July 26, 2024
The Devil is in the Details: Technical Violations of State Collection Practices Laws Can Lead to Class Action Liability
Anastasia V. Caton and Tracy Wang
If you are reading this article, you are likely aware that a creditor collecting its own debts in its own name is not a "debt collector" under the federal Fair Debt Collection Practices Act ("FDCPA") or its implementing rule, Regulation F ("Reg F"). Of course, the federal Consumer Financial Protection Bureau ("CFPB") and Federal Trade Commission ("FTC") both take the position that creditors ought to comply with most provisions of the FDCPA in order to prevent unfair, deceptive, or (in the case of the CFPB) abusive collection practices.
For years, the FDCPA was the primary tool for consumer litigants to target collection practices. However, the FDCPA has its limits. The law only applies to "debt collectors" which include persons collecting debts owed or due another, and persons engaged in a business, the principal purpose of which is the collection of debts. It is practically impossible to sue in federal court for technical violations of the FDCPA. In the wake of the U.S. Supreme Court's holdings in Spokeo, Inc. v. Robins, 578 U.S. 330 (2016) and TransUnion LLC v. Ramirez, 141 S. Ct. 2190 (2021), the bar for Article III standing (i.e., the harm that a plaintiff must allege to bring a case in federal court) continues to grow ever higher.
But federal regulatory risk is not the only risk for creditors collecting their own paper. Consumer advocates and plaintiffs' attorneys are turning their attention to state collection practices laws. About 31 states have adopted their own laws that regulate collection practices (referred to throughout this article as "mini-FDCPA" laws). These state mini-FDCPA laws may regulate the collection practices of a wider class of entities than the federal FDCPA, including servicers that begin handling accounts prior to default and creditors collecting their own debts. Like their federal analog, state mini-FDCPA laws generally prohibit unfair, unconscionable, deceptive, harassing, or abusive acts or practices. As a result, most creditors are likely following these rules simply by virtue of following the federal FDCPA as a matter of UDAAP prevention. But, the devil is in the details. Some state mini-FDCPA laws go beyond the FDCPA and impose various technical obligations, including disclosure requirements, contact frequency limitations, and debt validation notices and procedures.
Most state mini-FDCPA laws are enforced by the state attorney general. However, many states also have private rights of action. By and large, state attorneys general will typically pursue companies for truly abusive, deceptive, or harassing collection conduct, rather than mere technical violations. Failure to provide mini-Miranda warnings doesn't make for splashy headlines, and it is difficult to argue that a consumer was harmed by the failure to provide a mini-Miranda warning. What is attention-grabbing and closely tied to consumer harm? Protecting consumers from relentless, harassing collection calls or empty threats to sue.
Plaintiffs' attorneys, on the other hand, are less constrained in bringing lawsuits to enforce so-called "technical" rules in state mini-FDCPA laws. These cases are less exciting, and the likelihood of consumer harm is low. But they are enticing for several reasons. First, the increasing use of automation - from batching and sending electronic and written communications, to imposing fees - means that a practice impacting one consumer has likely impacted many consumers. Second, state courts often do not have as rigorous a standing bar as Article III federal courts. In other words, plaintiffs may not have to demonstrate the same level of harm or risk of harm to bring their mini-FDCPA cases in state court. Couple the low standing bar with the increasingly automated ways in which companies do business, and you have a recipe for class action risk for violations of state mini-FDCPA laws, including for the most technical violations that pose little risk of consumer harm.
We have seen just that in recent months. Plaintiffs have brought class action lawsuits based upon a creditor or servicer sending collection emails and text messages overnight, alleging violations of state laws that prohibit communicating between the hours of 9 pm and 8 am in the plaintiff's time zone. These lawsuits have seized on the common practice of batching and sending emails or text messages overnight and are relying on courts to agree with the CFPB (as expressed in Reg F) that an electronic communication is made when it is sent, regardless of when the consumer actually views it.
Still other plaintiffs have used state mini-FDCPA laws to target payment convenience fees (i.e., fees to make a payment via a certain method, such as over the phone or by credit card). These types of fees usually are not expressly prohibited nor expressly authorized by law. Plaintiffs have brought cases alleging that the charging of such fees violates state mini-FDCPA laws that prohibit charging fees not authorized by the law or the contract creating the debt. They, too, are relying on courts to agree with the CFPB that such fees are incidental to the debt, not a separate transaction or service, and therefore any "clickwrap" at the point-of-sale is insufficient authorization.
The statutory requirements under state collection laws are already complex to navigate. While automation offers convenience and consistency, it also heightens the class action risk in states with private rights of action. In addition, the low bar for standing in many state courts fuels exposure for mere "technical violations" resulting in little-to-no consumer harm. Creditors and servicers would be wise to closely review their state compliance obligations and consider whether operational improvements are necessary.