Subscribe to Consumer Finance

Thank you for your desire to subscribe to Severson & Werson’s Consumer Finance Weblog. In order to subscribe, you must provide a valid name and e-mail address. This too will be retained on our server. When you push the “subscribe button”, we will send an electronic mail to the address that you provided asking you to confirm your subscription to our Weblog. By pushing the “subscribe button”, you represent and warrant that you are over the age of 18 years old, are the owner/authorized user of that e-mail address, and are entitled to receive e-mails at that address. Our weblog will retain your name and e-mail address on its server, or the server of its web host. However, we won’t share any of this information with anyone except the Firm’s employees and contractors, except under certain extraordinary circumstances described on our Privacy Policy and (About The Consumer Finance Blog/About the Appellate Tracker Weblog) Page. NOTICE AND AGREEMENT REGARDING E-MAILS AND CALLS/TEXT MESSAGES TO LAND-LINE AND WIRELESS TELEPHONES: By providing your contact information and confirming your subscription in response to the initial e-mail that we send you, you agree to receive e-mail messages from Severson & Werson from time-to-time and understand and agree that such messages are or may be sent by means of automated dialing technology. If you have your email forwarded to other electronic media, including text messages and cellular telephone by way of VoIP, internet, social media, or otherwise, you agree to receive my messages in that way. This may result in charges to you. Your agreement and consent also extend to any other agents, affiliates, or entities to whom our communications are forwarded. You agree that you will notify Severson & Werson in writing if you revoke this agreement and that your revocation will not be effective until you notify Severson & Werson in writing. You understand and agree that you will afford Severson & Werson a reasonable time to unsubscribe you from the website, that the ability to do so depends on Severson & Werson’s press of business and access to the weblog, and that you may still receive one or more emails or communications from weblog until we are able to unsubscribe you.

In Mollaei v. Otonomo, Inc., Judge Thompson found that a vehicle's TCU did not constitute an "Electronic Tracking Device" because it was not "attached' to the vehicle and tracked the location only of the vehicle, and not the 'person', within the meaning of Penal Code 637.7. Penal Code 637.7 provides that (a) No person or entity in this state shall… Read More

OneTrust Data Guidance, a global leader in privacy and data protection, published an article today authored by Severson shareholders Genevieve Walser-Jolly and Scott Hyman on the proportionality doctrine under the California Consumer Privacy Act ("CCPA") and the California Privacy Rights Act ("CPRA").  Specifically, the CPRA amended the CCPA to provide additional consumer regarding their data, but a company should not… Read More

The FTC has announced additional time for financial institutions to comply with new Safeguards Rule changes.  In response to personnel shortages and supply chain issues, the new deadline is June 9, 2023: What provisions are included in the six-month extension?  Consult the Federal Register Notice for details, but the extension applies to provisions in the revised Rule that require covered companies to:… Read More

In Dhital v. Nissan N. Am., Inc., No. A162817, 2022 Cal. App. LEXIS 887, at *11-22 (Ct. App. Oct. 26, 2022), the California Court of Appeal found that the economic loss rule did not bar a fraudulent inducement claim so long as the claim was completely separate and apart from the Song-Beverly warranty claim. As noted, the trial court sustained… Read More

Today, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities (E.O.) directing the steps that the United States will take to implement the U.S. commitments under the European Union-U.S. Data Privacy Framework (EU-U.S. DPF) announced by President Biden and European Commission President von der Leyen in March of 2022. The White House's press release… Read More

Ruling on a motion to dismiss a claim for violation of the California Consumer Privacy Act, the Hon. Mary M. Rowland of the United States District Court in the North District of Illinois, held: Defendants argue that [Plaintiff] fails to allege a specific action Defendants took or failed to take that breached a duty under the CCPA to maintain "reasonable"… Read More

In Vigil v. Muir Med. Grp. Ipa, No. A160897, 2022 Cal. App. Unpub. LEXIS 5858, at *17-32 (Sep. 26, 2022), the California Court of Appeal affirmed denial of class certification in a CMIA data breach case because each classmember would have to prove that an unauthorized party viewed the confidential information.  The data breach facts were as follows.  Muir is… Read More

In Moore v. Centrelake Med. Grp., No. B310859, 2022 Cal. App. LEXIS 795, at *4-7 (Ct. App. Sep. 16, 2022), the Court of Appeal allowed a UCL claim to proceed in a data breach case.  The data breach facts were as follows: Centrelake is a medical provider operating eight medical facilities in southern California. Prior to January 9, 2019, appellants… Read More

The Conference of State Bank Supervisors recently released new tools for nonbank financial services companies to improve their cybersecurity posture.   The CSBS - Baseline Nonbank Exam Program V1.0 and the CSBS - Enhanced Nonbank Exam Program V1.0 are tools used by state examiners nationwide to assess the cyber preparedness of nonbank entities, and provides these institutions the ability to improve their… Read More

The FTC announced an advanced notice of proposed rulemaking on commercial surveillance and security.  “Commercial surveillance” is defined as the business of collecting, analyzing and profiting from consumer data. The FTC seeks public comment on implementation of new rules on how businesses "(1) collect, aggregate, protect, use, analyze, and retain consumer data, as well as (2) transfer, share, sell, or… Read More

On August 11, 2022, the CFPB issued a circular on data security and the question "[c]an entities violate the prohibition on unfair acts or practices in the Consumer Financial Protection Act (CFPA) when they have insufficient data protection or information security?"  The short answer is "yes." The CFPB highlights specific security measures to minimize risk. In line with the new… Read More

Ruling on Defendant's Motion to Dismiss (Aviva Kirsten v. Cal. Pizza Kitchen, Inc., No. 2:21-cv-09578-DOC-KES (C.D. Cal. July 29, 2022), Judge David O. Carter of the Central District of California held: Defendant argues that Plaintiffs’ CCPA claim fails because Plaintiffs provide no facts to maintain that Defendant failed to maintain reasonable security procedure and practices. Mot. at 20. However, Defendant… Read More

In Tukin v. Halsted Financial Services, LLC, Judge Wood found no Article III standing for a Hunstein claim (of sharing a consumer's data with a vendor) where the sharing was done by way of encrypted data transfer. First, of note, Judge Wood found no "glassine window" violation for use of an "Intelligent Mail Code" on the dunning letter's envelope. Count III alleges that… Read More

In United States v. Thompson, No. CR19-159-RSL, 2022 U.S. Dist. LEXIS 101558, at *3-7 (W.D. Wash. June 7, 2022), Judge Lasnik denied the Government's Motion in Limine to exclude evidence regarding cyber-security vulnerabilities at the corporate victim or other victim entities that are unrelated to the specific vulnerability that defendant allegedly exploited in the case at hand The government moves… Read More

On May 27, 20222, the California Privacy Protection Agency issued its first draft of Proposed Regulations under the California Privacy Rights Act.  The rulemaking timeline is unclear but we expect additional information at the upcoming June 8, 2022 board meeting (agenda:  The Proposed Regulations can be found here  High-level topics in the Proposed Regulations include: Restrictions on the Collection… Read More

Judge David O. Carter, in the Central District of California, made the following findings on a motion to dismiss: the CCPA is not retroactive despite allegations of an ongoing pattern and practice; the CCPA does not include a private right of action for "§§ 1798.100(b), 110(c), and 115(d)"; the "disclosure of consumers’ non-anonymized data was not a result of a… Read More

In Fraser v. Mint Mobile, LLC, No. C 22-00138 WHA, 2022 U.S. Dist. LEXIS 76772, at *2 (N.D. Cal. Apr. 27, 2022), Judge Alsup denied summary judgment to a defendant claiming that its data breach did not proximately cause the Plaintiff's cryptocurrency loss.  The facts were as follows: Defendant Mint Mobile, LLC is a mobile virtual network operator that currently… Read More

1 2 3 6