|Date of enforcement action:|
|United States||USD 120,000 (US$120,000)|
|Defendant company or entity:||Industry segment:|
|Mortgage Solutions FCS, Inc||Financial Services /|
A California-based mortgage broker will pay $120,000 to settle Federal Trade Commission allegations that it violated the Fair Credit Reporting Act and other laws by revealing personal information about consumers in response to negative reviews posted on the review website Yelp.
In a complaint filed by the Department of Justice on behalf of the Commission, the FTC alleges that Mortgage Solutions FCS, Inc. (doing business as Mount Diablo Lending) and its sole owner, Ramon Walker, responded to consumers who posted negative reviews on Yelp by revealing their credit histories, debt-to-income ratios, taxes, health, sources of income, family relationships, and other personal information. Several responses also revealed reviewers’ first and last names, according to the complaint.
For example, in response to one negative Yelp review, Walker wrote on behalf of the company: “Your credit report shows 4 late payments from the Capital One account, 1 late from Comenity Bank which is Pier 1, another late from Credit First Bank, 3 late payments from an account named SanMateo. Not to mention the mortgage lates. All of these late payments are having an enormous negative impact on your credit score.”
“Companies that use credit reports and scores have a legal obligation to keep that information confidential,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection. “They should not disclose that information to third parties without a legitimate reason to do so, and they certainly should not post that information on the Internet to embarrass or punish consumers, as happened here.”
The FTC alleges that Walker and Mount Diablo also violated the FTC Act and the Gramm-Leach-Bliley Act, including by failing to implement an information security program until September 2017 and by not subsequently testing the program.
As part of the settlement, Walker and Mount Diablo will pay a $120,000 penalty for violating the FCRA. In addition, they are prohibited from misrepresenting their privacy and data security practices, misusing credit reports, and improperly disclosing personal information to third parties.
Mount Diablo must also implement a comprehensive data security program designed to protect the personal information it collects and obtain third-party assessments of its information security program every two years. The company must designate a senior corporate manager responsible for overseeing the information security program to certify compliance with the order every year.
(U.S. Federal Trade Commission)
|Enforcement authority:||Type of enforcement action:|
|U.S. Federal Trade Commission||Penalty notice|
|Subject to appeal?|
|No (case has been settled)|
Cite this fine in your work
Data Privacy Fines Index. (2020-01-07 07:45) Mortgage Solutions FCS, Inc fined USD 120k. dataprivacyfines.com. Retrieved from https://dataprivacyfines.com/fine/mortgage-solutions-fcs-inc-fined-usd-120k/
Entry last updated: 2020-01-19 10:25 GMT.