All judgments and tax liens to be removed from consumer credit reports

As reported last year, Equifax, Experian and TransUnion (the “NCRAs”) implemented enhanced standards for the collection and timely updating of public record data as part of the requirements of the National Consumer Assistance Plan (the “NCAP”) and accordingly, effective July 1, 2017, removed all civil judgments and the majority of tax liens from their databases.

The NCRAs are now going a step further to comply with the NCAP’s standards and to resolve pending litigation by removing all tax liens from consumer credit reports effective April 16, 2018. Bankruptcy records will continue to be reported.

March 22nd, 2018|Judgment, Legislation|

Florida court allows FCRA suit against Whole Foods to move forward

Reinforcing the importance of complying with even the most technical FCRA requirements, a federal court in Florida allowed a former employee to move forward with his suit against Whole Foods Market Group.

In the putative class action, the plaintiff, who was terminated in June 2013 after the employer conducted a background check on plaintiff and other existing employees, charges that Whole Foods violated the FCRA, and specifically, points to the forms the plaintiff signed when he applied for employment. A “Disclosure Statement” provided: “By this document [Whole Foods] discloses to you that a consumer report regarding your credit history, criminal history and other background information and/or an investigative consumer report containing information as to your character, general reputation, personal characteristics and/or mode of living may be obtained from personal interviews or other sources in connection with your application for any purpose at any time during your employment.”

The plaintiff was also given a “Consent and Release of Information” form, which stated: “I further understand and authorize [Whole Foods] or those authorized by them to procure a consumer report on me as part of a process of consideration as an employee … I release all parties from liability for any damages which may result from the disclosure of any information outlined herein.”

Although Whole Foods intended for the Disclosure Statement to satisfy Section 1681(b)(2)(A)(i) of the FCRA and each form was a separate single page document, the simultaneous presentation of the consent form rendered the disclosure meaningless, the plaintiff argued. Whole Foods knew that it was required to provide a stand-alone form, the plaintiff added, citing FCRA-related articles posted online by the third-party the company used to run the background checks.

The court agreed. “Based on the allegations, with all inferences drawn in favor of plaintiff, if both the disclosure and the consent forms combined and read as one document with the waiver and release included simultaneously with the disclosure, the complaint states a claim for relief,” the judge said, denying Whole Foods’ motion to dismiss the suit. The court also allowed the plaintiff’s contention that Whole Foods “willfully” violated the FCRA to move forward. Under the statute, reckless and knowing violations constitute willful violations, the court noted, and the plaintiff presented sufficient allegations that the defendant knew it was required to provide a stand-alone form separate from the employment application and yet failed to do so.

“The allegations that defendant had access to legal advice and guidance from the FTC yet it knew that its conduct was inconsistent with that guidance and the plain terms of the statute, are sufficient to withstand attack at this stage of the proceedings on a motion to dismiss,” the judge wrote.

The decision provides an important reminder to employers that class actions alleging technical violations of the FCRA, particularly Section 1681(b)(2)(A)(i), remain popular with plaintiffs with statutory damages from $100 to $1,000 for a willful violation available.

Whole Foods is facing an identical suit in California federal court while other companies have settled similar cases for significant amounts, such as the recent deal Publix Super Markets struck with a class in Tennessee federal court for $6.8 million, a $2.5 million payout by Domino’s Pizza, and a settlement agreement for $3 million between grocery chain Food Lion and job applicants.

Read the court order here.

June 12th, 2015|Employment Decisions, FCRA, Judgment|

U.S. Supreme Court case offers window into CFPB’s position on the FCRA

The U.S. Supreme Court has agreed to hear a closely followed case involving the Fair Credit Reporting Act (the “FCRA”) that will have great significance on privacy law. In connection with this case, the Consumer Financial Protection Bureau (CFPB) offered a glimpse of its stance on the FCRA in an amicus brief recently filed with the U.S. Supreme Court.

In 2012, the Bureau took over the enforcement reins of the FCRA from the Federal Trade Commission (FTC). Since then, the industry has watched for signs on how the Bureau would tackle its new job, with few clues. But in an amicus brief filed jointly with the Solicitor General in Spokeo v. Robins, the CFPB weighed in, taking a consumer-friendly position on the statute.

The dispute began when Robins claimed that Spokeo ran afoul of the FCRA. The spokeo.com site allows users to obtain information about other individuals like address, phone number, employment information, and economic data such as mortgage value and investments. Robins sued after finding incorrect information about himself on the site, alleging that Spokeo was a consumer reporting agency (CRA) under the FCRA and sold “consumer reports” but failed to comply with the various statutory requirements by neglecting to assure the maximum possible accuracy of the information reported on its site and failing to provide notice of statutory responsibilities to purchasers of its reports.

Relying on Section 1681n of the FCRA, which grants consumers a cause of action against an entity that negligently or willfully violates “any requirement imposed [under the FCRA] with respect to [that] consumer,” Robins filed a putative class action. A federal district court dismissed the suit for a lack of standing but the Ninth Circuit Court of Appeals reversed. The federal appellate panel held that Robins sufficiently alleged an injury in fact because Congress created a right of action to enforce a statutory provision, demonstrating intent to create a statutory right.

Spokeo petitioned the U.S. Supreme Court to take the case. The CFPB filed the amicus brief, siding with the plaintiff and arguing that the justices should deny the writ of certiorari. The Bureau argued to the Court that the statutorily created cause of action found in the FCRA satisfied the injury required for Article III standing. While recognizing that Congress does not have unlimited power to define the class of plaintiffs who may sue in federal court, the CFPB said the legislature “may grant individuals statutory rights that, when violated, confer standing, and the clear language of the FCRA did just that.”

“FCRA thus grants an individual consumer a statutory entitlement to be free from a CRA’s actual dissemination of inaccurate information about him when the CRA fails to employ ‘reasonable procedures’ to assure the information’s accuracy,” according to the CFPB’s brief. A CRA’s willful failure to follow reasonable procedures to ensure that an accurate report about a consumer is disseminated violates a ‘requirement imposed under [FCRA] with respect to [that] consumer.’ It is also a concrete and particularized injury to the consumer because it involves the actual, specific, and non-abstract act of disseminating information about the particular consumer.” This reading – recognizing a legally protected interest in consumer privacy – “is particularly salient in modern-day society given the proliferation of large databases and the ease and rapidity with which information about individuals can be transmitted and retransmitted across the Internet,” the CFPB added, as “public dissemination of inaccurate personal information about the plaintiff is a form of ‘concrete harm’ that courts have traditionally acted to redress, whether or not the plaintiff can prove some further consequential injury.”

Read the CFPB’s amicus brief in Spokeo v. Robins here.

Read the opinion of the U.S. Court of Appeals for the Ninth Circuit here.

 

June 12th, 2015|FCRA, Judgment|

No number, no lawsuit

Tossing a lawsuit alleging religious discrimination, the Sixth U.S. Circuit Court of Appeals found that an applicant could not sue after refusing to provide his Social Security number to a prospective employer. The plaintiff, an applicant for a position with an energy company, claimed that he had no number because he “disclaimed and disavowed it” on account of his sincerely held religious beliefs.

The company’s refusal to hire the plaintiff violated Title VII and Ohio state law, the complaint charged, requesting both injunctive relief in the form of a job and monetary damages. A federal district court judge dismissed the lawsuit, and the federal appellate panel affirmed.

Courts considering the issue apply a two-step analysis, the Sixth Circuit explained. First, the court determines whether the plaintiff established a “prima facie case of religious discrimination,” which requires proof that the plaintiff “(1) holds a sincere religious belief that conflicts with an employment requirement; (2) has informed the employer about the conflicts; and (3) was discharged or disciplined for failing to comply with the conflicting employment requirement.” If the plaintiff manages to establish a prima facie case, the burden shifts to the employer to show it could not “reasonably accommodate” the religious beliefs without “undue hardship.”

This suit failed under the first step, the panel said, because the Internal Revenue Code mandates that employers collect and provide the Social Security numbers of their employees. Because the company’s collection of the plaintiff’s number was a “requirement imposed by law” and not an “employment requirement,” the court had no need to consider the sincerity of the plaintiff’s beliefs.

The panel also noted that every other federal appellate court to consider the issue has concluded “that Title VII does not require an employer to reasonably accommodate an employee’s religious beliefs if such accommodation would violate a federal statute,” citing decisions from the Fourth, Eighth, Ninth, and Tenth Circuits, as well as federal district courts in Michigan and Virginia.

All of the courts have arrived “at the same, sensible conclusion: ‘[A]n employer is not liable under Title VII when accommodating an employee’s religious beliefs would require the employer to violate federal … law,” the Sixth Circuit wrote. “This conclusion is consistent with Title VII’s text, which says nothing that might license an employer to disregard other federal statutes in the name of reasonably accommodating an employee’s religious practices.”

For employers, the decision provides even greater peace of mind. With five federal appellate courts in agreement that a religious discrimination claim will not stand against an employer that complies with federal requirements to collect an applicant’s Social Security number, companies do not have to worry about the merits of a Title VII lawsuit under such circumstances.

Read the opinion.

May 8th, 2015|Employment Decisions, Judgment, Legislation|

Class action for unauthorized disclosure of PHI is a new twist under FCRA

A recent class-action is seeking damages for the unauthorized disclosure of personal health information (“PHI”) under the Fair Credit Reporting Act (the “FCRA”). The plaintiffs claim that the defendant hospital allowed the unauthorized access of confidential records of the putative class members, including PHI, held by a third-party records vendor without their knowledge or consent and without sufficient security. Among other claims, the plaintiffs allege that the hospital violated the FCRA by failing to implement adequate safeguards to protect their personally identifiable information and PHI from a data breach suffered by the third-party vendors. The plaintiffs argue that the hospital was a CRA that created “consumer reports” containing sensitive information including names, dates of birth, Social Security numbers, billing information and confidential health records, and disseminated this information to medical service providers affiliated with the defendant, and that the defendant allowed employees of the vendor and others to gain unrestricted access to their personally identifiable information and PHI, which was allegedly misused and intentionally disclosed to third-parties for profit.

September 19th, 2014|Judgment|

Class-action against U.S. Census Bureau alleges race-bias in using criminal background checks

On July 1, 2014, a magistrate judge in the U.S. District Court for the Southern District of New York certified as a class-action an unprecedented lawsuit brought under Title VII of the Civil Rights Act of 1964, that alleges the U.S. Census Bureau’s process of using criminal background checks when selecting temporary workers for the 2010 census unlawfully screened out approximately 250,000 African-Americans. Filed in April 2010, the complaint charges that in hiring nearly a million temporary workers, most of whom went door-to-door seeking information from residents, the Bureau erected unreasonable and largely insurmountable hurdles for applicants with arrest records, regardless of whether the arrests were decades old, were for minor charges, or led to criminal convictions.

July 9th, 2014|Judgment, Lawsuit|

FTC settles with 14 companies that falsely claimed participation in Safe Harbor privacy framework

On June 25, 2013, the FTC approved final orders that settle charges against 14 companies for falsely claiming to participate in the international privacy framework known as the U.S.-EU Safe Harbor, which allows U.S. companies to gather customer information in Europe and send it to the United States, beyond the EU’s legal jurisdiction, as long as certain criteria are met. Three of the companies were also charged with similar violations related to the U.S.-Swiss Safe Harbor. Under the settlements, the companies are prohibited from misrepresenting the extent to which they participate in any privacy or data security program sponsored by the government or other self-regulated or standard-setting organization. Consumers who want to know whether a U.S. company is a participant in the U.S-EU or U.S.-Swiss Safe Harbor program can check its certification at http://export.gov/safeharbor.

July 9th, 2014|Judgment|

Sixth Circuit affirms dismissal of EEOC’s suit regarding employment credit checks

Last month, the 6th Circuit affirmed a lower court order granting summary judgment in favor of educational institution Kaplan  (6th Cir. April. 9, 2014;  No. 13-3408:   EEOC v. Kaplan Higher Education Corp.) where the EEOC charged that Kaplan’s use of credit checks causes it to screen out more African-American applicants than white, creating a disparate impact in violation of Title VII of the Civil Rights Act. In granting summary judgment to Kaplan, the district court stated that “proof of disparate impact is usually statistical proof in the form of expert testimony, and here the EEOC relied solely on statistical data compiled by Kevin Murphy, a PhD in industrial and organizational psychology.” The court excluded Murphy’s testimony on grounds that it was unreliable, as the EEOC presented “no evidence” that Murphy’s methodology satisfied any of the factors that courts typically consider in determining reliability under Federal Rule of Evidence 702; and, as Murphy himself admitted, his sample was not representative of Kaplan’s applicant pool as a whole. The EEOC argued that the district court “erred” when it excluded Murphy’s testimony.

This case was decided on narrow grounds, based on its particular facts and circumstances. Accordingly, employers still should review their screening policies to ensure that credit and (criminal history) checks are consistent with Title VII as interpreted by the EEOC. Additionally, ten states (California, Colorado, Connecticut, Hawaii, Illinois, Maryland, Nevada, Oregon, Vermont and Washington) and several municipalities already have legislation that limits the use of credit reports for employment purposes

May 14th, 2014|Employment Decisions, Judgment|

Class actions against employers for violations of the FCRA are increasing

An auto parts company (CA USDC Case No. 2:14-cv-3470) and a hotel chain (CA USDC Case No. 3:14-cv-01089) are just the latest employers that have been slapped with class action lawsuits for alleged violations of the Fair Credit Reporting Act (the “FCRA”) charging willful non-compliance with the FCRA’s disclosure, authorization, and/or notice requirements. And the payouts in such lawsuits can be in the millions. Within the past three years, a national trucking company reached a settlement for $4.6 million, a national retail chain for $3 million and a national pizza maker for $2.5 million.

The FCRA allows an applicant or employee to bring a private right of action against an employer who negligently or willfully fails to comply with any of the FCRA’s requirements. Under the statute of limitations, an action must be brought by the earlier of (1) two years after the date of violation discovery by the plaintiff, or (2) five years after the date on which the violation occurred. The employer’s liability for negligent non-compliance is actual damages sustained by the applicant/employee, and reasonable attorneys’ fees and costs. A willful violation carries actual or statutory damages ranging between $100 and $1,000, punitive damages, and attorneys’ fees and costs.

Below are general FCRA compliance reminders to employers when procuring and using background check reports prepared by a consumer reporting agency (“CRA”):

  • Provide disclosure to the applicant/employee in a standalone document that a consumer report may be obtained and used for employment purposes (language must be clear, with no superfluous information or liability waiver, and separate from the employment application);
  • Provide to the applicant/employee a summary of rights under the FCRA and applicable state notices;
  • Obtain the applicant/employee’s authorization for the consumer report;
  • Before taking adverse action based on the report (1) provide a pre-adverse action notice to the applicant/employee along with a copy of the report, and notices of rights, if not given previously, (2) wait a reasonable period of time (at least 5 days) before taking the adverse action, and (3) after deciding to take the adverse action, provide a notice that contains the FCRA required information, such as the name, address, and telephone number of the CRA that provided the report.
May 14th, 2014|Employment Decisions, Judgment, Lawsuit|

Supreme Court ruling extends SOX whistleblower protection to private contractors

On March 4, 2014, the Supreme Court in a split decision ruled that employees of private companies servicing public companies are covered by the whistleblower protections of Sarbanes Oxley Act of 2002 (“SOX”) [U.S., No. 12-3, 3-4-14]. In this case, two employees of a private company contracted by a publicly-traded mutual fund alleged that they were terminated in retaliation for raising fraud issues about the fund. With this decision, the Supreme Court has expanded the universe of companies regulated by the SOX whistleblower provision from about 5,000 public companies to potentially millions of private ones, including the smallest of businesses. Employers of every size and type have to be prepared for potential SOX whistleblower retaliation claims if they are a contractor or subcontractor of a publicly traded company.

March 29th, 2014|Educational Series, Fraud, Judgment|