Wiley Consumer Protection Download (May 31, 2022) – Dodd-Frank, Consumer Protection Act

Wiley Consumer Protection Download (May 31, 2022) – Dodd-Frank, Consumer Protection Act

Welcome to Wiley’s update on recent developments and
what’s next in consumer protection at the Consumer Financial
Protection Bureau (CFPB) and Federal Trade Commission (FTC). In
this newsletter, we analyze recent regulatory announcements, recap
key enforcement actions, and preview upcoming deadlines and events.
We also include links to our articles, blogs, and webinars with
more analysis in these areas. We understand that keeping on top of
the rapidly evolving regulatory landscape is more important than
ever for businesses seeking to offer new and ground-breaking
technologies. Please reach out if there are other topics you’d
like to see us cover or for any additional information.

Check out Wiley’s Biden Administration Resource
for insights on the shifting legal and
policy landscape under the 46th President.

To subscribe to this newsletter, click here.

Regulatory Announcements

CFPB Releases Guidance on ECOA Requirements for
Algorithmic Credit-Related Decisions.
On May
, the CFPB published a Consumer Financial Protection Circular
addressing creditors’ requirements under the Equal Credit
Opportunity Act (ECOA) when using algorithms in connection with
making credit decisions, including requirements to issue compliant
adverse action notices. The Circular emphasizes a number of points,
including that ECOA and its specific adverse action requirements
apply even where creditors use complex algorithms to make lending
decisions, which sometimes may create challenges in identifying the
specific reasons for denying credit or taking other adverse

CFPB Shifts its Innovation Office to a New “Office
of Competition and Innovation.”
On May
, the CFPB announced that the Office of Competition and
Innovation would replace its Office of Innovation, which was
originally founded as “Project Catalyst” and which in
recent years had focused on Sandbox, No-Action Letter, and other
programs designed to promote innovation. In a press release, the
agency described these previous initiatives as efforts to
“confer special regulatory treatment on individual
companies.” The new office will aim to increase competition by
exploring ways to make it easier for consumers to switch service
providers; research market-structure issues that may inhibit
innovation; explore the effect of product offerings by larger
companies on smaller competitors; continue to pursue rulemaking
efforts under Section 1033 of the Consumer Financial Protection Act
to “give consumers access to their own data”; and host
events aimed at analyzing market barriers to entry.

FTC Publishes Blog Post on Incident Response, Stating
That Failure to Disclose a Data Breach May Violate the FTC
On May 20, the FTC’s Chief
Technology Office Team and the Division of Privacy and Identity
Protection published a Blog Post on incident response and breach
disclosure. The Blog Post states that “in some instances, the
FTC Act creates a de facto breach disclosure requirement because
the failure to disclose will, for example, increase the likelihood
that affected parties will suffer harm.” The Post further
states that “a breached entity that fails to disclose
information to help parties mitigate reasonably foreseeable harm
may violate Section 5 of the FTC Act.” The Blog Post cites the
FTC’s settlement with CafePress, which we discussed in our March 28, 2022 Newsletter. There, the agency
reached a settlement with CafePress after the entity allegedly
failed to reasonably respond to security incidents by notifying
customers after suffering multiple breaches.

FTC Holds May 2022 Open Commission Meeting and Releases
Policy Statement on Education Technology and Request for Comment on
Endorsement Guides.
On May 19, the FTC
held a virtual Open Commission meeting to consider: (1) a Policy Statement on Education Technology and the
Children’s Online Privacy Protection Act (Policy
Statement); and (2) a Request for Public Comment on Amendments to the
Guides Concerning the Use of Endorsements and Testimonials in
Advertising (Request for Comment). Both items were approved by
5-0 votes.

The Policy Statement notes that the agency will focus
Children’s Online Privacy Protection Act (COPPA) enforcement
actions on, among other things, violations on prohibitions against
mandatory data collection as a condition of using educational
technology (Ed Tech) services and other services directed towards
children under the age of 13, and violations of COPPA’s rules
on how companies that collect personal information from children
can use that information. During the meeting, all five FTC
Commissioners expressed strong support for the Policy Statement.
Following the FTC’s approval of the Policy Statement on May 19,
staff attorneys published a blog post warning Ed Tech companies that
“they must follow the law, including by properly safeguarding
[childrens’] personal information and, where a company relies
on the school to provide consent, using kids’ information only
for school-related purposes, not for things like

The Request for Comment, meanwhile, proposes a number of
revisions to the FTC’s Endorsement Guides. The Guides address the
application of Section 5 of the FTC Act to the use of advertising
endorsements and testimonials. Among other matters, the Request for
Comment seeks input on treating the deletion of negative reviews or
the decision not to publish negative reviews as a deceptive act or
practice under Section 5 of the FTC Act; addresses endorsements
made on social media posts; and solicits feedback on adding a
section to the Endorsement Guides focused on advertising towards

FTC Chair Khan Testifies Before U.S. House
Appropriations Subcommittee.
On May 18,
FTC Chair Lina Khan testified before the U.S. House Appropriations
Subcommittee on Financial Services and General Government. During
her testimony, Chair Khan highlighted the agency’s FY 2023
budget request of $490.0 million (a proposed increase from the FY
2022 request of $376.5 million). Chair Khan argued that the request
to increase the FY 2023 budget by $113.50 million “will fund
an additional 215 [full-time employees] and enable us to address in
part the increased demand on agency staff and resources.”
Chair Khan also stated that the agency “has seen a soaring
number of reports about business imposters, substantial losses
stemming from online shopping and undelivered merchandise, a rising
number of cryptocurrency and other income scams, work-from-home
scams, fake check scams, and deceptive online trading offers.
Between 2019 and 2021, the number of consumer reports has increased
by over 67 percent, from 3.4 million reports in 2019 to 5.7 million
reports in 2021.” A recording of the hearing is located here.

Significant Enforcement Actions

FTC Reaches Settlement With Twitter for Allegedly Using
Account Security Data for Targeted Advertising.
May 25, the FTC announced that it reached a settlement with
Twitter, Inc., for alleged violations of a 2011 FTC order. The
Commission voted 4-0 to refer the complaint and stipulated final
order to the Department of Justice for filing. The complaint alleges that the company asked users to
provide a phone number or email address to improve account
security, including by allowing users to reset passwords, unfreeze
accounts, and enable two-factor authentication, but it allegedly
used that information to aid advertisers in conducting targeted
advertising without adequate disclosure. Among other things, the proposed order provides injunctive relief and
a $150 million penalty. The FTC released a blog post outlining key takeaways of the

FTC Announces Settlement with Substance Abuse Treatment
On May 17, the FTC announced that it filed suit against and
reached a settlement with Ft. Lauderdale, Fla.-based R360 LLC and
its owner, Steven Doumar, for alleged violations of the Opioid
Addiction Recovery Fraud Prevention Act of 2018, the first action
taken by the FTC under the Act. The Commission voted 4-0 to approve
the complaint and proposed order. The complaint alleges that the company misrepresented to
consumers suffering from substance abuse that it would connect them
with treatment centers that met their individualized needs and were
selected through a rigorous evaluation process conducted by an
expert in substance use disorders and addiction treatment, when the
matches were in fact made by the owner, who lacked the requisite
qualification to make those decisions. The proposed order provides injunctive relief,
including prohibitions against misrepresenting any material fact
about substance use disorder treatment products or services, and a
civil penalty of $3.8 million, which is suspended based on
inability to pay.

Upcoming Comment Deadlines and Events

CFPB Seeking Comment on Agency’s Supervisory
Authority Over Nonbank Companies, Including Fintechs.

Comments are due May 31 on a CFPB Procedural Rule to implement the agency’s
announcement that it is invoking its supervisory authority over
certain nonbank financial companies. As explained in the Procedural
Rule, Section 1091 of the CFPA provides that the CFPB may supervise
a nonbank entity that the agency “has reasonable cause to
determine, by order, after notice to the covered person and a
reasonable opportunity for such covered person to respond . . . is
engaging, or has engaged, in conduct that poses risks to consumers
with regard to the offering or provision of consumer financial
products or services.” The invocation of this nonbank
supervisory authority is not focused on any specific financial
products and services offered to consumers and may potentially
encompass many financial technology (fintech) companies. While the
Procedural Rule took effect on April 29, the CFPB “welcomes
comments on this rule” and the agency “may make further
amendments if it receives comments warranting changes.”

FTC Seeks Comment on Horseracing Integrity and Safety
Authority Registration Rule.
Comments are due May 31 on the
Horseracing Integrity and Safety Authority (HISA) proposed Registration
Rule, which details which details which persons much register
with HISA, and the applicable registration requirements. HISA,
which was established following the implementation of the
Horseracing Integrity and Safety Act of 2020, is charged with
developing a horseracing anti-doping and medication control program
and a racetrack safety program. The Registration Rule will only
take effect if approved by the FTC.

FTC Solicits Feedback on Proposed Changes to Energy
Labeling Rule.
Comments are due July 11 on the
FTC’s Notice of Proposed Rulemaking seeking comment
on updates to the Energy Labeling Rule. The Energy Labeling Rule,
which was originally promulgated in 1979 to implement the Energy
Policy and Conservation Act, requires manufacturers to attach
labels to home appliances and other consumer products that allow
consumers to compare energy usage and competing model costs. The
Notice of Proposed Rulemaking requests public feedback on updates
to three consumer disclosures for covered products – 1)
estimated annual operating cost, 2) a “comparability
range” showing the highest and lowest energy consumption or
efficiencies for all similar models, and 3) the product’s
energy consumption or energy efficiency rating.

FTC Holding Virtual Event on “Stealth
Advertising” Towards Children.
On October
, the FTC will host a virtual event “to examine how best to
protect children from a growing array of manipulative marketing
practices that make it difficult or impossible for children to
distinguish ads from entertainment in digital media.” The
event will examine evolving practices, such as the “kid
influencer” marketplace, and the techniques being used to
advertise to children over the Internet. Research papers and
written comments may be submitted to the FTC here by
July 18.

FTC Seeking Research Presentations for PrivacyCon
Research presentations are due July
for PrivacyCon 2022, which will take place
virtually on November 1. As part of the event, the
FTC is seeking empirical research and presentations on topics
including: algorithmic bias; “commercial surveillance”
including workplace monitoring and “biometric
surveillance”; new remedies and approaches to improve privacy
and security practices; and the privacy risks posed by emerging
technologies for children and teens.

More Analysis from Wiley

And Then There Were Five: Connecticut Adopts
Comprehensive State Privacy Law

FTC Takes Action Against Company for Collecting
Children’s Personal Information Without Parental

Lawmakers Continue to Scrutinize Algorithm Use
Directed at Youth

U.S. State Privacy Law Guide

Webinar: Transactional Due Diligence Related to
Privacy & Cybersecurity

NIST Seeks Feedback on Draft AI Risk Management
Framework in Connection with Extensive Stakeholder Workshop

Utah to Add Fourth Omnibus Privacy Law to the
Growing State Patchwork

Federal Efforts Introduced to Protect Non-HIPAA
Health Data

Webinar: FTC’s Revised Safeguards Rule: How To
Navigate New Information Security Requirements

Industry Highlights NIST Cybersecurity
Framework’s Value as NIST Weighs a Potential Update

CISA Signals Cyber Incident Report

‘An Avalanche of Rulemakings’ – The
FTC Gears Up for an Active 2022

EU and U.S. Reach Agreement in Principle on New
Data Privacy Framework for EU-U.S. Data Transfers

Steps to Take in 2022 To Prepare for New State
Privacy Laws

The Top 5 Cyber Issues for 2022

Podcast: Ransomware, Geopolitical Tensions, and
the Race to Regulate

2022 Cyber Watch List: A look at 2021 and
What’s to Come in the Year Ahead

Podcast: Why the FTC Matters for Fintech

White House Seeks to Develop AI Bill of Rights and
Calls for Feedback on Use of Biometric Data

Podcast: Cyber in 2022: What Happened and What is

Podcast: Artificial Intelligence Can Do Really
Dumb Things With Personal Information

American Bar Association Webinar: Crypto at a
Crossroads: Crypto and Privacy

Data Transfers from the EU – Further
Guidance Issued

Duane Pozza Discusses Emerging Regulatory Approach
to Crypto and DeFi

Legal 500 US Recognizes Wiley’s Telecom, Media &
Technology Practice as Tier 1. Read more here.

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

Source link

Related post

EDUCAUSE 2022: How Data Collection Can Improve Student and Faculty IT Support

EDUCAUSE 2022: How Data Collection Can Improve Student and…

At Indiana University, Gladdin said, to make life easier for students and faculty, they implemented a course template for the Canvas…
UGC, AICTE warn students against online PhD programmes offered by EdTech platforms | Latest News India

UGC, AICTE warn students against online PhD programmes offered…

The University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) on Friday issued a joint advisory against…
UGC, AICTE warn students against online PhD programmes offered by EdTech platforms | Latest News India

UGC, AICTE warn students against online PhD programmes offered…

The University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) on Friday issued a joint advisory against…

Leave a Reply

Your email address will not be published.