If it was not clear before, the Federal Trade Commission (FTC) provided further evidence to Congress yesterday of how seriously it takes violations of the Fair Credit Reporting Act (FCRA). We’ve previously written about the warnings letters that the FTC mailed to data brokers earlier this year and the FTC’s decision to begin focusing on the privacy practices of the data brokerage industry generally. It appears that the FTC has no intention of decreasing its enforcement action in the data broker space. Judging by the $30 Million in civil penalties imposed upon various data brokers in the aggregate for violations of the FCRA last year, the FTC’s comments yesterday should be heeded by everyone in the data brokerage business.
FCRA Generally
The FCRA was created to protect consumer privacy and to ensure that those who collect, distribute and sell consumer information – called consumer reporting agencies (CRAs) – properly verify the identities of the parties requesting such information and confirm that such parties have a lawful purpose for receiving and using consumer information.
FTC’s Most Recent Comments
Yesterday, FTC Consumer Protection Director Jessica Rich emphasized the FTC’s concern that consumers are usually unaware of the type and extent of personal information collected and shared by data brokers. Director Rich emphasized the FTC’s focus on giving consumers greater control over how their information is collected and used by data brokers, including giving consumers better access to the data maintained about them.
In an effort to increase the level of consumer transparency present within the industry, the FTC introduced a three-pronged plan of attack: 1) aggressive enforcement of the FCRA; 2) the issuance of further compliance reports and directives; and 3) continuing to educate consumers about their data and information rights.
Takeaway and Best Practices for Data Brokers
While there are still several types of entities that are not covered by the FCRA, the FTC revealed that the data broker industry is in its crosshairs and the comments of Director Rich serve as a not-too-subtle reminder for the companies to re-evaluate their verification procedures in accordance with the requirements set forth by the FCRA. Considering the FTC’s recent scrutiny of the data brokerage industry, it would be wise for every company that collects, shares and/or uses consumer information to evaluate its business practices to avoid encountering an FTC investigation, one that could result in associated injunctive action, fines and other costs.
If you are interested in learning more about this topic or need to review your data collection, usage and/or distribution practices, please e-mail us at info@kleinmoynihan.com, or call us at (212) 246-0900.
The material contained herein is provided for informational purposes only and is not legal advice, nor is it a substitute for obtaining legal advice from an attorney. Each situation is unique, and you should not act or rely on any information contained herein without seeking the advice of an experienced attorney.
Attorney Advertising
