The more things change, the saying goes, the more they stay the same.

In 2017, as in 2016, consumer financial services still ranked as one of this nation’s most thoroughly regulated industries. For those companies confronting the prospect of a governmental agency’s enforcement action or one more plaintiff’s suit, addressing regulatory compliance, navigating the minutiae of regulatory supervision, or weighing major as well as minor transactions, a year that began with definite promise instead concluded with much still contested and many threats newly ascendant. This article offers a snapshot of some of these notable developments, touching upon issues in class action adjudication, background screening, debt collection, credit reporting and more. It is a tale of grand transformations, followed by unexpected counter-developments, of expectations repeatedly stymied by actual events.

Looking Back

Federal Level

Snapshot of Federal Case Law

In 2017, laws touching upon most aspects of consumer financial services underwent noteworthy transformations, many distinctly advantageous to wary defendants, traceable to regulatory, personnel and philosophical changes. Yet, even as many federal and state courts shaped some hallowed doctrines into better shields, others handed finer weapons to the ever-zealous plaintiffs bar. Consequently, rather than the calm so many expected to arrive after Jan. 1, 2017, judicial opinions had interjected only more treacherous ambiguity into the world of consumer finance by Dec. 31, 2017.

The U.S. Supreme Court bears some blame for this new reality. In last year’s Spokeo Inc. v. Robins, 136 S. Ct. 1540 (2016), the court refined the standing requirements, as set in Article III of the Constitution, for bringing a case into federal court. In 2017, the court’s failure to clarify how and where to draw the line between “bare procedural violation[s]” and “concrete and particularized” injuries in Spokeo, however, produced discordant interpretations amongst the lower courts as to plaintiffs’ standing under numerous consumer protection statutes. In even less time, two 2017 decisions  (1) Microsoft Corp. v. Baker, 137 S. Ct. 1702 (2017), and (2) Bristol-Squib Co. v. Superior Court of Ca., 137 S. Ct. 1773 (2017)  led to the same disarray. Deprived of even such vague guidance from the nation’s highest courts, circuits have spent the year squabbling over the ascertainability requirement implied into Federal Rule of Civil Procedure 23(b)(3) and the propriety of tolling statutes of limitation in class action cases.

Throughout 2017, the familiar hobgoblins  (1) the Fair Credit Reporting Act; (2) the Fair Debt Collection Practices Act; (3) the Telephone Consumer Protection Act; (4) and other consumer protection statutes  pestered large and small defendants, eliciting further judicial disharmony. With the number and stake of FCRA suits increasing, new defendants, including consumer reporting agencies, data wholesalers and public record vendors, found themselves in this 1977 law’s crosshairs. Invoking Spokeo, defendants won some substantial victories in FDCPA cases, such as Henson v. Santander Consumer USA Inc. and Johnson v. Midland; at year’s end, they could even hail the increasingly patent judicial distaste for classifying the failure to disclose the accrual of prejudgment interest as a violation of the FDCPA.

Nevertheless, these same defendants achieved only intermittent success at the district court level. Clarity as to key issues still eluded these usual victims, as no one ended the year certain about the precise meaning of “debt collector,” a court’s likely treatment of tax-consequence language in settlements, and the extent of a debt collector’s obligation to disclose that a “current balance” may increase due to interest and fees in any collection notice, a duty only recently implied into the FDCPA by the Second Circuit in Avila v. Riexinger & Assocs. LLC, 817 F.3d 72 (2d Cir. 2016). Similarly, with growing success, mortgage lenders and servicers invoked Spokeo to defeat numerous individual and class action complaints. They too, however, trudged through a bewildering array of regulations and equivocal judicial guidance. As for the TCPA, the statutory basis for more than 3,700 lawsuits in the last year alone, defendants nationwide found much relief from Spokeo, but were still waiting for an answer from the D.C. Circuit as to this law’s hotly contested scope when 2018 arrived.

Naturally, the same kind of discord has plagued the field of cyber-security and privacy. In the face of mostly uniform judicial hostility, plaintiffs have found some success with new theories of liability for data breaches. Meanwhile, in several data misuse cases, dismissal turned on close readings and application of defendants’ respective terms and conditions and privacy policies, as well as the specific details of consumers’ use of and interaction with the applications and websites at issue and the nature of the information actually collected.

Instances of Federal Agencies’ Deregulatory Drift

Last year’s uncertainty came from more than muddled precedent. Instead, slowly but surely, political reshuffling changed the tenor — but not always the behavior — of major federal agencies, including the Consumer Financial Protection Bureau, the Federal Trade Commissionand the Federal Communications Commission.

As evidenced in the headlines, by December 2017, the CFPB was becoming a shadow of its former self. It had been greatly weakened, not only by a succession struggle, but also by the probable ascent of a more pro-business director; various bills designed to curtail its authority over sundry issues had been introduced, with support from the president and his party’s congressional leaders; and its proposed rule restricting consumer arbitration had been easily nullified. Nonetheless, the CFPB retained its intense focus on banks, debt collectors, credit card companies, mortgage companies and mortgage servicers, as indicated by suits against Citibank NA and Conduent Business Services filed on Nov. 20 and 21, 2017, respectively.

The FTC also enjoyed a busy year, bringing several data security enforcement actions, settling its first-ever complaint against individual social media influencers, and joining forces with various jurisdictions’ attorneys general in a crackdown on scams related to student loan debt relief. As its proposed strategic plan for 2018 announces, this aged agency remains eager and ready to collaborate with domestic and international partners to preserve and promote competition and protect consumers. In one area at least — privacy practices — federal regulators from more than just the FTC have taken progressively more aggressive stances as 2017 unwound. Indeed, little letup, if any, seemed to occur in enforcement actions targeting money laundering.

Two of the FCC’s actions in 2017 exemplify the federal bureaucracy’s strangely divided mindset. On the one hand, the FCC has stood pat on its broad and controversial definition of an “autodialer,” effectively arguing for increased defendant liability. On the other hand, it has just as enthusiastically supported the FTC’s quest for jurisdiction over “non-common carrier activities,” seemingly attempting to minimize this same liability by surrendering some of its historic powers to the more passive (and apparently less regulatory inclined) FTC.

Percolating Legislation

With legislators still prone to utilizing amusing titles, this year’s federal bills had a distinct deregulatory theme.

For instance, in May 2017, Rep. Barry Dean Loudermilk, R-Ga., introduced the FCRA Liability Harmonization Act, which would cap class action damages in FCRA claims at $500,000 or 1 percent of the defendant’s net worth, whichever is less, and eliminate punitive damages. In September 2017, the entire House of Representatives passed the SELF DRIVE Act. If enacted, this law would preempt state standards for the design and construction of automated driving systems and raise the potential number of self-driving cars that a manufacturer can put on the road. And on Nov. 16, 2017, Banking Committee (SBC) Chairman Sen. Michael Dean Crapo, R-Idaho, introduced the so-called “Economic Growth, Regulatory Relief and Consumer Protection Act,” eagerly anticipated Senate legislation designed to foster economic growth and reduce regulatory burdens for small- and medium-sized financial institutions by peeling back the 2010 Dodd-Frank Act. A companion piece to the House’s “Financial CHOICE Act of 2017,” a bill introduced by Thomas Jeb Hensarling, R-Texas, leader of the House Financial Services Committee, and strongly supported by the House’s Republican leadership, the Senate bill boasts a narrower scope and the support of nine democratic Senators. The contrast between the House’s bill and the Crapo draft is, perhaps, the most revealing testament to this year’s prevailing theme: proposed with such fanfare, opposed by consumer advocates and lauded as transformative by the financial industry, Hensarling’s bill passed the House on June 8, 2017, but, stalled in the Senate, and has been overlooked in favor of Carpo’s bill.

Still, in contrast with the previous eight years, the executive branch, from the president to the various cabinet departments, have lent aid to these efforts. For example, on Oct. 26, 2016, the U.S. Department of the Treasury released a report entitled “A Financial System That Creates Economic Opportunities: Asset Management and Insurance.” Required to issue reports, all focusing about potential ways to legislatively and administratively reform the U.S. financial system, in accordance with President Donald Trump’s Executive Order 13772 on Core Principles for Regulating the U.S. Financial System, the Treasury’s recommendations will likely inform the efforts currently underway in Congress to advance a particular vision of regulatory reform.

Beyond D.C.

A New Regulatory Army Coalesces: The Rise of the Attorneys General

With the federal government’s approach changing, a decisive new threat to defendants in consumer finance cases has emerged. Simply put, the potential somnolence of once active federal agencies has amplified, rather than minimized, various defendants’ legal risk as other actors, some operating far beyond the Potomac’s southern bank, awoke. Endowed with their own panoply of regulatory tools and consumer protection statutes, AGs in sundry states, including New York, California, Virginia, Maryland and Massachusetts, both launched regulatory actions and litigation against various lenders, promised to sue the federal government for its deregulatory push, and aggressively enforced proper online privacy practices. Even more ostensibly business-friendly jurisdictions, such as Georgia and Florida, have affirmed their determination to chasten allegedly “predatory” lenders and secured sizable settlements from two defendants for alleged violations of each state’s usury and licensing laws.

As these examples indicate, the federal government’s retreat has seemingly hastened explosive growth of regulatory activity on the state level. In light of this nascent menace, even payment processors and auto lenders and servicers, entities that had benefited greatly from the CFPB’s ideological drift and its arbitration prohibition’s fall, had reason to greet the New Year with leery trepidation.

On the Horizon

With the election of Trump, putting Republicans in charge of all branches of the federal government, some looked forward to 2017 as a watershed moment in which a fundamental lowering of litigation and regulatory risks and burdens for the financial services industry would take place. True, major changes did occur at the federal level in certain areas, leading to the reduction of some risks and the lessening of certain burdens; the prevailing powers’ preferences have been bluntly expressed. Holistically, it is not possible to say that 2017 saw a truly comprehensive transformation, however. In its broad contours, the pattern of regulation and litigation established in prior years mostly remains in place, verbally battered but remarkably durable. Indeed, even as to those issues in which federal regulators have stepped back, state regulators are stepping forward (or threatening) to fill many, if not quite, all ensuing gaps.

Originally published on Law360