Consumer Finance Law Blog

Layaway Making a Comeback? Retailers Beware

Andrew S. Wein — Fri, 12 Mar 2010 16:14:44 -0500

With so much of the economy still struggling, credit harder to come by, and consumers being more conservative with their spending, various commentators have suggested that layaway programs are poised to make a comeback. However, retailers should be careful before implementing layaway programs, especially if they are doing so on a national basis.

Several states have statutes specifically regulating layaway transactions, setting forth the maximum service charges, the refund policies, and other terms required by law. In some cases, the penalties for noncompliance can be severe, including statutory penalties or multiples of actual damages. Maryland, Ohio, Rhode Island, and the District of Columbia, among others, have statutes which specify terms that must be included in all layaway transactions, and in some cases those terms may be such that it is no longer profitable for the retailer to offer layaways. In particular, retailers may be seriously restricted in their ability to charge service fees or impose penalties for noncompliance with the terms of the agreement. As a result, some retailers are specifically excluding certain jurisdictions, or providing for alternative contractual terms in those jurisdictions. For example, the layaway program for Toys ‘R Us and Babies ‘R Us stores is apparently not available in Maryland and is subject to different terms in Ohio and Rhode Island.

Layaway may very well prove to be a reliable business model for bringing consumers into stores (or onto websites) but its also an area where a patchwork of local laws can create dangerous legal minefields.

Federal Court Rejects Coupon Settlement Under CAFA

John W. McGuinness — Tue, 09 Mar 2010 14:54:32 -0500

A federal court in California recently sided with twenty-six state attorneys general and several objectors in rejecting a proposed class action settlement that called for Honda to provide over 175,000 Honda Civic Hybrid owners a coupon worth no more than $1,000 toward purchasing a new Honda vehicle. In True v. American Honda Motor Co., No. EDCV07-0287-VAP(OPX) (C.D. Cal. Feb. 26, 2010), the plaintiffs alleged that Honda used false and misleading advertisements regarding the fuel efficiency of its Honda Civic Hybrid to induce customers to pay $2,500 more for the Hybrid than for the comparably equipped standard-engine Honda Civic, even though the Hybrid gets only marginally better gas mileage. Under the proposed settlement, class members were to receive a DVD with tips on how to improve their gas mileage, an opportunity to receive a rebate on the future purchase of another Honda, and, for less than two percent of the class, an opportunity to make a claim for $100. The settlement also provided that Honda would not oppose class counsel’s motion for nearly $3 million in attorneys’ fees.

In an order entered on February 26, 2010, the court denied final approval of the settlement. Specifically, the court held that the proposed settlement’s award of a cash payment to only a select group of the class “creates the most significant obstacle to approval” of the settlement, and that the members of this sub-group were the only class members who would receive a true cash award in the settlement.

As the court explained, the Class Action Fairness Act (“CAFA”) requires federal judges to apply heightened scrutiny to a coupon settlement to determine whether the settlement is “fair, reasonable, and adequate for class members.” The attorneys general argued in their amici briefs that coupon settlements are inherently unfair because they require class members to do business once again with the company they sued in their lawsuit. While the True court held that not all coupon settlements are unfair, it found that in this instance, the proposed settlement failed in many respects, including that the rebate program was a coupon settlement that would have an extremely low redemption rate and “far less” value than plaintiffs suggested, and the vast majority of the class would receive “nothing more than a DVD of little value.”

Finally, the court also held that, in light of the low value of the settlement, an award of almost three million dollars in attorneys’ fees “would be unconscionable.”

Companies facing potential consumer class actions should note that attorneys general are reviewing the notices that settling defendants are required to send under CAFA, especially for settlements involving coupons.

(Kelley Drye & Warren LLP Associate Elissa O. Tomanda contributed to this post.)

Supreme Court Clarifies Diversity Jurisdiction Standard

John W. McGuinness — Wed, 24 Feb 2010 17:54:28 -0500

In a unanimous decision Tuesday in Hertz v. Friend, -- U.S. --, No. 08-1107, 2010 WL 605601 (Feb. 23, 2010), the Supreme Court clarified the test federal courts should apply to determine a corporation’s citizenship for purposes of diversity jurisdiction, holding that corporations are citizens of the state of their “nerve center” – usually their corporate headquarters – not of any state where a plurality of their business activity occurs.

As explained in a recent Kelley Drye client advisory, the Hertz decision resolves years of uncertainty about how to determine a corporation’s “principal place of business” for purposes of diversity jurisdiction. Numerous circuits, including the Ninth Circuit, have applied the so-called “total activity” test, which assessed the amount of the corporation’s activity in each state and deemed the corporation a citizen of any state in which its activity was “significantly larger” or “substantially predominates” over its activity in other states. This test left many national companies, including Hertz, unable to remove state-court class actions to federal court in populous states such as California, where they are not headquartered but do a large amount of business. The Hertz decision rejects the “total activity” test and adopts a simpler test, applied in the Seventh Circuit, known as the “nerve center” test. Under this approach, a corporation’s “principal place of business” is “the place where a corporation’s officers direct, control, and coordinate the corporation’s activities… [which] should normally be the place where the corporation maintains its headquarters.”

The Court’s decision should be welcome news to corporate defendants, as it will provide greater certainty and predictability about where major litigation affecting multi-state businesses will be litigated, and is likely to limit the need for costly jurisdictional discovery in many cases going forward.

(Kelley Drye & Warren LLP Associate Joanna Baden-Mayer contributed to this post.)

REMINDER: New Credit Card Regulations Take Effect Today; Gift and Debit Card Rules to Follow

Donna L. Wilson & Michael P. McGinn — Mon, 22 Feb 2010 09:03:49 -0500

Major provisions of a new law related to credit and gift cards take effect today. The Credit CARD Act, which was signed by President Obama in May 2009, marked the culmination of several legislative efforts to reform certain practices of card issuers. The law provisions related to credit cards, discussed in this Kelley Drye client advisory, are comprehensive and include new restrictions and requirements related to, among other things, rates, fees, billing and payment practices, disclosures and marketing, as well as additional rules specific to young consumers and college students.

The Act directed the Federal Reserve to develop implementation guidance and requirements, which were finalized on January 12, 2010. While most credit card issuers have been working for several months to comply with the Act, the Fed rules provide further detailed guidance. For example, the rules outline factors issuers should consider when determining a consumer’s ability to repay.

Notably, the Fed rules impact Regulation Z and, therefore, do not relate to debit card overdraft fees. Those fees fall under Regulation E, which is subject to a separate ongoing rulemaking process.

Nor do the portions of the CARD Act that take effect today relate to gift cards. Another Fed rulemaking to provide guidance related to gift cards is underway. Those Fed rules should be finalized soon, and together with the gift card provisions of the Act will take effect in August 2010. We will keep you posted on further developments.

Recent Decisions Find In Favor of Insurance Coverage for "Blast Faxes"

Donna L. Wilson & Michael P. McGinn — Tue, 09 Feb 2010 19:21:45 -0500

Numerous class action suits have been brought over the past several years under the Telephone Consumer Protection Act (“TCPA”) against entities that fax unsolicited advertisements (so-called “blast faxes”) to individuals and businesses. Companies facing such suits in turn have sought insurance coverage under their comprehensive general liability (“CGL”) policies for costs incurred defending TCPA suits, and for indemnification of any liability.

While coverage disputes in blast faxing cases have historically yielded mixed results, a series of recent rulings have tilted the scales in favor of policyholders. For example, the Florida Supreme Court decided on January 28, 2010 in Penzer v. Transportation Ins. Co., No. SC08-2068, 2010 WL 308043, that a standard CGL policy provided coverage for a suit brought under TCPA for alleged blast fax activities. While other recent decisions have yielded similar results, Penzer is significant because it held that the plain language of the insurance policy compels coverage.

Despite the holding in Penzer, insurers will likely use the lack of unanimity among courts, and the potential for inconsistent results in jurisdictions yet to address the issue, as a basis to deny claims going forward. Policyholders would be well served to not take these denials at face value, but rather should demand the coverage to which they are entitled.

A client advisory prepared by Kelley Drye & Warren LLP’s Insurance Recovery Group summarizes recent coverage decisions regarding blast faxing, including the Penzer decision, and discusses the implications of those cases for policyholders.

Data Breach Coverage: Underwriting at the Point of Claim?

Andrew S. Wein — Wed, 08 Jul 2009 12:21:13 -0500

The recently filed case of First Bank v. Federal Insurance Company reflects yet another financial services provider that was the subject of a data breach incident, and was forced into litigation with its insurers as a result. As detailed in our recent article, First Bank is not alone in having their insurance company deny the claim for coverage arising from the data breach. In this area of privacy and data security, anecdotally at least, it appears that many insurers are "underwriting at the point of claim" -- that is, denying coverage in the hope that the policyholder will abandon pursuit of the coverage.

However, you may be covered, even if you do not have a "cyber" or "data security" policy. In fact, the label or title on the policy matters little, as Federal had issued a policy impressively titled, “Cybersecurity by Chubb for Financial Institutions,” yet disclaimed coverage. That old standby -- Comprehensive General Liability (better known as "CGL") policies -- may well provide you with the coverage you need to defend litigation arising from a data breach.

State Regulators' Powers Over National Banks Reaffirmed by U.S. Supreme Court

John W. McGuinness — Thu, 02 Jul 2009 14:33:57 -0500

Recently, the United States Supreme Court, in its decision styled Andrew M. Cuomo v. The Clearing House Association, L.L.C., No. 08-453, reaffirmed that federal banking regulations do not pre-empt states from enforcing their own fair-lending laws against national banks.

This dispute arose following the New York State Attorney General’s attempt to investigate several banks’ residential real-estate lending practices in 2005. The Attorney General’s office had suspected discriminatory lending practices after reviewing reports that showed minority borrowers received a larger percentage of high-interest home loans than white borrowers. As part of that probe, the Attorney General sent letters to several national banks, in lieu of a subpoena, requesting that they provide certain non-public information regarding their mortgage lending practices. In response, the federal Office of the Comptroller of the Currency (“OCC,” the chartering authority and federal regulator of national banks) and the Clearing House Association (a banking trade group) sued to block the Attorney General’s investigation, claiming that an OCC regulation promulgated under the National Bank Act pre-empted any state regulation or enforcement against national banks.

The U.S. District Court for the Southern District of New York enjoined the Attorney General from enforcing state fair-lending laws through demands for records or judicial proceedings, and the Second Circuit affirmed. The United States Supreme Court granted certiorari to determine whether the OCC’s regulations could be upheld as a reasonable interpretation of the National Bank Act, which provides that national banks are not subject to any “visitorial powers,” except as provided by federal law.

The Supreme Court concluded, in a 5-4 decision, turning on statutory construction, that the OCC’s regulation – and its reading that the exclusive grant of “visitorial powers” can preclude state enforcement of state law – was not a reasonable interpretation of the Act. Indeed, the Court noted, the OCC’s regulation was in conflict with Supreme Court precedent that clearly upheld state enforcement of banking laws. Accordingly, state attorneys general are permitted to prosecute judicial enforcement actions against all banks, regardless of charter, for violations of state consumer protection laws. States, however, are pre-empted from “overseeing” national banks, which the Supreme Court viewed as separate and apart from “enforcing” the laws.

This decision comes at an important time, when the Obama administration is looking to overhaul federal regulation of the financial services industry in response to the nation’s economic crisis. The decision is already being lauded as a way for state attorneys general to play a larger role in protecting local consumers from discriminatory bank practices. The banks, on the other hand, now face the challenge of complying with a patchwork of conflicting federal and state laws. Banks should consult with counsel to discuss potentially conflicting fair-lending laws, as well as ways to avoid being the subject of a state enforcement action.

(Kelley Drye & Warren LLP Associate Elissa O. Tomanda contributed to this post.)

Federal Agencies Issue FAQs on FACTA Red Flag Compliance

Donna L. Wilson & Michael P. McGinn — Mon, 15 Jun 2009 09:21:04 -0500

Last week , the Federal Trade Commission, jointly with other federal agencies that regulate financial institutions, released "frequently asked questions" designed to provide additional assistance to companies required to comply with new identity theft rules pursuant to the Fair and Accurate Credit Transactions Act ("FACTA") .

Those rules were issued in November 2007. Under the regulations, financial institutions are required to develop and implement written programs to detect and respond to possible identity theft as indicated by certain "red flags." These newly required programs were to be in place on or before November 1, 2008.

The FAQs are the latest step in a number of efforts by the FTC and others to assist companies in complying with the new FACTA rules. For instance, in July 2008, the FTC launched an outreach program to explain the rules in greater detail, to clarify the types of institutions to which the rules apply, and to offer guidance as to how these institutions can comply. That outreach effort included an alert providing information relating to definitions and terms used in the rules, including the definitions of “financial institution,” “creditor,” “transaction account,” and “covered account.” In addition, the alert addressed five categories of “red flag” activities.

Financial institutions should continue to monitor for guidance from the federal agencies, and/or consult with counsel, regarding their compliance with the new FACTA rules.

Wave of Class Actions for Data Security Breaches

John W. McGuinness — Wed, 10 Jun 2009 14:01:45 -0500

If your company collects customers’ personal data in the course of its business, be aware of the wave of class actions that have recently been filed arising out of data security breaches. Finkelstein Thompson, a DC-based law firm, over the past year has filed a series of class actions against businesses that have fallen victim to such data breaches.

One such suit, filed in the Northern District of Georgia, asserts claims against RBS WorldPay, Inc. for negligence, breach of implied contracts, and violation of state unfair trade law, after hackers allegedly gained access to the personal information of approximately 1.5 million RBS cardholders. In an incident apparently related to this security breach, Fox News reported -- citing FBI sources-- that thieves, using cloned ATM cards with the stolen data, withdrew $9 million from ATMs in a coordinated attack in 49 cities, including Atlanta, Chicago, New York, Montreal, Moscow, and Hong Kong. This incident has garnered considerable media attention and will likely result in similar suits being filed against RBS across the country as a result of the security breach.

While this sort of case is extremely difficult to sustain given the absence of actual harm, the litigation and reputational costs associated with them are significant for businesses targeted by this litigation, particularly given the resulting media attention. Therefore, be forewarned, and regularly evaluate your data collection, data use, and data maintenance procedures and infrastructure with both your IT personnel and legal counsel.

For further discussion of this case, see our recently published piece in the ABA “Secure Times” newsletter. And for a broader discussion of how other cases have addressed these types of claims, please see our article published in Andrews Litigation Reporter.

(Kelley Drye & Warren LLP Associate Veronica D. Jackson contributed to this post.)

Plaintiffs File Suits Alleging Gift Cards With Expiration Dates In Less Than 10-Point Font Violate California Law

Donna L. Wilson — Thu, 04 Jun 2009 16:22:55 -0500

A number of class action lawsuits recently have been filed in California state court in San Diego County against a wide range of merchants as well as gift card issuers alleging, among other things, that the defendants have violated the California Civil Code by issuing gift cards that bear either an obscured expiration date, or an expiration date that is not as prominently displayed as is required under California state law. Section 1749.5 of the California Civil Code makes it unlawful to sell gift certificates or gift cards that contain an expiration date unless the expiration date appears in capital letters in at least 10-point font on the front of the gift card. So far retailers such as Saks, Staples, Borders, Visa, and American Express, among others, have been sued in separate class actions alleging violations of Section 1749.5, as well as the Business and Professions Code and the California Consumer Legal Remedies Act.

For example, in Michaelson v. Staples, Inc., Case No. 37-2009-00083487 (Cal. Super. Ct., San Diego Cty.), plaintiff alleges that an expiration date on a Staples gift card, mailed to the plaintiff as part of a promotion, was in less than 10-point font. Plaintiff alleges the card expired before he noticed the expiration date. In Robert Loiseau v. Visa U.S.A. Inc., Case No. 37-2009-00085443 (Cal. Super. Ct., San Diego Cty.), plaintiff alleges that a gift card, purchased for its face value, improperly contained an obscured expiration date, charged a processing fee, and required other allegedly unreasonable terms and conditions.

Gift cards are a tricky business when it comes to complying with the patchwork quilt of state-by-state regulations (as well as FTC oversight) over them. The permissibility of expiration dates, redemption in cash once a minimum balance has been reached, disclosures of terms and conditions, and escheatment of remaining balances are just some of the issues that businesses must confront and address. This new wave of lawsuits serves as a reminder to merchants and gift card issuers of the need to monitor state and federal regulations, as well as to periodically evaluate their gift card programs with counsel.

(Kelley Drye & Warren LLP Associate Elissa O. Tomanda contributed to this post.)

Identity Theft Litigation Update: Recent Cases Show Trend Toward Dismissal of Speculative Claims

Andrew S. Wein — Mon, 27 Apr 2009 17:30:21 -0500

Several weeks ago, we discussed how most courts were rejecting lawsuits where the plaintiffs claimed “damages” in the form of an increased risk of identity theft, generally stemming from allegations of an accidental loss or theft of personal confidential information. Since we last blogged on this issue, two recent decisions highlight how that trend is continuing, and that courts increasingly require more than speculation about future harm to sustain a lawsuit over the loss of confidential information.

The first notable decision involved a court which was clearly aware of this growing body of case law. In Belle Chasse Automotive Care, Inc. v. Advanced Auto Parts, Inc., United States District Court Judge Kurt Engelhardt of the Eastern District of Louisiana dismissed a claim stemming from a security breach involving confidential information. The plaintiff in Belle Chasse alleged that this breach only had caused an increased risk of identity theft, not an actual identity theft. The court granted defendants’ Rule 12(b)(6) motion, and cited to the growing body of case law from around the nation supporting the position that these allegations amount only to “speculative damages for which [Louisiana] law provides no remedy.” Notably, the Court cited to the Pinero decision we referenced in our prior post and found United States District Court Judge Sarah Vance’s analysis in that case to be “directly on point.”

The second notable decision provides an example of a Court reversing course on this issue, citing this line of cases as authority. The Ruiz v. Gap, Inc. case already was notable in that United States District Court Judge Samuel Conti, in March 2008, had previously ruled that allegations of a potentially increased risk of future identity theft were sufficient to make out a viable negligence claim under California law. At that time, Judge Conti denied the defendant’s motion to dismiss under Rule 12(b)(6) and held that the plaintiff had alleged an injury in fact, even though he noted that it was unclear what damages the plaintiff would be able to recover even if the plaintiff were to prevail on the merits. Compared to the many cases holding to the contrary, the Ruiz case was generally viewed as an outlier, as one of the few rulings to have held that an allegation of the mere increased risk of identity theft was sufficient to defeat a Rule 12(b)(6) motion.

But just this month, Judge Conti granted summary judgment to the defendants on this same issue. In doing so, the court held that an increased risk of identity theft did not constitute “the level of appreciable harm necessary to assert a negligence claim under California law.” The court expressly rejected parallels to medical monitoring claims in the toxic tort context, and expressly noted similar cases from other jurisdictions – namely Louisiana, Ohio, and Minnesota – none of which were referenced in the court’s 2008 opinion denying the defendants’ motion to dismiss. The decision appears to reflect a reconsideration of sorts by the court – the evidence obtained during depositions seemed to be no different from what the plaintiff alleged in his Complaint, so if those allegations were adequate to defeat a motion to dismiss, testimony to the same effect should have also been adequate to defeat summary judgment. This is merely our own speculation, but it could be that the court became aware, over the course of the past year, of the growing and substantial body of case law which has been rejecting these types of speculative claims.

Merchants Beware: Protect Your Customers and Company from Credit Card "Skimming"

John W. McGuinness — Fri, 10 Apr 2009 15:33:48 -0500

The current economic climate has had many consequences, including an apparent increase in economic crimes such as credit card fraud. In recent months, numerous credit card scams involving restaurant chains have been reported. For example, the Washington Examiner reported on March 29 that wait staff at several high-end restaurants in Washington, DC, including M&S Grill, 701 Restaurant, Clyde’s of Gallery Place and Bowie’s Carrabba’s Italian Restaurant, stole credit card numbers from customers and ran up a $750,000 tab at various luxury retail stores. In addition, the article references a similar scam recently uncovered in New Orleans, in which a waitress at Bubba Gump Seafood Company used a skimming device to capture customers’ credit card information. “Skimming” devices, which can easily be purchased over the Internet, are small enough for wait staff to carry in their pockets or aprons, and within a second can capture the electronic information stored in a credit card’s magnetic strip.

While such scams obviously cost consumers, merchants are also victims due to loss of consumer trust, the time and expense of cooperating with authorities and, if applicable, notifying potentially affected customers, and potential lawsuits under negligence and/or negligent hiring theories. Although merchants can never be completely assured that rogue employees will not engage in theft, they should consider the following steps to mitigate their risk:

(1) Handle credit cards in view of the customer. If the customer never loses sight of the credit card, theft is more difficult if not impossible. Retailers, restaurants and other businesses may wish to consider switching to portable credit card processing devices that allow customers to pay at the table.

(2) Carefully screen job applicants. Simple background checks can identify applicants with prior criminal histories.

(3) Educate and monitor employees. Ensure that employees are aware of the risks and consequences of credit card fraud (e.g., mere possession of a skimming device is a felony in many states), and adopt policies for employees handling customer credit cards. Monitor employees and encourage them to report any suspicious activity on behalf of their coworkers.

(Kelley Drye & Warren LLP Associate Joanna Baden-Mayer contributed to this post)

The End of the Arbitration Clause?

Donna L. Wilson — Thu, 09 Apr 2009 18:12:31 -0500

In order to avoid the substantial risks of class action litigation, many financial service providers – both traditional and non traditional – require that customer agreements contain an arbitration clause and a waiver of the customer’s right to bring a class action. However, recent court decisions and pending legislation suggest that certain types of these arbitration clauses may no longer be viable.

The overwhelming body of case law upholds the enforceability of such arbitration and class waiver provisions. See Adler v. Dell, Inc., No. 08-CV-13170, 2008 WL 5351042 (E.D. Mich. Dec. 18, 2008) (enforcing consumer arbitration provision with class waiver); Jenkins v. First Am. Cash Advance of Ga., LLC, 400 F.3d 868 (11th Cir. 2005) (class waiver in borrowers’ payday loan agreements did not render arbitration agreements unconscionable or unenforceable); and Snowden v. CheckPoint Check Cashing, 290 F.3d 631 (4th Cir. 2002) (rejecting argument that arbitration agreement was unenforceable as unconscionable due to class waiver).

However, recently some courts have taken issue with these provisions and deemed them unconscionable. A recent example of such a case is Homa v. American Express Co., No. 06-02985, 2009 WL 440912 (3rd Cir. Feb. 24, 2009).

In Homa, plaintiff brought a putative class action suit against American Express and its Centurion unit, alleging that they misrepresented the actual terms of the Blue Cash card rewards program and that defendants failed to award him the promised amount of cash back in violation of the New Jersey Consumer Fraud Act. However, the credit card member agreement that accompanied the Blue Cash card contained an arbitration and class waiver provision. Further, the agreement contained a choice-of-law provision indicating that any disputes arising out of the agreement would be governed by Utah law. Defendants argued that the plaintiff should be required to arbitrate his claims on an individual basis, because Utah law expressly allows arbitration and class waiver provisions in consumer credit agreements. On the other hand, the plaintiff argued that New Jersey law applied, because, as the application of Utah law would violate New Jersey’s public policy against certain class-arbitration waivers, New Jersey choice-of-law principles dictated that the agreement’s choice of Utah law was invalid. The district court sided with the defendants and dismissed plaintiff’s complaint.

The Third Circuit Court of Appeals reversed the trial court’s decision. In the opinion, the Third Circuit held that that the Federal Arbitration Act (“FAA”), 9 U.S.C. §§ 1-16, did not preclude the district court from applying New Jersey unconscionability principles to void the arbitration and class waiver clause, and therefore, plaintiff was entitled to pursue a class action against defendants in federal court in New Jersey. In so doing, the Court relied on the holding in a New Jersey state court decision styled Muhammad v. County Bank of Rehoboth Beach, Delaware, 912 A.2d 88 (N.J. 2006), that “‘[t]he public interest at stake in . . . consumers[’] [ability to effectively] pursue their statutory rights under [New Jersey’s] consumer protection laws’ constituted the ‘most important’ reason for holding a similar class-arbitration waiver unconscionable.” Further, the Third Circuit held that this interest “overrides” a defendant’s right to seek enforcement of a class-arbitration waiver in an agreement, particularly where the claims at issue are of such a low value as effectively to preclude relief if pursued individually. The case is now back in the district court.

Furthermore, this issue may be resolved by pending federal legislation that seeks to ban certain types of arbitration provisions. The Arbitration Fairness Act of 2009 would ban provisions requiring arbitration of (1) an employment, consumer, or franchise dispute, or (2) a dispute arising under any statute intended to protect civil rights. See H.R. 1020 The bill, which was referred to the House Judiciary Committtee on Feb. 12, 2009, currently has 43 co-sponsors, including that Committee Chairman Conyers (D-MI). A recent Legal Times report noted the plaintiffs bar's efforts to push the arbitration legislation on Capitol Hill. If enacted, the Act could start a wave of litigation in the consumer financial services sector.

The bottom line is that businesses should re-examine their customer agreement’s arbitration and class waiver provisions, paying particular attention to any choice of law provisions, and monitor these legal developments on a state-by-state basis. Homa tells us that the same arbitration and class waiver provision, while being upheld in one state, could be rejected in another.

Stay tuned for future posts analyzing cases decided in the wake of Homa and reporting on further developments with the Arbitration Fairness Act of 2009….

(Kelley Drye & Warren LLP Associate Veronica Gray contributed to this post)

Third Circuit Eases Ability to Remand Class Actions to State Court

John W. McGuinness — Thu, 09 Apr 2009 09:39:39 -0500

The Class Action Fairness Act (“CAFA”) eliminated longstanding barriers to removal of cases from state to federal court. To remove a class action under CAFA, it is no longer necessary for all plaintiffs and defendants to be completely diverse; now, only one class member and one defendant must be citizens of different states. Certain exceptions, however, including the local controversy exception, limit this broad access to federal court and provide a means for parties to keep certain actions in state court. The local controversy exception provides that federal court must decline jurisdiction where “significant” relief is sought from at least one defendant in the case whose conduct forms a “significant basis” for the claims asserted by the putative class. The Third Circuit, in Kaufman v. Allstate New Jersey Insurance Co., 561 F.3d 144 (3d Cir. 2009), recently became the first Court of Appeals to hold that CAFA does not require every class member to assert a claim against that local defendant for the action to remain in state court.

In Kaufman, plaintiffs sued six auto insurance companies in New Jersey state court and one defendant removed the action to federal court pursuant to CAFA. After plaintiffs moved to remand under the local controversy exception, but before the district court heard the petition, the plaintiffs dismissed three of the defendants. The district court then remanded the case, and the three remaining defendants appealed.

On appeal, only one of the three defendants, Allstate NJ, was a New Jersey citizen, and it was thus the only defendant that could possibly meet the “significant basis” requirement. Defendants argued that this language required that every class member have a claim against Allstate NJ and, since the individual class members of the plaintiff had a claim against only one of the companies, defendants maintained that the requirement was not met. The Third Circuit, however, disagreed, concluding that the local defendant’s conduct must form a significant basis of the overall action, seen in relation to the conduct of the other defendants, but need not form a basis of every individual claim.

The court further ruled that “the local defendant’s alleged conduct must be an important ground for the asserted claims in view of the alleged conduct of all the Defendants,” and that merely showing the conduct was “more than trivial” did not suffice.

(Kelley Drye & Warren LLP Associate Elissa O. Tomanda contributed to this post.)

Are Financial Institution Executives Becoming an Uninsurable Risk?

John W. McGuinness — Tue, 24 Mar 2009 18:22:06 -0500

You may have noticed that premiums for Directors and Officers Liability (“D&O”) insurance are skyrocketing, largely as a result of the subprime lending crisis, stock market volatility, and the ensuing financial uncertainty. According to the American Banker, since 2008 D&O premiums, depending on the coverage type, have increased between 15% to 40% since last year. This trend shows no sign of abating. Other reports, including a recent analysis by Aon, confirm this trend. Similar increases are forecast for the next several years as claims stemming from the current financial crisis are litigated and resolved. In fact, directors and officers of certain troubled businesses, particularly of financial institutions, may soon find that they are uninsurable at any reasonable price.

Higher premiums, however, are only one of the insurance industry’s reactions to the current financial conditions. Insurers also are instituting more restrictive terms and conditions, lower limits of liability, higher deductibles, and in some cases, specifically tailored exclusions that eliminate coverage for liability resulting from bankruptcy, bank failures, or claims brought by the Federal Deposit Insurance Corporation. In light of these developments, many financial institutions may find it difficult to retain and attract talented directors and officers at the very moment when such leadership is most needed. In fact, this current talent drain is a continuation of a trend that began in 2002 with the passage of the Sarbanes-Oxley Act.

One factor impacting rates and the availability of D&O insurance is the uncertainty surrounding AIG’s financial condition and future viability. AIG has long been the dominant underwriter of D&O insurance. As banks turn away from AIG for their D&O coverage, they are not finding the competition for their business that one might expect when an industry leader appears vulnerable. On the contrary, banks are facing a shrinking D&O market as several smaller carriers have decided to stop underwriting such coverage, especially for banks and other financial institutions, because the premiums are no longer perceived as worth the potential risk. In turn, those smaller insurers’ withdrawal from the market should only exacerbate the rate at which D&O insurance premiums increase in the ensuing months and years.

Faced with higher premiums for less D&O coverage, companies and their directors and officers should aggressively negotiate the most favorable coverage for their money. To that end, when negotiating new policies or renewals, they should carefully gauge their risk and exposure, and closely review proposed D&O policies, including exclusions, for provisions that could potentially eliminate coverage. If the proposed coverage is insufficient, or if sufficient coverage is only available at unreasonable rates, policyholders should consider alternative ways to maximize coverage and/or minimize risk going forward.

(Kelley Drye & Warren LLP Associate Justin F. Lavella contributed to this post.)

Fears of Future Identity Theft Generally Not Sufficient To Establish "Actual Damages" In A Lawsuit

Andrew S. Wein — Wed, 18 Mar 2009 12:30:00 -0500

Over the last few years, incidents involving disclosures of personal information by consumer financial service providers have been big news, ranging from the theft of laptop computers containing social security numbers, to hacker attacks on computer networks containing confidential information, to the more "vanilla" theft of personal documents. Not surprisingly, the plaintiffs' bar has been attempting to turn all of this worry about identity theft into big money - even where no identity theft has occurred. However, courts around the nation have been considering such claims, and responding with a virtually uniform voice to state that, however the claim may be styled, a plaintiff's speculative fear of potential future identity theft does not constitute "actual damages" under the law, and accordingly reject such lawsuits.

In the latest court opinion to address this issue, Pinero v. Jackson Hewitt Tax Service, Inc., No. 08-3535, 2009 U.S. Dist. LEXIS 660, (E.D. La. January 7, 2009), Chief Judge Sarah S. Vance dismissed various statutory and tort claims, including negligence, breach of contract, violations of a Louisiana data breach notification statute, and claims under the Tax Reform Act of 1976, against a national franchisor of income tax preparation services and its local independent franchisee. In the Pinero case, the plaintiff contended that the independent franchisee had failed to dispose of certain documents properly, which allegedly contained personal information. However, the plaintiff neither contended that her documents fell into the hands of a wrong-doer, nor that she had suffered any actual identity theft. Her damages claims were largely based on alleged emotional injuries and mental anguish, and theoretical consequential damages about steps she might need to take to deal with potential identity theft.

The Court rejected this theory of damages, and dismissed 6 of 7 claims, including negligence, breach of contract, and violations of the Louisiana data breach notification statute, holding that this type of speculative “injury” does not meet the required damages element. Also, in a holding of first impression, Judge Vance dismissed the federal claim for statutory penalties under the Tax Reform Act of 1976, ruling that commercial tax preparers are simply not subject to the provisions of the law governing disclosure of tax return information by the I.R.S. or its agents. The Court further ruled that the Louisiana data breach notification statute did not apply to paper documents – notably, Louisiana is not alone in this regard. Judge Vance also dismissed claims for fraudulent inducement and the Louisiana unfair trade practice law for a failure to adequately allege an intent to defraud. The Court only let the invasion of privacy claim survive, albeit noting skepticism about whether such a claim could succeed on the merits.

For further discussion of this case, see our recently published piece in the ABA "Secure Times" newsletter. And for a broader discussion of how other cases have addressed these types of claims, please see our article published in Andrews Litigation Reporter.

(Donna L. Wilson, Andrew S. Wein, and Veronica D. Gray represent Jackson Hewitt Tax Service in this case.)

NAACP To File Subprime Suits Against Wells Fargo and HSBC

Donna L. Wilson & Michael P. McGinn — Fri, 13 Mar 2009 09:18:03 -0500

The latest class action complaints alleging improper subprime lending practices are due to be filed against two banks today. The NAACP plans to file separate class action lawsuits today against Wells Fargo and HSBC. According to news reports, the suits, which will be filed in district court in California, allege that those banks engaged in deliberate discriminatory practices that forced minority borrowers into loans with higher interest rates than non-minority borrowers with similar credit histories. These actions follow, and appear to be an extension of, an NAACP lawsuit filed against HSBC, Countrywide, and at least 17 other mortgage lenders in 2007. That suit, which is still under way and recently survived a motion to dismiss, alleges broad discriminatory lending practices by mortgage lenders. These NAACP actions are just a few in a growing number of cases filed by private individuals and state and local governments relating to subprime lending.

All of those suits presumably support Congress' aggressive financial system reform agenda, including legislation to address mortgage lending practices. Yesterday, the House Committee on Financial Services held a major hearing to review mortgage lending practices and legislation to reform those practices. The chairman of that committee, Barney Frank (D-MA), announced that he plans to move that legislation out of committee this month, with the goal of a full House vote some time in April.

Use Of Customer Information For Data Mining May Be A Violation Of California Constitutional Right To Privacy

Donna L. Wilson — Thu, 05 Mar 2009 13:00:00 -0500

If you or your company have a loyalty program or collect customer information in any form, and reverse data mine for additional customer information, you face the risk of being sued in California for a violation of the California Constitutional right to privacy. Recently, in Watkins v. Autozone Parts, Inc., No. 08-cv-01509-H, 2008 WL 5132092 (S.D. Cal. Dec. 5, 2008), the United States District Court for the Southern District of California held that all a plaintiff needs to allege to state a claim for a breach of the constitutional right to privacy is that the defendant requested plaintiff’s personal information and then “covertly” reverse data mined for additional information about that plaintiff. As you may know, this decision cuts against the recent trend in California Courts of Appeal decisions aimed at narrowing the types of actions involving the collection of customer data that can be brought against retailer defendants (see e.g. Absher v. AutoZone, Inc., 164 Cal. App. 4th 332 (2008); TJX Cos., Inc. v. Sup. Ct., 163 Cal. App. 4th 80 (2008)), and creates great uncertainty for companies with respect to their ability to collect customer information.

In Watkins, plaintiff brought a putative class action alleging that Autozone violated the California Song-Beverly Credit Card Act, California Civil Code §1747.08 (the “Act” or “Section 1747.08”) by unlawfully requesting and recording personal customer information, and then “covertly” engaging in a “reverse search” to determine additional customer personal information, in violation of the California Constitution’s privacy provision.

First, the court held that plaintiff plead facts sufficient to support a claim for a violation of Section 1747.08. See 2008 WL 5132092, at *6. Second, and more significantly, in holding that plaintiff sufficiently plead a claim for invasion of privacy, the court reasoned that:

plaintiff adequately alleged a legally protected privacy interest in his home address;
the allegations that Autozone obtained and subsequently used his home address information from using his telephone number and credit card information after plaintiff’s purchase at Autozone satisfied the pleading requirements of a reasonable expectation of privacy in these circumstances; and
plaintiff sufficiently alleged that the invasion into his privacy was "serious," given his allegation that Autozone used his private information for profit without his consent and without informing him of the use of his information. See id.
Further, the court stated that the purpose of statutory provisions (including Section 1747.08) prohibiting the requesting of personal information from credit card customers “speaks to the potential seriousness of invasions that may occur.” Id. at *7 (citation omitted).

This holding creates great uncertainty for companies in determining in what circumstances collecting customer information and then reverse data mining is permissible. For instance:

Can a company utilize information that was obtained from a credit card customer for shipping purposes to reverse data mine for additional information about that customer?
Does a retail company violate a customer’s right to privacy by using a credit card customer’s zip code to obtain additional information about that customer given the recent California Court of Appeal holding that a zip code is not “personal identification information” under Section 1747.08? See Party City Corp. v. Sup. Ct. of San Diego County, No. D053530 (Cal. Ct. App. Dec. 19, 2008).

While Party City dealt with a retailer’s request for zip codes for demographic reasons, rather than for reverse data mining (like in Watkins), the decision itself is not so limited. Thus, arguably this decision, unlike Watkins, would permit retailers to request zip codes, and then reverse data mine for additional customer information. (For a more detailed discussion of California’s Song-Beverly Credit Card Act and its implication on retailers, please see the Kelley Drye Advisory entitled “Sellers Beware: Another Flurry of Class Actions Being Filed Against Retailers Accepting Credit Cards in California.” )

Further, given the minimal pleading requirements to state a right to privacy claim after Watkins, more plaintiffs are likely to add such a claim to actions brought under Section 1747.08 merely to increase the amounts and types of relief available. While Section 1747.08 provides for up to $1,000 in civil penalties per violation, a right to privacy claim under the California Constitution may permit an award of damages and/or injunctive relief, to which private citizens are not entitled under Section 1747.08.

However, your company is not without recourse. Several compelling arguments can be made against a right to privacy claim brought pursuant to Watkins, including:

Any such alleged wrong does not rise to the level of the “serious invasion,” which is typically reserved for conduct such as stalking and filming of neighbors in their homes.
A home address or telephone number – commonly found in publicly available telephone directories, on the Internet, and even on envelopes – is not the type of information that carries an objectively reasonable expectation of privacy.
In light of these decisions, companies would be well-advised to reconsider their ability to collect customer personal information, and to reverse data mine.

Reminder! All California Businesses That Accept Credit And Debit Cards Now Must Truncate Credit Card Information On All Transaction Receipts

John W. McGuinness — Thu, 05 Mar 2009 12:00:00 -0500

As of January 1, 2009, and in contrast to federal law, California Civil Code Section 1747.09 requires that no more than the last five digits of a credit or debit card number be printed on both the electronically-printed card receipt retained by the business as well as the receipt provided to customers. See CAL. CIVIL CODE § 1747.09(a)-(d). If you or your business accept credit cards or debit cards for payment you must ensure that all machines and registers are in compliance with these truncation requirements. Businesses that fail to comply with revised Section 1747.09 face potentially significant consequences, including enforcement actions by state agencies, and, perhaps more significantly, individual and class action lawsuits brought by cardholders.

A brief look at the recent history of class actions filed under the federal truncation statute – the Fair Credit Reporting Act (“FCRA”), which applies only to transaction receipts provided to customers – may offer guidance on how California courts may deal with actions brought under Section 1747.09.

Beginning in December 2006, plaintiffs’ attorneys began filing class action lawsuits against a broad spectrum of retailers and other businesses in California based largely on the failure to truncate expiration dates on electronically printed credit card receipts provided to consumers, and sought statutory penalties of between $100 and $1,000 per transaction for each “willful” violation alleged, plus attorneys’ fees, costs and punitive damages. See15 U.S.C. § 1681n. In order to prevent consumers, who had not suffered any actual damage, from recovering potentially annihilating statutory damages against retailers and other merchants, Congress passed the Credit and Debit Card Receipt Clarification Act, which added a provision to the Fair and Accurate Credit Transactions Act (“FACTA”) preventing consumers from obtaining statutory damages for willful expiration date violations taking place between December 4, 2004 and June 3, 2008. Further, several courts refused to certify a class on the theory that a class action is not superior to other methods for the fair and efficient adjudication of the controversy. However, no similar legislation has been enacted by the California legislature, and it remains to be seen whether courts will deny certification of a class action brought under Section 1747.09, as several courts have done in FACTA cases, to limit abusive lawsuits brought by consumers under California state law.

Accordingly, if you have not already done so, you should act swiftly to ensure that all machines and registers are in compliance with the truncation requirements. To accomplish this, consider auditing machines and registers by printing out receipts both retained by the company and issued to the customer. If any violation of Section 1747.09 or FACTA is detected, corrective action should be taken to limit potential liability and to decrease the risk of a potential lawsuit.

Congress Moves to Supplement Fed on Credit Cards

Donna L. Wilson & Michael P. McGinn — Thu, 05 Mar 2009 12:00:00 -0500

In yet another reminder to credit card providers that they need to continue monitoring government attempts to legislate and regulate credit card products, services and policies, two pieces of credit card legislation have been introduced that could significantly impact your business. The legislation follows recent action by the Federal Reserve Board, which on December 18, 2008, approved final regulations regarding credit card and other consumer banking practices that will take full effect by July 1, 2010. Those final rules virtually mirror the Fed’s May 2008 draft rules (summarized in this Kelley Drye Advisory).

First, on January 22, 2009, Rep. Maloney (D-NY) re- introduced the Credit Card Holders’ Bill of Rights (H.R. 627), a prior version of which passed the House in 2008 but did not make it through the Senate. Then, on February 11, 2009, Chairman of the Senate Banking Committee Chris Dodd (D-CT), re-introduced The Credit Card Accountability, Responsibility and Disclosure Act (S. 414). That legislation likewise had a prior life, though it did not make it out the Senate Banking Committee during the 110th Congress.

The apparent purpose of the legislation is to attempt to fill perceived gaps in and to expedite implementation of the changes offered by the Fed rules. As a representative from the American Bankers Association testified during a recent Senate hearing regarding Senator Dodd’s bill, the legislation goes beyond the Fed rules in certain respects. For example, among other things, that bill would prohibit card companies from charging customers for paying their bill by phone, it would attempt to control charges for late payments or other violations of the cardholder agreement, and it would prohibit the issuance of cards to consumers under 21 years of age. These and other measures would significantly restrict institutions’ abilities to manage their business and offer choices to consumers. Further, in attempting to bring about reform more quickly, both pieces of legislation would shorten the implementation period needed by financial institutions to alter their business practices and comply with the new rules.

With so much government and public attention on financial services and given the consumer protection focus of the Obama Administration and Democrats on the Hill, credit card legislation may pick up substantial support and momentum in the current Congress. Whether lawmakers can agree on how to move forward, and whether they can do so before the Federal Reserve rules take effect, remains to be seen. In any event, credit card providers should stay tuned!