Consumer Protection Archives - Page 18 of 33

What Investors Need to Know About the New $6.2 Billion Visa, Mastercard Settlement

Visa, Inc., Mastercard, Inc., and other financial institutions have agreed to pay merchants between $5.56 billion and $6.26 billion to settle a 13-year old antitrust litigation. For years, the case has driven shrewd investors to transact with retailers seeking to monetize their claims against the card companies. With a much-anticipated settlement now on the table, would-be investors should take note.

On September 18, an amended settlement agreement (the “Settlement”) was filed in the US District Court for the Eastern District of New York. The Settlement signals possible resolution of a long-standing lawsuit brought in 2005 by approximately 12 million retailers accusing Visa and Mastercard of improperly inflating interchange fees (also known as swipe fees) charged to retailers. The Settlement modifies a prior settlement agreement approved by the District Court in December 2013.¹

The agreement, reached after a year of active mediation, seeks to remedy the flaws of the prior agreement. Notably, the Settlement limits both the scope and duration of the release. Additionally, it addresses only monetary damages associated with the lawsuit and is not contingent on the resolution of injunctive relief claims, which may be pursued separately.

Under the Settlement, the value of a merchant’s claim will be based on the amount of interchange fees attributable to that merchant’s Mastercard and Visa payment card transactions during the time period beginning January 1, 2004 up until the preliminary approval date of the Settlement. Pro rata payments to merchants who file valid claims will be determined by the amount remaining in the monetary fund after deductions for “opt outs” (as described below) and administrative costs, and by the aggregate dollar amount of claims filed.²

Similar to the prior agreement, the Settlement provides that the monetary fund may be reduced based on the number of merchants that opt out of the class. Up to $700 million may be returned to the defendants if more than 15 percent of the merchants opt out. If more than 25 percent of merchants opt out, the Settlement may be terminated.

The Settlement is still subject to approval by US District Judge Margo Brodie. If the Court grants preliminary approval, known class members will receive written notice concerning their legal rights. Claim forms are not available at this time.

Katten will keep you apprised of settlement developments and trading considerations. The case is In re Payment Card Interchange Fee and Merchant Discount Antitrust Litigation, case number 1:05-md-01720, in the US District Court for the Eastern District of New York.

_{1 In June 2016, the US Court of Appeals for the Second Circuit invalidated the original settlement on the grounds that certain merchants were not adequately represented because the same counsel had represented separate settlement classes with conflicting interests. The Court of Appeals also took issue with the broad release that would preclude merchants from pursuing certain future claims indefinitely. In March 2017, the Supreme Court declined to hear the case, remanding it back to the District Court for further proceedings.}

_{2 The original settlement of $7.25 billion was, at the time, the largest in history. However, thousands of merchants ultimately opted out, reducing the monetary fund to approximately $5.3 billion.}

ARTICLE BY

Amanda J. Segal

Stacy E. Tecklin

Katten Muchin Rosenman LLP

TCPA Consent Medley: Third New Decision Enforcing TCPA Consent Provision in Consumer Agreement Has “Robocallers” Humming

After a long period of quiet on the issue, TCPAland has seen three swift decisions on good-Reyes (Reyes v. Lincoln Auto. Fin. Servs., 861 F.3d 51 (2d Cir. 2017), as amended (Aug. 21, 2017)) all aligning to enforce contractual TCPA consent provisions. First, Navient scored a big win, but that was within the Second Circuit so it didn’t make much of a stir. But then a real breakthrough: the Chief Judge of the Northern District of Alabama held that TCPA consent provisions in consumer agreements could not be revoked–the first such ruling from within the Eleventh Circuit. And now the trifecta. A court within the Middle District of Florida–seemingly the most consumer-friendly TCPA jurisdiction in the country as of late– granted summary judgment on a TCPA claim to a Defendant today holding that a consumer cannot stop robocalls after agreeing to receive such calls as a term in a written contract.

Woah.

The case is Medley v. Dish Network, Case No. 8:16-cv-2534-T-36TBM, 2018 U.S. Dist. LEXIS 144895 (M.D. Fl. Aug. 27, 2018) and it represents the first decision out of the Middle District of Florida to apply Good Reyes and hold that TCPA consent is irrevocable in certain circumstances. As shown below, Medley took no prisoners in distinguishing and declining to follow decisions that had held otherwise.

After first determining that the contractual consent provisions survived Plaintiff’s bankruptcy discharge because Medley failed to include her debt to Dish on its schedules, the Court deftly articulated the governing rule of Good Reyes as follows:

“Although voluntary and gratuitous consent could be revoked under the common law, which was recognized by the Eleventh Circuit in Osorio, the Second Circuit explained that consent could ‘become irrevocable when it is provided in a legally binding agreement, in which case any attempted termination is not effective.’”

Medley at *29

The Medley court next tips its hat to the decision in Few, citing the Northern District of Alabama decision for the proposition that where a “plaintiff g[i]ve[s] consent to be called ‘as part of a bargained-for exchange and not merely gratuitously, she was unable to unilaterally revoke that consent’” (Medley at *30) before remarking simply: “This Court agrees.” Id.

The Court goes on to find that “it is black-letter contract law that one party to an agreement cannot, without the other party’s consent, unilaterally modify the agreement once it has been executed” and “[n]othing in the TCPA indicates that contractually-granted consent can be unilaterally revoked in contradiction to black-letter law.” Medley at *30. How sweet is that?

The Medley court also distinguished Gager v. Dell Financial Services, LLC, 727
F.3d 265, 270-71 (3d Cir. 2013), Target National Bank v. Welch, No. 8:15-cv-614-T-36, 2016 WL 1157043 (M.D. Fla. Mar. 24, 2016) and Patterson v. AllyFinancial, Inc., No. 3:16-cv1592-
J-32-JBT, 2018 WL 647438 (M.D. Fla. Jan. 31, 2018) as cases involving application consents and opposed to contractual consent provisions. Medley also noted that the consent clause in Patterson did not apply to the type of calls being made in that case, a rather solid basis to distinguish and decline to follow the decision.

The Court also takes issue with the reasoning in Ammons v. Ally Financial, Inc.,
No. 3:17-cv-00505, 2018 WL 3134619 (M.D. Tenn. June 27, 2018)–refusing to apply Good Reyes despite contractual consent terms in an automotive finance agreement–and declines to follow it. In Medley’s view Ammons over reads Osorio and under analyzes Patterson and Welch.

Accordingly the court concludes that Defendant is entitled to summary judgment and sums up matters succinctly in this clean-as-a-whistle conclusion:

“[T]he Court finds that in the absence of a statement by Congress that the TCPA alters the common-law notion that consent cannot be unilaterally revoked where given as part of a bargained for contract, the Court will decline to do so.”

Medley at *36.

Notably, as was the case in Harris, the contract in Medley did not include a revocation provision and was simply silent on the issue of whether consent could be revoked. As in Harris the Medley court–correctly–interpreted that silence to mean that consent could not be revoked at all.

Since many will ask, Medley was decided by the Hon. Charlene Honeywell who is no stranger to TCPA claimants appearing before her. With Medley she as certainly made her TCPAland mark.

And with Few and Medley working in their favor Defendants seeking to enforce contractual TCPA consent provisions suddenly have a lot to be optimistic about. But this is TCPAland and, in the words of the Grand Duchess, its best to never get too comfortable.

ARTICLE BY

Eric Troutman

Womble Bond Dickinson (US) LLP

Tackling Evictions: BYU And UA Law Schools Partner On Legal Research Project

The nationwide trends of stagnating wages and increasing housing costs has led to an increased risk of evictions for renters across the country. According to Matthew Desmond’s 2017 book Evicted, “Today, the majority of poor renting families in America spend more than half of their income on housing, and at least one in four dedicates more than 70% to paying the rent and keeping the lights on.”

Most evictions happen informally, and even formal evictions are rarely contested in court. Less than 20 percent of tenants served with an eviction notice come to court, and so viable legal defenses often go unheard. A new initiative is trying to help tenants facing eviction find appropriate legal assistance.

Legal Innovation: LawX & Innovation for Justice

The J. Reuben Clark Law School (BYU Law) at Brigham Young University and the James E. Rogers College of Law at the University of Arizona have joined forces to create a program focused on tackling the legal complexities of eviction law. BYU’s LawX legal design lab, and UA’s Innovation for Justice (I4J) program are working together to reduce the number of evictions in and help tenants find quality legal representation.

“Given the sheer volume of evictions in America, we believe this is the right issue for LawX to tackle in its second year, and we welcome collaboration with the University of Arizona Law School,” said Gordon Smith, Dean of BYU Law School. “This past year, our LawX students uncovered some sobering statistics on hurdles in the legal system that make it extremely difficult for a non-lawyer to respond to lawsuits, particularly in the areas of debt collection, evictions and divorce.”

The program will focus on tackling the eviction crisis in Arizona and Utah, with hopes the collaboration could result in solutions applicable beyond the region. In 2016, Utah averaged 7.61 evictions per day and Pima County, Arizona, where the UA is located, averaged 22.01 evictions per day, according to Eviction Lab.

Kimball Parker, LawX director and president of Parsons Behle Product Lab, will lead the initiative at BYU, while Stacy Butler, director of I4J, will lead the project at UA. With a primary focus on technology, design and system thinking, and collaboration, both classes will focus on resolving the current status of eviction law, especially the lack of legal representation for an underserved community.

Eviction Law: A Focus On Underserved Communities

“The goals of the Innovation for Justice program are to expose students to the fact that not everyone is able to use the civil legal system as it’s designed, and to empower students to close that gap,” Butler said. “LawX’s focus on reaching people who are not engaging with the civil legal system is critical to making the system work the way it should.”

LawX will highlight the difficulties non-lawyers would have in dealing with different areas of law including divorce, debt collection, and eviction laws. One of the particular challenges is the difference in how each state–and municipality–handles evictions. Often the laws are weighted heavily in favor of the landlord. For example, in Utah, a tenant has just three days to respond to an eviction notice, so often landlords give notice on a Friday, further limiting a tenant’s options

“An eviction can be life-changing to an individual or family, and it can result in homelessness; our research determined that evictions have one of the highest rates of default among those who can’t afford an attorney,” said Parker. “I am excited to work with Stacy on this project and believe her extensive experience with expanding the reach of civil legal services to those in need will be incredibly valuable.”

A Tangible Solution For Renters

Parker says the goal is to create a tangible solution for renters, whether that is a product or some other solution, but the students will start by surveying. One of the first questions they hope to answer: why don’t more tenants seek relief in the legal system?

This collaboration project comes on the heels of LawX’s previous project to assist debtors facing debt collections lawsuits who couldn’t afford legal representation. That project resulted in creation of an award-winning software program, SoloSuit, which helps debtors respond to collections notices.

“This past year, our LawX students uncovered some sobering statistics on hurdles in the legal system that make it extremely difficult for a non-lawyer to respond to lawsuits, particularly in the areas of debt collection, evictions and divorce,” said Gordon Smith, Dean of BYU Law School. “With this legal design lab in a classroom, we are committed to identifying the best possible solutions to help close the gap for people who feel overwhelmed by the legal system.

Hands-on Legal Experience for Law Students

“Programs like Innovation for Justice and LawX offer important learning experiences for our undergraduate and graduate students. They represent a movement in legal education to adapt and to be more interdisciplinary in how we approach the world,” said UA Law Dean Marc Miller. “Students get to take a deep dive into a specific project to produce a community deliverable. They engage with the community and in doing so, begin to understand how their learning can be applied outside of the classroom.”

Using a design thinking approach, up to six LawX students and 12 Innovation for Justice students will start work on the project in the fall 2018 semester with three goals:

understand why tenants disengage with the civil legal system
identify innovative approaches to educating and engaging tenants
develop strategies for delivering possible solutions into the hands of those who need help most.

By working in a law school classroom setting, the program strives to help provide answers and solutions to under-represented communities, who find difficulties in understanding the law, or finding appropriate resources to help them tackle impending hurdles.

Findings and shared information will eventually lead to solutions which can extend beyond Utah and Arizona’s borders. Conversely, the program might lead to separate projects addressing regional barriers to help reduce eviction totals.

Article by:

Samantha Abernethy

Alessandra De Faria

California AG Leads Attack on Lead in Infant Formula

Fresh off a victory in the CA primary, California Attorney General Xavier Bacerra filed suit on June 7, 2018 against Nutraceutical Corporation of Park City, Utah and Graceleigh, Inc. dba Sammy’s Milk of Newport Beach, CA, alleging violations of California’s Proposition 65 and California’s consumer protection laws.

At issue are Sammy’s Milk Free-Range Goat Milk Toddler Formula, made by Graceleigh, and Peaceful Planet Toddler Supreme Formula, a rice formula made by Nutraceutical. The complaint, filed in Alameda County, CA, alleges that the levels of lead in both products result in exposures above the Provisional Total Tolerable Intake level for lead of 6 micrograms per day (“ug/day”) applicable to children 6 years of age and younger, as set by the U.S. Food and Drug Administration. A statement issued by the AG asserts that State testing showed that the products actually cause lead exposure between 13 and 15 times the maximum allowable dose under California law. The AG’s office also advised that both companies have voluntarily agreed to stop selling the products at issue in California.

Prop 65 Claims

Lead was placed on the Prop 65 list on two occasions: on February 27, 1987 for reproductive toxicity and on October 1, 1992 for cancer.

Nutraceutical said it intends to vigorously contest the suit, which it said lacks merit. The company has reported that its Toddler Supreme protein supplement’s ingredient levels comply with applicable laws and regulations and don’t pose any safety risk to consumers, based on an opinion from a former FDA toxicologist. An issue will be if the levels meet the safe harbor provisions for lead, which would preclude the requirements for a Prop 65 warning. Prop 65 safe harbors do not always align with FDA standards. The no significant risk level (“safe harbor”) for a cancer warning regarding lead is 15 ug/day (oral exposure). The maximum allowable dose level (“safe harbor”) for a reproductive toxicity warning regarding lead is 0.5 ug/day.

Claims Under CA Consumer Protection Laws

The complaint further alleges that due to the excess levels of lead, the products are adulterated within the meaning of the California Sherman Food, Drug and Cosmetic laws and therefore violates the unlawful prong of CA Bus. & Prof. Code section 17200. The false and misleading statements of the two companies are alleged to also violate CA Bus. & Prof. Code sections 17200 and 17500 in the following ways:

With respect to Graceleigh, by asserting that its ingredients in Sammy’s milk are “selected for purity” and provide “clean nutrition.”
With respect to Nutraceutical, by asserting that its Peaceful Planet product is “CLEAN” and “PURE.”

The State has requested that the court award both injunctive relief and civil penalties (Prop 65 statute calls for $2500 per violation).

We will continue to follow this case and other actions in California related to the continued assault on lead contamination of consumer and children’s products.

This post was written by Daniel J. Herling of Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.

Read more on California legal updates on our California jurisdiction page.

CPSC Finalizes Ban on Certain Children’s Toys and Child Care Articles

On October 27, 2017, the U.S. Consumer Product Safety Commission (“CPSC”) issued a final rule prohibiting children’s toys and child care articles that contain concentrations of more than 0.1 percent of certain phthalates.

What’s Prohibited

The final rule states children’s toys and child care articles containing concentrations of more than 0.1 percent of diisononyl phthalate (“DINP”), diisobutyl phthalate (“DIBP”), di-n-pentyl phthalate (“DPENP”), di-n-hexyl phthalate (“DHEXP”), and dischyclohexyl phthalate (“DCHP”) are prohibited.

Section 108 of the Consumer Product Safety Improvement Act (“CPSIA”) prohibits the manufacture for sale, offer for sale, distribution in commerce, or importation into the U.S. of any children’s toy or child care article that contains these concentrations of certain phthalates. Children’s toys include consumer products designed or intended by the manufacturer for a child 12 years or younger for use by the child when the child plays. A child care article is a consumer product designed or intended by the manufacturer to facilitate sleep or the feeding of children age 3 and younger, or to help such children with sucking or teething.

What Are Phthalates

The most common phthalate, DINP, is added to some plastics to make them flexible and is commonly found in automobile interiors, wire and cable insulation, gloves, tubing, garden hoses, and shoes. DINP is also found in flexible vinyl materials that are used in the production of bedding, garments, outdoor products such as tents and book binders. Non-PVC or vinyl products include inks, adhesives, sealants, paints and lacquers. DINP is also a listed substance known to cause cancer under California’s Proposition 65 and products must provide a warning about exposure.

The CPSC determined that because DIBP, DPENP, DHEXP, and DCHP aren’t widely used, few manufacturers will be impacted and need to reformulate their products. Examples of products containing these phthalates are coating products, fillers, plasters, binding agents, paints, adhesives,

Who’s Affected

The final rule expanded the interim rule concerning DINP to cover all children’s toys, not just those that can be placed in a child’s mouth. Children’s toys that can be placed in a child’s mouth and child care articles containing more than 0.1 percent of DINP have been prohibited since 2009. Manufacturers won’t have to reformulate products in these categories. Only manufacturers of children’s toys that cannot be placed in a child’s mouth will be affected by the final rule.

The final rule applies to both domestic manufacturers and importers and will not be a barrier to international trade. The prohibition involving DINP applies regardless of the origin of the DINP or the phthalate formulation used. Children’s toys and child care articles containing DINP in concentrations greater than 0.1 percent are prohibited even if DINP was not intentionally added.

The final rule becomes effective April 25, 2018 and applies to products manufactured or imported on or after that date.

For more legal analysis go to The National Law Review

Sears Seeks to Modify FTC Order on Online Tracking

In 2009, Sears Holding Management settled with the Federal Trade Commission (FTC) over allegations that the company’s online tracking activity exceeded what they told consumers. Now, Sears has submitted a petition requesting that the FTC reopen and modify its settlement order, arguing that changing technology since 2009 has made the order’s definition of “tracking applications” too broad and has put them at a competitive disadvantage.

The 2009 FTC complaint charged that Sears “failed to disclose adequately the scope of consumers’ personal information it collected via a downloadable software application, telling consumers that the software would track their “online browsing,” without telling them that it also collected information from third-party websites consumers visited such as their shopping cart information, online bank statements, and drug prescription records. Sears was required to stop collecting data from participating consumers and to destroy what they’d collected.

Sears now argues that the definition of “tracking application” in the FTC’s order now applies to most software on nearly all platforms, making them “out of step with current market practices without a corresponding benefit in combatting threats to consumer privacy.” The definition of tracking applications is so broad, Sears claims, that it “encompasses all of Sears’ current mobile apps, forcing Sears to handle disclosures differently than other companies with mobile apps and disadvantaging Sears in the marketplace.” Sears claims that modification of the order would allow the retailer to align with current tracking practices used by their competitors.

For more legal analysis, go to The National Law Review

Telemedicine – Are There Increased Risks With Virtual Doctor Visits?

“Telemedicine” or “Telehealth” are the terms most often used when referring to clinical diagnosis and monitoring that is delivered by technology. Telemedicine encompasses healthcare provided via real time two-way video conferencing; file sharing, including transmission of health history, x-rays, films, or photos; remote patient monitoring; and consumer mobile health apps on smart phones, tablets, and devices that collect data and transmit it to a healthcare provider. Telemedicine is increasingly being used for everything from diagnosing common viruses to monitoring patients with serious long-term health issues.

The American Telemedicine Association reports that majority of hospitals now use some form of telemedicine. Two years ago, there were approximately 20 million telemedicine video consultations; that number is expected to increase to about 160 million by 2020. An estimated one-third of employer group plans already cover some type of telehealth.

Telemedicine implicates legal and regulatory issues as licensing, prescribing, credentialing, and cybersecurity. Pennsylvania recently passed legislation joining the Interstate Medical Licensing Compact, an agreement whereby licensed physicians can qualify to practice medicine across state lines within the Compact if they meet the eligibility requirements. The Compact enables physicians to obtain licenses to practice in multiple states, while strengthening public protection through the sharing of investigative and disciplinary information.

Federal and state laws and regulations may differ in their definitions and regulation of telemedicine. New Jersey recently passed legislation authorizing health care providers to engage in telemedicine and telehealth. The law establishes telemedicine practice standards, requirements for health care providers, and telehealth coverage requirements for various types of health insurance plans. Earlier this year, Texas became the last state to abolish the requirement that patient-physician relationships must first be established during an in-person patient/doctor visit before a telemedicine visit.

As telemedicine use increases, there will likely be an increase in related professional liability claims. One legal issue that arises in the context of telemedicine involves the standard of care that applies. The New Jersey statute states that the doctor is held to the same standard of care as applies to in-person settings. If that is not possible, the health care provider is required direct the patient to seek in-person care. However, the standard of care for telemedicine is neither clear nor uniform across the states.

Another issue that arises in the context of telemedicine is informed consent, especially in terms of communication, and keeping in mind that the Pennsylvania Supreme Court recently held that only the doctor, and not staff members, can obtain informed consent from patients. Miscommunication between a healthcare provider and patient is often an underlying cause of medical malpractice allegations in terms of whether informed consent was obtained.

In addition, equipment deficiencies or malfunctions can mask symptoms that would be evident during an in-person examination or result in the failure to transmit data accurately or timely, affecting the diagnosis or treatment of the patient.

Some of these issues will likely ultimately be addressed by legislative or regulatory bodies but others may end up in the courts. According to one medical malpractice insurer, claims relating to telemedicine have resulted from situations involving the remote reading of x-rays and fetal monitor strips by physicians, attempts to diagnose a patient via telemedicine, delays in treatment, and failure to order medication.

A recent Pennsylvania case illustrates how telemedicine may also impact the way medical malpractice claims are treated in the courts. In Pennsylvania, a medical malpractice lawsuit must be filed in the county where the alleged malpractice occurred. Transferring venue back to Philadelphia County, the Superior Court in Pennsylvania found that alleged medical malpractice occurred in Philadelphia — where the physician and staff failed to timely transmit the physician’s interpretation of an infant’s echocardiogram to the hospital in another county where the infant was being treated.

The use of telemedicine will likely have wide-reaching implications for health care and health care law, including medical malpractice.

2017

For more Health Care legal analysis, go to The National Law Review

GM Labeling Update: Ingredient Disclosure Debate

As previously reported on this blog, legislation requiring labeling of genetically modified (GM) foods and food ingredients was signed into law on July 29, 2016. This law directs the U.S. Department of Agriculture (USDA) to develop regulations and standards to create mandatory disclosure requirements for bio-engineered foods by July 2018. On June 28, 2017, USDA’s Agricultural Marketing Service (AMS) posted a list of 30 questions to obtain stakeholder input to facilitate the drafting of mandatory disclosure requirements to implement the National Bioengineered Food Disclosure Law. One of those questions is:
- “Will AMS require disclosure for food that contains highly refined products, such as oils or sugars derived from bioengineered crops?”
USDA has not yet posted the comments it has received, which were due by August 25, 2017; however, several organizations have posted the comments they submitted in response to the questions. Among the organizations supporting disclosure were the Grocery Manufacturers Assn. (GMA), the International Dairy Foods Assn. (IDFA)and the Consumers Union. Noting that excluding highly refined ingredients (HRI) from the scope of the mandatory disclosure standard would result in roughly 80% fewer products being subject to the disclosure requirements under the federal law, GMA wrote, “A clear, simple, and consistent mandatory disclosure standard that includes HRI will assist manufacturers in educating consumers about biotechnology as a safe and beneficial method of plant breeding.”
In contrast, the Information Technology & Innovation Foundation (ITIF) and The Biotechnology Innovation Organization (BIO) are opposed to mandatory disclosure of HRI. ITIF suggested that some refined products do not contain residual DNA sequences and that “[t]here are not analytical methods that would allow such products to be identified as coming from ‘GM’ plants or animals vs. others.”
While USDA develops mandatory disclosure requirements for bio-engineered foods, a number of class action laws suit have been filed suggesting that products containing GM ingredients are falsely labeled as natural. For example, last week, the U.S. Supreme Court refused to hear a bid by Conagra Brands Inc. to avoid a class-action lawsuit concerning cooking oil labeled 100% natural that contains GM ingredients (see S. News). And earlier this month, Frito-Lay North America agreed to not make any non-GMO claims on certain products “unless the claim is certified by an independent third-party certification organization”(see Food Navigator).
We will continue to monitor developments on the National Bioengineered Food Disclosure Standard and report them to you here.

For more Biotech, Food & Drug legal analysis, go to The National Law Review

So…Everyone’s Been Compromised? What To Do In The Wake of the Equifax Breach

By now, you’ve probably heard that over 143 million records containing highly sensitive personal information have been compromised in the Equifax data breach. With numbers exceeding 40% of the population of the United States at risk, chances are good that you or someone you know – or more precisely, many people you know – will be affected. But until you know for certain, you are probably wondering what to do until you find out.

To be sure, there has been a lot of confusion. Many feel there was an unreasonable delay in reporting the breach. And now that it has been reported, some have suggested that people who sign up with the Equifax website to determine if they were in the breach might be bound to an arbitration clause and thereby waive their right to file suit if necessary later (although Equifax has since said that is not the case). Others have reported that the “personal identification number” (PIN) provided by Equifax for those who do register with the site is nothing more than a date and time stamp, which could be subject to a brute-force attack, which is not necessarily reassuring when dealing with personal information. Still others have reported that the site itself is subject to vulnerabilities such as cross-site scripting (XSS), which could give hackers another mechanism to steal personal information. And some have even questioned the validity of the responses provided by Equifax when people query to see if they might have been impacted.

In all the chaos, it’s hard to know how to best proceed. Fortunately, you have options other than using Equifax’s website.

1. Place a Credit Freeze

Know that if you are a victim of the breach, you will be notified by Equifax eventually. In the meantime, consider placing a credit freeze on your accounts with the three major credit reporting bureaus. All three major credit reporting bureaus allow consumers to freeze their credit reports for a small fee, and you will need to place a freeze with each credit bureau. If you are the victim of identity fraud, or if your state’s law mandates, a credit freeze can be implemented without charge. In some states, you may incur a small fee. Lists of fees for residents of various states can be found at the TransUnion, Experian, and Equifax websites. Placing a freeze on your credit reports will restrict access to your information and make it more difficult for identity thieves to open accounts in your name. This will not affect your credit score but there may be a second fee associated with lifting a credit freeze, so it is important to research your options before proceeding. Also, know that you will likely face a delay period before a freeze can be lifted, so spur-of-the-moment credit opportunities might suffer.

Here is information for freezing your credit with each credit bureau:

Equifax Credit Freeze

You may do a credit freeze online or by certified mail (return receipt requested) to:

Equifax Security Freeze

P.O. Box 105788

Atlanta, GA 30348

To unfreeze, you must do a temporary thaw by regular mail, online or by calling 1-800-685-1111 (for New York residents call 1-800-349-9960).

Experian Credit Freeze

You may do a credit freeze online, by calling 1-888-EXPERIAN (1-888-397-3742) or by certified mail (return receipt requested) to:

Experian

P.O. Box 9554

Allen, TX 75013

To unfreeze, you must do a temporary thaw online or by calling 1-888-397-3742.

TransUnion Credit Freeze

You may do a credit freeze online, by phone (1-888-909-8872) or by certified mail (return receipt requested) to:

TransUnion LLC

P.O. Box 2000

Chester, PA 19016

To unfreeze, you must do a temporary thaw online or by calling 1-888-909-8872.

After you complete a freeze, make sure you have a pen and paper handy because you will be given a PIN code to keep in a safe place.

2. Obtain a Free Copy of Your Credit Report

Consider setting up a schedule to obtain a copy of your free annual credit report from each of the reporting bureaus on a staggered basis. By obtaining and reviewing a report from one of the credit reporting bureaus every three or four months, you can better position yourself to respond to unusual or fraudulent activity more frequently. Admittedly, there is a chance that one of the reporting bureaus might miss an account that is reported by the other two but the benefit offsets the risk.

3. Notify Law Enforcement and Obtain a Police Report

If you find you are the victim of identity fraud (that is, actual fraudulent activity – not just being a member of the class of affected persons), notify your local law enforcement agency to file a police report. Having a police report will help you to challenge fraudulent activity, will provide you with verification of the fraud to provide to credit companies’ fraud investigators, and will be beneficial if future fraud occurs. To that end, be aware that additional fraud may arise closer to the federal tax filing deadline and having a police report already on file can help you resolve identity fraud problems with the Internal Revenue Service if false tax returns are filed under your identity.

4. Obtain an IRS IP PIN

Given the nature of the information involved in the breach, an additional option for individuals residing in Florida, Georgia, and Washington, D.C. is to obtain an IRS IP PIN, which is a 6-digit number assigned to eligible taxpayers to help prevent the misuse of Social Security numbers in federal tax filings. An IP PIN helps the IRS verify a taxpayer’s identity and accept their electronic or paper tax return. When a taxpayer has an IP PIN, it prevents someone else from filing a tax return with the taxpayer’s SSN.

If a return is e-filed with a taxpayer’s SSN and an incorrect or missing IP PIN, the IRS’s system will reject it until the taxpayer submits it with the correct IP PIN or the taxpayer files on paper. If the same conditions occur on a paper filed return, the IRS will delay its processing and any refund the taxpayer may be due for the taxpayer’s protection while the IRS determines if it is truly the taxpayer’s.

Information regarding eligibility for an IRS IP PIN and instructions is available here and to access the IRS’s FAQs on the issue, please go here.

Conclusion

Clearly, the Equifax breach raises many issues about which many individuals need to be concerned – and the pathway forward is uncertain at the moment. But by being proactive, being cautious, and taking appropriate remedial measures available to everyone, you can better position yourself to avoid fraud, protect your rights, and mitigate future fraud that might arise.

For more legal news go to The National Law Review

Trump Administration Issues New Guidance for Automated Driving Systems

The National Highway Traffic Safety Administration (NHTSA) announced yesterday the Trump administration’s first significant guidance concerning autonomous vehicles and Automated Driving Systems (ADS).

The new voluntary guidelines, titled Automated Driving Systems: A Vision for Safety, are intended to encourage innovation in the industry and are being touted as the administration’s “new, non-regulatory approach to promoting the safe testing and development of automated vehicles.” One of the most important aspects of these guidelines is the NHTSA’s clarification of its view of the delineation between the roles of the states and the federal government with respect to ADS technology.

The new guidelines replace the Federal Automated Vehicle Policy (FAVP), which was released by the Obama administration in 2016. A Vision for Safety comprises voluntary guidance for vehicle manufacturers, best practices for state legislatures when drafting ADS legislation, and a request for further comment.

Autonomous-vehicle manufacturers are asked to undertake a voluntary self-assessment addressing 12 safety elements discussed in the new guidance. That is a slight departure from the FAVP, which detailed a 15-point safety assessment. The safety self-assessment remains voluntary, and NHTSA emphasizes that there is no mechanism to compel manufacturers to participate. The agency also stated that the testing or deployment of new ADS technologies need not be delayed to complete a self-assessment.

In what may be the most significant component of the guidance, NHTSA made clear its role as the primary regulator of ADS technology by “strongly encourage[ing] States not to codify th[e] Voluntary Guidance . . . as a legal requirement for any phases of development, testing, or deployment of ADSs.”

Further acknowledging the potential problems associated with a patchwork of state laws, the agency expressed its belief that “[a]llowing NHTSA alone to regulate the safety design and performance aspects of ADS technology will help avoid conflicting Federal and State laws and regulations that could impede deployment.” States are instead tasked by A Vision for Safety with regulating licensing of human drivers, motor vehicle registration, traffic laws, safety inspections, and insurance.

The new guidance comes just one week after the House of Representatives passed the SELF-DRIVE Act designed to eliminate legal obstacles that could interfere with the deployment of autonomous vehicles. However, as NHTSA and Congress are seeking to speed up ADS development by removing regulatory and legal impediments, it is noteworthy that on the same day NHTSA announced A Vision for Safety, the National Transportation Safety Board (NTSB) called for NHTSA to require automakers to install “system safeguards to limit the use of automated vehicle systems to those conditions for which they were designed.”

In an abstract of its forthcoming final report on the 2016 fatal crash involving a Tesla Model S operating in semi-autonomous mode, the NTSB concluded that “operational limitations” in the Tesla’s system played a major role in the fatal crash and that the vehicle’s semi-autonomous system lacked the safeguards necessary to ensure that the system was not misused. These recent developments only underscore the uncertainty facing the industry as regulators attempt to keep pace with fast-developing technology.