Nearly two years after the TILA-RESPA Integrated Disclosure (“TRID”) rule went into effect (on October 3, 2015) and one year after the Consumer Financial Protection Bureau (“CFPB”) closed a comment period on a Notice of Proposed Rulemaking (“NPRM”) to adjust and clarify the rule, the CFPB’s modified TRID rule was published in the Federal Register on August 11, 2017 (the “2017 TRID Rule” or “2017 Rule”). An accompanying Detailed Summary of Changes and Clarifications was released on August 30, 2017.
While the full extent of damages caused by Hurricane Harvey is unknown at present, the storm has already caused unprecedented damage in Texas. That damage arises in the midst of pending legislative change that may affect significantly losses governed by Texas law.
Specifically, for losses governed by Texas law, a recent change in Texas law thrusts an immediate decision upon policyholders. The Hailstorm Bill signed into law earlier this year and effective September 1, 2017, will thereafter apply to all first-party claims under a policy providing coverage for real property or improvements to real property that “arises from damages to or loss of covered property caused, wholly or partly, by forces of nature, including …a hurricane.” While the Hailstorm Bill contains many substantive changes, a notable change is the reduction in the 18% penalty under Chapter 542 of the Texas Insurance Code (the “Prompt Payment Statute”) if an insurer fails to timely pay a covered claim. Any claim made before September 1, 2017, however, is governed by the current law, including the 18% penalty in the Prompt Payment Statute. Thus, for claims governed by Texas law, policyholders must file a claim on or before Thursday, August 31, in order to benefit from the current 18% penalties (and other provisions) provided under pre-September 1, 2017 Texas law.
As policyholders begin to evaluate their losses, careful consideration will need to be given not only to direct damage or destruction of insured property, but also from the interruption of business resulting from that property damages, contingent business interruption caused by damage to the property of important suppliers, customers, and other business partners; extra expenses incurred to resume normal operations; lack of access to property due to damage to buildings, roads, docks, etc.; interrupted electric, gas, and water services; and other circumstances depending on the particular business involved.
The Ninth Circuit has opined, again, on whether a statutory violation of the Fair Credit Reporting Act (“FCRA”), 15 U.S.C. §§ 1681, et seq.—by itself—constitutes a concrete injury for Article III standing purposes. Last year, in Spokeo, Inc. v. Robins, the United States Supreme Court vacated and remanded the Ninth Circuit’s original opinion on the issue. Although the Ninth Circuit had reviewed the plaintiff’s allegations for existence of a particularized injury, it had not separately analyzed whether they described a sufficiently concrete injury. In Spokeo, the Supreme Court ruled that “a bare procedural violation [of a federal statute], divorced from any concrete harm,” does not suffice to “satisfy the injury-in-fact requirement of Article III.” But the Court declined to define a “bare procedural violation” in favor of allowing the Ninth Circuit to first consider the question. Now that the Ninth Circuit has done so, the Supreme Court may take up the question once more.
To read the full alert, click here.
The D.C. Circuit recently gave its opinion as to whether pleading an increased risk of future injury is sufficient to establish Article III standing to sue in a data breach class action filed in federal court. The issue has divided federal circuit courts of appeals.
In answering in the affirmative, the D.C. Circuit joined the view of the Sixth, Seventh, and Eleventh Circuits. Compare Attias v. CareFirst, Inc., — F.3d —-, No. 16-7108, 2017 WL 3254941 (D.C. Cir. Aug. 1, 2017), with Resnick v. AvMed, Inc., 693 F.3d 1317 (11th Cir. 2012); Galaria v. Nationwide Mut. Ins. Co., 663 Fed. Appx. 384 (6th Cir. 2016) (unpublished); Lewert v. P.F. Chang’s China Bistro, Inc., 819 F.3d 963 (7th Cir. 2016); and Remijas v. Neiman Marcus Grp., LLC, 794 F.3d 688 (7th Cir. 2015). In Attias, the plaintiffs did not allege that they had suffered identity theft as the result of a hacking incident involving a system containing their data. The defendant argued that the mere threat of future harm was too speculative to give rise to standing. But the D.C. Circuit held that it was plausible that the unauthorized party had “the intent and the ability to use [the] data for ill” and thus that the plaintiffs had jurisdictional standing at least at the pleading stage. Id. at *1, *5-*6. Notably, the standing issue arises under Fed. R. Civ. P. 12(b)(1) as an issue of subject matter jurisdiction. The D.C. Circuit did not otherwise decide whether the plaintiffs’ allegations stated a claim that could withstand a motion to dismiss under Fed. R. Civ. P. 12(b)(6), allowing the district court the opportunity to first review the question.
By contrast, the Second and Fourth Circuits have held that data breach plaintiffs lack standing where they plead nothing more than an increased risk of future injury. See Whalen v. Michaels Stores, Inc., — Fed. Appx. —-, No. 16-260, 2017 WL 1556116, at *1 (2d Cir. May 2, 2017) (unpublished); Beck v. McDonald, 848 F.3d 262 (4th Cir. 2017), cert. denied sub nom., Beck v. Shulkin, No. 16-1328, 2017 WL 1740442 (U.S. June 26, 2017).
Notwithstanding the circuit court split, the United States Supreme Court has yet to grant certiorari to review the issue. We will continue to monitor and report on developments in data breach standing law as they occur.
Effective December 1, 2017, certain amendments to the Federal Rules of Bankruptcy Procedure (“the Bankruptcy Rules”) recently adopted by the Supreme Court will impact the allowance of secured claims in bankruptcy. Below, we focus on the amendments to Bankruptcy Rule 3002, which will serve to:
- Clarify that Rule 3002 applies to secured claims in cases pending under chapters 7, 12, or 13 of the Bankruptcy Code.
- Shorten the deadline for filing proofs of claim to seventy (70) days after the bankruptcy filing.
Recently, the Consumer Financial Protection Bureau (CFPB) promulgated its final arbitration agreement rule. The rule comes more than 11,000 comments, 13 months, and one change in presidential administration after the CFPB issued its proposed rule in May 2016. (K&L Gates previously reported on the issuance of the proposed rule here.) Yet despite its long history, Congress began taking steps to repeal the rule almost immediately.
Last week, a bi-partisan coalition of political groups and the federal government completed briefing cross motions for summary judgment in American Association of Political Consultants, Inc., et al. v. Sessions, Case No. 5:16-cv-00252-D (E.D.N.C.). The case challenges the constitutionality of a portion of the Telephone Consumer Protection Act (“TCPA”). The plaintiffs contend that the TCPA’s prohibition on making auto-dialed calls or texts to cell phones without the requisite consent, 47 U.S.C. § 227(b)(1)(A)(iii) (the “cell phone ban”), imposes a content-based restriction on speech that fails to pass strict scrutiny and is unconstitutionally under-inclusive (the plaintiffs’ complaint is discussed here). The government is defending the statute’s constitutionality (previously discussed here).
In a win for real estate settlement service providers, another federal court has rebuffed the Consumer Financial Protection Bureau’s (“CFPB”) aggressive interpretation and enforcement of Section 8 of the Real Estate Settlement Procedures Act, 12 U.S.C. §§ 2601-2617 (“RESPA”). Specifically, in Consumer Financial Protection Bureau v. Borders & Borders, PLC, the District Court for the Western District of Kentucky recently granted the defendants’ summary judgment motion and dismissed the CFPB’s RESPA Section 8(a) claims. See 2017 WL 2989183 (W.D. Ky. July 13, 2017).
In prepared remarks delivered to the Consumer Advisory Board on Thursday, June 8, 2017, Consumer Financial Protection Bureau Director Richard Cordray explained that the CFPB is moving forward with its long-anticipated debt collection rules. K&L Gates previously chronicled the CFPB’s efforts to promulgate debt collection rules here, here, and here.
The Director emphasized his view that new debt collection rules are necessary because of the age of the Fair Debt Collection Practices Act—enacted in 1977—and the statute’s inability to fit modern methods of communication. According to the Director, the forthcoming rules would benefit consumers and industry participants by clarifying what constitutes unfair collection practices. Substantively, the Director focused on the portion of the CFPB’s July 2016 outline aimed at ensuring that debt collectors possess correct information about debts they are seeking to collect and consumers who owe those debts. In a notable shift, the Director indicated that the CFPB is prepared to issue a single set of debt collection rules relating to the gathering of information by and transfer of information between first-party creditors and third-party debt collectors. Acknowledging that the shift will require the CFPB to take some additional time to iron out “intertwined issues,” the Director suggested that the CFPB will try to fast-track other aspects of its proposed rulemaking, including the information third-party debt collectors must disclose to consumers and the manner in which third-party debt collectors interact with consumers.
K&L Gates will continue to monitor and report on further developments.
By: John ReVeal
More than three years after proposing amendments to Regulation CC to add new indemnities for remotely deposited checks, new warranties for electronic checks and electronic returned checks, and new indemnities for electronically created items, the Federal Reserve has at last issued final rules. These new rules also modify the expeditious return rules, including by making electronic returned checks subject to those requirements. The final rules were issued on May 31, 2017, and will take effect on July 1, 2018.
To read the full alert, click here.