit information to help consumers build and maintain good credit. Alleged FCRA violations include: (i) inaccurately reporting that vehicles were repossessed and borrowers owed balances after the vehicles were returned to the dealer in accordance with the company’s 72-hour return policy; (ii) inaccurately reporting that consumers had outstanding balances after issuing documentation that disputed accounts had been settled; and (iii) failing to establish and maintain reasonable written policies and procedures to ensure the accuracy and integrity of consumer information furnished to CRAs.