WASHINGTON–There is a new legal risk potentially facing credit unions and it involves wiretapping and a law firm that has been a serial filer of lawsuits against CUs related to overdraft disclosures.
In the new case, the threats have to do with the laws in certain states that could be applied to the recording of text chats, even in cases where chatbots are involved, and the recording of a member’s voice for use in voice-authentication systems. They also potentially could apply to the tracking of a member’s activity on the CU’s website.
During a session at CUNA’s GAC titled “What’s New on the Litigation Front,” three attorneys offered updates across a host of potential legal actions against credit unions. Sharing their insights were Cristina Miller, a partner with Styskal, Wiese & Melchione, LLP; Brandy Bruyere, a partner with Honigman, LLP, and Ashley Beach, a partner with Fox Rothschild, LLP.
New Threat, Old Name
Among the newest of those new threats is the threat of being sued for wiretapping, even if it sounds like something from the Cold War and landlines.
Miller said the issue is state laws related to having dual consent to record an electronic conversation between two parties, even if it was recorded for use later, such as for quality control.
“I don’t know anybody who had wiretapping litigation on their bingo card this year, but we are starting to see it,” said Miller. “We may be up to 20 demand letters in my office around this theory and they are winning in a number of court cases.”
California-based Pacific Trial Attorneys is behind many of the cases. That is the same firm that was behind many of the lawsuits against credit unions that alleged CU websites were in violation of the Americans With Disabilities Act because they didn’t offer accommodations for the blind.
Miller urged CUs to get disclosures in place that conversations could be recorded, as the lawsuits are seeking to become class actions.
The Junk Fees Issue
Meanwhile, Miller said the CFPB’s actions around so-called “junk fees” are going to bedevil credit unions, particularly around overdraft fees. The issue is what’s known as “authorize positive/settle negative,” or APSN, and they have led to class actions, she said.
“This is really a disclosure issue, all about the words on the page in overdraft litigation,” said Miller. “For the most part, a lot of these transactions are not illegal, per se, but it is a matter of how you disclose it, and that has been the case for APSN, often for signature-based debit card transactions. When the purchase is authorized there is sufficient money in the account and it’s approved. But these really depend on the merchant and when they send the transaction for settlement. At the time of settlement, is there sufficient money in the account? In talking to clients part of the problem is the software.”
Miller noted that in the fall of 2022 the CFPB ‘upped the ante” with a $140 million penalty to Regions Bank. Regions had disclosed its overdraft policies, but the CFPB found it to be a violation of UDAAP.
The CFPB pulled a lot of complaints from its Consumer Complaints Portal, Miller added.
“The plaintiffs’ bar takes these decisions and then seeks to make a pre-litigation demand,” Miller explained.
Convenience Fees, Inconvenient Litigation
She added there are also class actions being filed around the charging of “convenience fees.”
“This is really going to depend on what state you are in,” said Miller.
Not Just a Voice in the Wilderness
Brandy Bruyere, from Honigman, LLP, and a former NAFCU attorney, said she has been fielding questions around some of the anti-fraud tools that have gotten pretty sophisticated, such as voice recognition software.
“It can help to authenticate members’ identity,” said Bruyere, but there are “multiple lawsuits across a variety of industries that allege improper collection, storage and use of consumers’ biometric data without appropriate consent. Some states have laws governing such data, such as California and Illinois.”
Many claims involve “voiceprints” that use AI and other technology, she said.
The Gatekeeper Issue
At issue are claims being made that use of software called Gatekeeper, which records and examines consumer voice prints. Plaintiffs are alleging violations of the California Invasion of Privacy Act, which allows up to $5,000 in damages per violation.
“When implementing these kinds of fraud prevention tools, beware of disclosure and consent requirements and best practices,” Bruyere stated, adding as an aside it seems ironic, at best, that those filing suits use technologies such as Alexa and Tik Tok, but they are upset financial institutions have a recording of their voice.
“What can you do? Bring in legal, compliance, and your risk team before implementing,” Bruyere said. “Make sure you know what states you are operating in and what laws might be involved. Consider best practices relative to data privacy, data security and consumer disclosures and consent.”
The Zelle Lawsuits
While the litigation could apply to any P2P platform, as CUToday.info has reported it has been institutions that use Zelle that have been targeted by litigation that alleges people were victimized by fraud, even if they participated, should have been warned. Credit unions have been among those hit by such suits.
“The gist is the member is contacted by a fraudster and induced to send the fraudster money, and then they call the credit union,” said Bruyere. “Some (fraudsters) claim to be the power company; it’s similar to phishing attempts, they hone in on people’s emotions. They are spoofing phone numbers. It will say XYZ Utility Co. or ABC Federal Credit Union.”
Other scenarios have involved fake landlords getting a first month’s rent and a security deposit from a victim.
But most frustrating for a credit union is when the fraudster impersonates the CU’s fraud department and they contact the member and say the credit union is running a test and we just need the six-digit number sent to you as part of the two-factor authentication.
“The lawsuits do not generally make Reg E claims, but state law claims under consumer protection laws, breach of contract, etc.,” said Bruyere.
Forum Shopping
Bruyere noted one credit union won a Zelle-related case in New Jersey only to have it refiled in California. The defense in these cases has typically been the assertion there is no breach of contract as obligations to reimburse losses is limited to unauthorized use. Institutions point to the Zelle disclosures/agreement, which clearly state Zelle should only be used to send money to family, friends and trusted people, she added.
Lawsuits are being filed even though the P2P agreements include language that there is no protection against fraud.
Bruyere urged CUs to continue to educate members around fraud schemes involving these payments apps.
Services to Immigrants
Another area of growing litigation against credit unions has to do with services to immigrants. Many are filed by civil rights groups such as the Mexican-American Legal Defense Fund, which filed lawsuits in California against two large banks. These suits aren’t seeking damages as much as a change in behavior and policies, according to Bruyere.
Bruyere cited one case against a credit union in which the would-be borrower was a CU employee who was turned down for a loan because she wasn’t eligible due to having DACA status.
New Case, Old Law
Another case was filed against Wells Fargo by Russian nationals after the bank denied both checking accounts and credit cards to the two Russians who were living in the U.S. legally under pending asylum applications. They sued for being forced to come into the branch for authentication.
And while the breakout session was focused on what’s new in litigation, Bruyere noted, “In most of the cases these lawsuits do not allege violation of ECOA, but instead cite language in the Civil Rights Act of 1866, which prohibits discrimination on contracting due to ‘alienage’.”
It’s Called Fresh for a Reason. And We Offer Home Delivery. For Free!
The biggest, best and freshest news reporting in credit unions remains free in ’23! Each morning CUToday.info delivers its daily Fresh Today news update offering the latest headlines and breaking news right to your email, with the easy-to-read headlines format allowing you to click on the stories that interest you most in order to learn more.
If you haven’t yet signed up for the new email solution on which CUToday.info has partnered with ResponseGenius, you can do so here. Signing up requires less than one minute of your time—and it’s free!
Please note that after signing up you may need to go to your Spam/Junk folder and mark the morning headlines email as safe. CUToday.info does not provide its list of readers and emails to outside parties, and we will not be contacting you to sell you an extended warranty or sending you any links so you may cash in on an inheritance you didn’t know was coming.
And did we mention it’s free?
Please note and/or make your IT department or email administrator aware the emails will be coming from the domains CUTodayinfo.com and CUTodayinfoReply.com