Consumer Protection

Vermont AG Discourages Reuse of Renewable Credit

  • Vermont AG William Sorrell issued official guidance for solar power companies to use when making statements regarding the character of electricity provided by a project facility without factoring in the impact of selling renewable energy credits (RECs) in regional markets. The sale of RECs helps finance solar power projects and they are often sold in advance to larger polluters that need them to offset their emissions.
  • The AG clarifies that he will view it as a violation of the Vermont Consumer Protection Act if a solar power project company makes representations that it will provide electricity to the local community that is "renewable," "clean," "green," etc., but the power provider has already sold the corresponding RECs.
  • The guidance indicates that Vermont law is harmonized with federal law as exemplified in the Federal Trade Commission's Guides for the Use of Environmental Marketing Claims. The guidance refers to a letter to Green Mountain Power, from the FTC indicating that that once RECs are sold or transferred, the company "has forfeited its right to characterize the power delivered from those facilities as renewable, in any way."

Consumer Financial Protection Bureau

CFPB Reaches Settlement Over Company's Attempts to Collect on Unverified Debt

  • The Consumer Financial Protection Bureau (CFPB) has reached an agreement with Collecto, Inc., doing business as EOS CCA, to resolve allegations that the debt collector violated the Fair Credit Reporting Act and the Fair Debt Collection Practices Act by failing to verify the accuracy of the consumer debt it acquired and on which it attempted to collect.
  • The complaint alleged that EOS paid $35.4 million for a portfolio of defaulted consumer cell phone debt with a face value of $2.3 billion, and then proceeded to collect on the debt without verifying the accuracy of the accounts or determining which accounts had been disputed by the individual consumer. It also alleged that EOS reported account information en masse to credit reporting agencies, with knowledge that the information was not necessarily true for all accounts.
  • EOS, without admitting guilt, agreed to enter into a consent order, and will refund at least $743,000 to consumers according to a redress plan to be approved by the CFPB. EOS will pay $1.85 million in civil penalties, and will remove all information reported to credit bureaus related to the unsubstantiated or disputed debts. EOS also agreed to stop associated collection activity, and to refrain from reselling the unsubstantiated debt until such time as it can conduct proper verification.

CFPB Settles Dispute Over Murky Use of Consumer Reports

  • The CFPB reached an agreement with Clarity Service, Inc. and owner Tim Ranney, resolving claims that the self-identified "Credit Bureau for Middle America" violated the Fair Credit Reporting Act (FCRA) when it provided consumer data for marketing purposes to businesses that focused on subprime and high-risk loans.
  • The CFPB alleged that Clarity accessed personal consumer information from third-party credit agencies—in some cases causing the consumer's file to reflect a credit inquiry—and used that information to create marketing materials to distribute to prospective clients. In addition, the CFPB alleged that Clarity failed to investigate consumer disputes relating to such credit inquiries, even though the company was aware that some information in its consumer files came from unreliable sources.
  • This case demonstrates the importance that under the FCRA consumer credit information may only be used for a "permissible purpose." The FCRA provides a list of permissible purposes, most of which from a business's perspective involve a specific consumer request (e.g., opening credit account, employment purpose, underwriting insurance application as requested by consumer, etc.).
  • Clarity agreed to enter into a consent order, the terms of which require it to pay $8 million in civil penalties, and to make changes to its business practices, including: to cease from selling consumer reports to users who lack a permissible purpose; to implement procedures that ensure end users have a permissible purpose and appropriate credentials; and to ensure that consumer disputes are properly investigated.

States v. Federal Government

Colorado Supreme Court Dodges Dispute Between Governor and AG

  • The Colorado Supreme Court denied a petition from Governor John Hickenlooper (Democrat) asking the Court to determine whether Colorado AG Cynthia Coffman (Republican) can participate in a lawsuit filed by multiple State AGs challenging federal pollution regulations, when the Governor does not wish the State to participate.
  • In a one-page decision, the Court declined to exercise its original jurisdiction to decide the dispute, determining instead that the petition did not satisfy Colorado Appellate Rule 21 because there was an "adequate alternative remedy." As noted by commentators, however, the Court did not indicate what that alternative was.
  • The decision refers to a 2003 Colorado Supreme Court case, People ex rel. Salazar v. Davidson, in which the Court rejected the argument that the AG was limited to exercising only statutory powers, but was instead tasked with representing the people of the State. See 79 P.3d 1221, 1229 (Colo. 2003).

Data Privacy

U.S. House Committee Clears Data Security Act

  • The House Financial Services Committee voted to approve the Data Security Act of 2015 (H.R. 2205). The bill would establish a national standard for data security and breach notification for financial institutions and retailers. Industry groups came out in support of the bill, indicating that "[it] would increase protections for consumers by ensuring all entities that handle sensitive financial data have a robust process to protect data in place."
  • The bill, however, is not without detractors among consumer watchdog groups (including These groups are calling it a Trojan Horse, as it appears to offer enhanced national data protection, but would preempt state laws on data security and breach notification that are in many cases more vigorous than the bill. The groups also noted, along with earlier arguments from 47 State AGs, that a uniform federal standard would lack flexibility and prevent future innovations at the state level.

EU Reaches Accord on Data Privacy and Breach Notification Law

  • The European Parliament, Council, and Commission reached agreement to advance the Network and Information Security Directive, the first EU-wide law on data privacy and breach notification.
  • The Directive will require "operators of essential services" to implement security measures and notify national authorities in the event of a data breach. Essential services are listed in the Directive to include the following sectors: energy, transport, banking, stock exchange, health care, water, digital infrastructure, and digital service providers.
  • Once the Directive text is finalized and published in the EU Official Journal, Member States will have 21 months to implement it, and six additional months to identify the firms to be deemed operators of essential services.


SEC EB-5 Enforcement Actions Highlight Problems for Attorneys Moonlighting as Brokers

  • The Securities and Exchange Commission (SEC) filed a series of enforcement actions centered around the EB-5 visa program, alleging that the indicated lawyers acted as unregistered securities brokers in violation of Section 17(a) of the Securities Act of 1933 and Section 10(b) of the Exchange Act of 1934. The EB-5 program offers permanent residence in the U.S. to foreign citizens provided they make certain specified investments in U.S. businesses.
  • Although many of the actions were settled through SEC cease-and-desist proceedings, the SEC filed a complaint in federal court against immigration attorney Hui Feng, and his law firm, alleging that although Feng has never registered as a securities broker, he received commissions, often through overseas bank accounts, from various investment promoters in exchange for referring his EB-5 applicant clients to make investments in the promoters' offerings. Over a four-year period, Feng and related entities allegedly received almost $5 million in commissions and future payment obligations in connection to such referrals. The SEC also argues that Feng committed a breach of his fiduciary and legal duties by failing to disclose to his clients that he was earning such commissions.
  • In the case against Feng, the SEC is seeking an injunction, disgorgement, and civil penalties. The administrative settlements focused on disgorgement without civil penalties.


European Commission Pursues Smartphone Chipmaker on Two Fronts

  • The European Commission has filed charges against Qualcomm Inc., for abusing a dominant position in worldwide markets by allegedly paying a major customer to exclusively use its 3G and 4G chipsets, and by selling 3G chipsets below cost in order to prevent a smaller competitor from staying in the market.
  • Qualcomm indicated that it is cooperating with the Commission, and that it "look[s] forward to demonstrating that competition in the sale of wireless chips has been and remains strong." Under EU antitrust rules, if the Commission finds a violation, it can impose fines up to 10 percent of the chipmakers annual global revenue. For 2014, Qualcomm reported $26.49 billion in revenue.
  • Last month, Korean competition authorities issued a preliminary report accusing Qualcomm of charging anticompetitive licensing fees, a claim that Qualcomm indicated was "a serious misapplication of law." However, in February Qualcomm agreed to pay $975 million to settle similar allegations by Chinese regulators of using a dominant position to charge unfair license fees.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.