The New York Department of Financial Services and the New York City Department of Consumer and Worker Protection are simultaneously engaged in amending their consumer debt collection rules. While the DFS rulemaking has been underway for nearly two years, the DCWP began its efforts last fall.
Posts published in “Compliance Management”
The Consumer Financial Protection Bureau increased the maximum civil penalty it can impose within its jurisdiction after Jan. 15, 2023. The increases are mandated by federal law, which requires agencies to adjust for inflation each civil monetary penalty within an agency’s jurisdiction by Jan. 15, 2023.
Just a few years ago, the annual review would primarily encompass federal activity. But a shift began in 2018, and by the close of this year, it’s clear there is far more state activity impacting consumer debt collection.
The upward trend in data privacy legislation continued in 2022. According to the National Conference of State Legislatures, “[a]t least 35 states and the District of Columbia in 2022 introduced or considered almost 200 consumer privacy bills,” which is a significant increase from 160 bills in 2021.
Legislation introduced in the New Jersey Assembly and Senate would prohibit “health care providers” from furnishing information concerning medical debt to credit reporting agencies.
Continuing with the heavy trend 2022 has seen of both federal and state regulator focus on medical debt coming on the heels of the aftermath of the COVID-19 pandemic, a bill introduced in the U.S. Senate is taking aim at the collection of medical debt.
In a pair of recent enforcement actions, the Federal Trade Commission cracked down on companies with allegedly lax data security measures that resulted in the theft of personal information of millions of consumers.
The Superintendent for the New York Department of Financial Services recently announced a consent order assessing a $4.5 million penalty against a health insurance company for violations of the DFS Cybersecurity Regulations, 23 NYCRR, Part 500.
Beginning Jan. 1, businesses operating in the District of Columbia will face new challenges under the DC Council’s new debt collection law with costly penalties in place for those who don’t comply.
The U.S. Court of Appeals for the Third Circuit recently held in Clemens v. ExecuPharm Inc. that the risk of future harm from a data breach can be enough for Article III standing, taking into consideration whether the breach was intentional, whether the data was misused, and the nature of the data accessed.
On Sept. 27, Michigan Sen. Rosemary Bayer and eight fellow Democrat cosponsors introduced Senate Bill 1182, which would create the Michigan Personal Data Privacy Act. The Michigan Legislature remains in session through the end of the year.
The U.S. District Court for the District of Massachusetts recently denied a motion to dismiss FDCPA and Mass. Gen. Law. Ch. 93 and 93A claims, holding that a constable qualifies as a “debt collector” under the Fair Debt Collection Practices Act and a “creditor” under Mass. Gen. Laws ch. 93.