Privacy Law Blog

Tag Archives: FCRA

Northern District of Illinois Foreshadows Tough Row[e] to Hoe for Identity Exposure Plaintiff, but Denies Motion to Dismiss

On January 5, 2010, Judge William Hibbler of the U.S. District Court for the Northern District of Illinois became the latest federal district judge to share his views about whether an increased risk of future harm based on the inadvertent exposure of personal information is a legally cognizable harm. In Rowe v. UniCare Life & Health Insurance Co., No. 1:09-cv-2286 (N.D. Ill. Jan. 5, 2010), Judge Hibbler . . . hinted that the plaintiff's claims for violations of the Fair Credit Reporting Act ("FCRA") and the Illinois Insurance Information and Privacy Act, as well as his common law claims of invasion of privacy, negligence and breach of implied contract, may ultimately be dismissed if the plaintiff failed to show a basis for damages other than his alleged increased risk of future harm, such as identity theft. … Continue Reading

Florida Cases Remind Retailers that Printing Expiration Dates after Enactment of the Receipt Clarification Act Violates FACTA

The Fair and Accurate Credit Transactions Act (“FACTA”) amendments to the Fair Credit Reporting Act prohibit, among other things, the printing of expiration dates on receipts presented to credit or debit card holders.  Two recent cases from the U.S. District Court for the Southern District of Florida, Smith v. Zazzle.com, Inc. (see our blog post … Continue Reading

California’s Financial Information Privacy Act Affiliate Sharing Provisions Narrowly Survive Complete Preemption

On September 4, 2008, in American Bankers Association v. Lockyer, No. 05-17163, 2008 WL 4070308 (9th Cir. Sept. 4, 2008), the Ninth Circuit Court of Appeals revived part of the California Financial Information Privacy Act (“S.B. 1”), allowing consumers to opt-out of certain information-sharing activities between financial institutions and their affiliates. Previously, in the 2005 case … Continue Reading

Affiliate Marketing Rule Alert: Compliance Deadline is October 1, 2008

Section 214 of Fair and Accurate Credit Transactions Act ("FACTA") was enacted to amend the Fair Credit Reporting Act (the "Act") to give consumers the right to restrict certain entities from using certain information received from their affiliates to make solicitations to that consumer unless the consumer has been provided (1) "clear and conspicuous" notice that the consumer's information will be shared for such purposes, and (2) an opportunity to opt out of having such information shared for such purposes. On November 7, 2007, the Federal Deposit Insurance Corporation, the Federal Reserve Board, the Office of the Comptroller of the Currency, the Office of Thrift Supervision and the National Credit Union Administration issued a joint final rule (along with the Federal Trade Commission (FTC) and the Securities and Exchange Commission(SEC), which separately adopted and proposed, respectively, similar regulations) under the amended Act (the "Affiliate Marketing Rule" or "Final Rule," codified at 12 C.F.R. Parts 41, 222, 334, 571 and 717) governing the use of specific consumer information obtained by covered entities from their affiliates for certain marketing purposes. The Affiliate Marketing Rule became effective on January 1, 2008, and compliance by covered entities is required by October 1, 2008. … Continue Reading

Red Flag Alert — Compliance Deadline is November 1, 2008

According to regulations published by the Federal Trade Commission and the federal banking agencies, covered companies that hold any customer accounts must implement identity theft prevention programs that identify and detect "Red Flags" signaling possible identity theft. Companies establishing such programs must create policies and procedures not only to recognize and detect Red Flags, but also to respond to Red Flags by preventing or mitigating potential identity theft. Furthermore, companies must develop reasonable policies and procedures to verify the identity of a customer opening an account, and must also periodically update their identity theft programs. The rules went into effect on January 1, 2008, and businesses must comply by November 1, 2008. … Continue Reading

Expiration Date Imminent for Many FACTA Class Actions

New amendments to the Fair and Accurate Transactions Act ("FACTA") (itself an amendment to the Fair Credit Reporting Act ("FCRA")) bar consumers from alleging willful violation and seeking statutory damages based on the printing of credit card expiration dates on receipts where the account number is otherwise properly truncated in accordance with FACTA. This development means the end is near for scores of class action lawsuits filed last year. … Continue Reading

When Reckless Means Willful – High Court Issues Landmark Decision Under the Fair Credit Reporting Act

Since December 4, 2006, consumers have filed dozens of class actions against retailers and other businesses across the country alleging "willful" violations of the Fair and Accurate Credit Transactions Act ("FACTA") amendments to the Fair Credit Reporting Act ("FCRA"), prohibiting the printing of more than five digits, or the expiration date, of a credit card on receipts provided to the customer. Defendants in those cases have been waiting anxiously for the Supreme Court to rule in Safeco Insurance Co. of America, et al. v. Burr, et al., 551 U.S. _____ (2007), a factually inapposite matter in which the Court granted certiorari to determine whether "reckless disregard" suffices for willfulness under the statute. In a decision that raises as many questions as it answers, the Supreme Court held on June 4, 2007 that "reckless" failure to comply with FCRA can be considered willful. The Court's opinion begs the question whether it was objectively reasonable for retailers to continue the printing of expiration dates on customer receipts after FACTA took full effect. … Continue Reading
LexBlog