Mobile apps may violate Fair Credit Reporting Act

On February 6, 2012, the Federal Trade Commission (FTC) issued warning letters to the marketers of six mobile applications that provide background screening apps that they may be violating the Fair Credit Reporting Act (FCRA.) The FTC said that if the background reports are being used for employment or other FCRA purposes, then the marketers and their clients must comply with the FCRA.

According to the warning letters, the FTC has not made a determination whether the companies indeed are violating the FCRA, but encourages them to review their apps, and their related policies and procedures. The FCRA is designed to protect the privacy of consumer report information and ensure that the information provided by consumer reporting agencies is accurate. Consumer reports are communications that include information about an individual’s character, reputation, or personal characteristics, and are used or expected to be used for purposes such as employment, housing or credit.

Under the FCRA, entities/operations that assemble or evaluate information to provide to third parties qualify as consumer reporting agencies (CRAs.) Mobile apps that supply such information also may qualify as CRAs under the Act. CRAs must take reasonable measures to ensure the user of each report has a ‘permissible purpose’ to use the report, take reasonable steps to ensure the maximum possible accuracy of the information conveyed in the report, and provide users of its reports with information about their obligations under the FCRA. In employment-purpose consumer reports, for example, CRAs must provide employers with information regarding their obligation to give notice to employees and applicants of any adverse action taken on the basis of a consumer report.

Federal Sentencing Guidelines: a lure to organizational compliance

About 20 years ago, the United States Sentencing Commission (USSC) enacted the Federal Sentencing Guidelines (FSGs) for organizations with the intent to govern the sentencing of companies convicted of federal crimes. The FSGs, which have been amended several times, hold that organizations can act only through agents and, under federal criminal law, generally are vicariously liable for offenses committed by their agents.

A proactive approach to prevent, detect and report illegal and unethical activities can substantially reduce fines and punishment, in some cases up to 95% according to a commentary by the USSC. The USSC specifies that the two factors that mitigate an organization’s ultimate punishment are “the existence of an effective compliance and ethics program, and self-reporting, cooperation, or acceptance of responsibility.” In contrast, the absence of solid compliance mechanisms can increase fines and punishment, as verdict determination is based on “the organization’s involvement in or tolerance of criminal activity, its prior history, violation of an order, and obstruction of justice.”

The compliance incentives provided by the FSGs and the proliferation of new regulations mandate a cultural imperative for ethical and law-abiding conduct by all companies, large and small. High-level attention, leadership and sufficient resources must be dedicated to meet the strict requirements of a compliance program defined by the USSC as “effective.” In its manual, the USSC emphasizes the necessity of strong due diligence to prevent and detect criminal conduct. Among its guidelines, a provision in Chapter 8 notes that:

“The organization shall use reasonable efforts not to include within the substantial authority personnel of the organization any individual whom the organization knew, or should have known through the exercise of due diligence, has engaged in illegal activities or other conduct inconsistent with an effective compliance and ethics program.”

Comprehensive background investigations, whether for employment purposes, evaluation of prospective clients, existing relationships and third-parties, or for other business transactions, are essential for compelling due diligence which actualizes a masterful compliance strategy. Although various committees and officials are calling for a complete review of the FSGs which the 2005 landmark case U.S. vs. Booker held as discretionary rather than mandatory, well-developed compliance programs are here to stay.

Scherzer International is on the forefront of the quick-changing regulations regime with a portfolio of background investigation products designed to facilitate purposeful risk management and compliance protocols. Visit us often at www.scherzer.com as we continuously analyze and test new elements and incorporate them into our products if they have proven value. And stay tuned for a Dodd-Frank regulations product which we will introduce within the next few months.

More on legal troubles from employer misuse of social media information

Legal experts say that litigation resulting from employer misuse of social media information is likely to rise, at least until more case law is established. And even if the company prevails in such lawsuits, there may be reputational risks as the cases grab national spotlight.

Media sources reported that next week, for example, a National Labor Relations Board judge will rule whether American Medical Response of Connecticut illegally fired a worker after she criticized her boss on
Facebook. In what labor officials and lawyers view as a ground-breaking case involving employees and social media, the NLRB stepped in to argue that workers’ criticisms of their supervisors or companies on social networking sites are generally a protected activity and
that employers are violating the law by punishing workers for such statements. According to media reports, American Medical denied the board’s allegations, stating they are without merit, and that “the
employee was discharged based on multiple, serious complaints about her behavior.” The company added that “the employee was also held accountable for negative personal attacks against a coworker posted publicly on Facebook…”

Media sources reported on another pending case, filed in Georgia against a school district, a former high school teacher is claiming that she was essentially forced to resign over Facebook photos that
showed her drinking alcohol during a European vacation.

And in a case settled in 2009, two workers in New Jersey sued their employer, Hillstone Restaurant Group, after they were fired for violating the company’s core values. According to court documents, their supervisors gained access to postings on a password-protected
Myspace page meant for employees but not managers. The jury found that the employer violated the federal Stored Communications Act and the equivalent New Jersey law, and awarded the employees $3,403 in back pay and $13,600 in punitive damages. Hillstone appealed before the parties reached an undisclosed settlement.

Labor relations pros caution that before taking any adverse action based on social media postings, the employer should consider whether the information could be construed as a complaint or report of inappropriate or unlawful behavior. This includes, but is not limited
to discrimination, harassment, unpaid overtime and other wage violations, or any activities that may trigger an employee’s whistleblower protection.

Lawsuit shows legal risks in using information from social media

Media sources reported that a settlement was reached January 18, 2011 in a civil rights case re C. Martin Gaskell v. University of Kentucky, whereby the University agreed to pay Gaskell and his attorneys $125,000. Gaskell was a leading candidate in 2007 to be the director of a new observatory at the University of Kentucky; however, he was denied employment allegedly in part because of his apparent views on evolution. Media reports and court documents stated that during the candidate selection process, committee members conducted searches on Gaskell on the Internet, and discovered his personal Web which contained an article entitled “Modern Astronomy, the Bible, and Creation” among other notes. The sources also reported that “Gaskell had given lectures to campus religious groups around the country in which he said that while he has no problem reconciling the Bible with the theory of evolution, he believes the theory has major flaws. He recommended students read … critics

[of evolution] in the intelligent-design movement.”

According to the Courier-Journal, the University “acknowledged that concern over Gaskell’s views on evolution played a role in the decision to choose another candidate.” But it argued that this was a valid scientific concern, particularly with regard to the prospect that “Gaskell’s views on evolution would interfere with his ability to serve effectively as director of the observatory. And there were other  factors, including a poor review from a previous supervisor and UK faculty views that he was a poor listener.”

Supreme court ruling may ban consumer class-action lawsuits

A case that goes before the U.S. Supreme Court tomorrow, AT&T Mobility vs. Concepcion, may potentially ban consumers from filing class-action lawsuits. The basic question that will be decided is whether companies can bar class-actions in the fine print of their take-it-or-leave-it contracts with customers (and employees.)

The U.S. District Court for the Southern District of California ruled that a class-action ban violates state law and is not preempted by federal law; the U.S. 9th Circuit Court of Appeals upheld the lower-court ruling last year.

If a majority of the nine justices vote AT&T’s way, any business that issues a contract to customers — such as for credit cards, cell phones or cable TV — would be able to prevent them from joining class-action lawsuits. Class-actions allow plaintiffs to band together in seeking compensation or redress, thus giving more substance to their claims.

And the banning of class-actions may potentially apply to employment agreements such as union contracts…

One of many case studies from our files that stopped a deal in its tracks

Our client, a commercial lender, requested background investigations of a consumer products company and its two principals in connection with their application for working capital financing. The loan officer was familiar with the subjects, and was astonished by the information that SI quickly uncovered. Searches of federal court records revealed a 2008 action filed against the subjects under the Federal Trade Commission Act for falsely advertising that using their electronic exercise belt caused weight and inch loss without exercise. The action was resolved by stipulated orders as part of a global settlement of both the FTC’s lawsuit and related actions brought by county and city prosecutors. The subjects and certain retailers collectively were ordered to pay over $2 million. The FTC and state orders further barred the defendants from making false advertising claims for the product or any similar device, and provided other injunctive relief to prevent future deceptive practices. And the subjects’ nefarious acts did not stop here. Both principals had several unpaid tax liens and judgments ranging in amounts from $48,000 to $650,000, and both were convicted within the last two years of driving under the influence of alcohol.

Decisions in two cases to set precedence for auditors’ fraud liability

It all started in 1905 with the lawsuit Smith v. London Assurance Corporation whereby an auditor was held liable for failing to audit its client’s branch office and detecting embezzlement.

Now more than 100 years later, the legal liability of auditors in detecting corporate fraud  will be decided in two cases that were heard on Tuesday, September 14, 2010, in the New York Court of Appeals, potentially increasing the Big Four accountants’ exposure to multibillion-dollar shareholder lawsuits for malpractice. In both cases, the court will rule whether auditors can rely on the legal doctrine of in pari delicto (“in equal fault”) to reject claims for fraud allegedly committed by company insiders. The doctrine prevents someone from recovering damages from a defendant if that someone is also at fault. The argument is whether the shareholders, as owners of the company, can be held at fault for frauds committed within the company and barred from suing its auditors for not discovering the wrongdoing.

The first lawsuit facing scrutiny was filed by the shareholders of AIG against PricewaterhouseCoopers (PwC), the insurer’s auditor. The shareholders claim that PwC failed in its job as auditors in the early 2000s, when various AIG officers and directors, including ex-CEO Maurice Greenberg, allegedly engaged in fraudulent transactions to pad AIG’s bottom line. Authorities subsequently caught the fraud, and AIG had to restate years of financial statements that “eventually reduced stockholder equity by $3.5 billion.” AIG ended up paying more than $1.5 billion in fines, and the shareholders say that since PwC missed the fraud, they should be allowed to sue PwC for malpractice. The Chancery Court in Delaware dismissed their request to sue PwC, and the case was appealed in Delaware’s Supreme Court. That court asked the New York’s Court of Appeals to decide whether the shareholders have a claim under New York law.

The second case relates to protracted litigation by the bankruptcy trustee of Refco Inc., the failed futures broker, seeking damages from a number of the firm’s professional advisers, and auditors including Grant Thornton, KPMG LLP, Ernst & Young LLP, PricewaterhouseCoopers LLP, Mayer Brown, LLP, et al. The trustee alleges that Refco’s outside counsel Mayer Brown, and several other insiders are liable for defrauding Refco’s creditors by helping the defunct company conceal hundreds of millions of dollars in uncollectible debt. The U.S. Court of Appeals for the Second Circuit found that the trustee’s argument to revive claims against the corporate insiders raised unresolved questions concerning his standing under New York law to sue third-parties for Refco’s fraud.

Federal Trade Commission’s Red Flags rule enforcement for accountants and other professionals is postponed

The American Medical Association (AMA), the American Bar Association (ABA) and the American Institute of Public Accountants (AICPA) all have brought legal actions against the FTC on the Red Flags rule. In the most recent suit filed on May 21, 2010 by the AMA, the American Osteopathic Association, and the Medical Society of the District of Columbia, the groups argued that the FTC will require them to start verifying their patients’ identities before they agree to treat them. In August 2009, in a suit brought by the ABA, the district court barred the FTC from applying its Red Flags rule to lawyers. The FTC appealed the ruling in February 2010. A decision in the appeal is pending.

The AICPA’s suit, filed on behalf of its members on November 10, 1009, charged in part that the FTC exceeded its statutory authority by extending the rule to regulate accountants and public accounting firms. The AICPA said that “it did not believe there is any reasonably foreseeable risk of identity theft when CPA clients are billed for services rendered.” That suit is now linked to the outcome of the appeal of the ABA ruling. AICPA members have been granted a 90-day grace period – a 90-day delay of enforcement of the rule – from the date on which the U.S. Court of Appeals for the District of Columbia Circuit renders an opinion in the ABA’s case against the FTC.

On May 28, 2010, the FTC announced that it again delayed the implementation until December 31, 2010 of a proposed Final Rule relating to Identity Theft Red Flags under the Fair and Accurate Credit Transactions Act of 2003. The proposed “Red Flags” rule is designed to help prevent identity theft among credit providers and financial institutions.

Challenging the constitutionality of the Public Company Accounting Oversight Board (PCAOB)

The U.S. Supreme Court, on June 28, 2010, issued its decision in the constitutional lawsuit that challenged the PCAOB, affirming in part and reversing in part the judgment of the Court of Appeals in favor of the PCAOB. The case, Free Enterprise Fund vs. Public Company Accounting Oversight Board, was brought on behalf of a Nevada accounting firm, Beckstead & Watts, which challenged the constitutionality of the law after objecting to the PCAOB’s inspection findings. The Free Enterprise Fund, a group opposed to government regulation, has lost the case twice before, in district and appeals courts.

The PCAOB Web site (http://pcaobus.org/Pages/default.aspx) posted the following: “The Supreme Court held that the Sarbanes-Oxley Act’s provisions making PCAOB Board members removable by the Securities and Exchange Commission (SEC) only for good cause were inconsistent with the Constitution’s separation of powers. Because the Court severed these provisions from the Act, however, no legislation is necessary to bring the Board’s structure within constitutional requirements. The consequence of the Court’s decision is that PCAOB Board members will be removable by the SEC at will, rather than only for good cause. All other aspects of the SEC’s oversight, the structure of the PCAOB and its programs are otherwise unaffected by the Court’s decision. Accordingly, all PCAOB programs will continue to operate as usual, including registration, inspection, enforcement, and standard-setting activities.”

Go to Top