Alston & Bird Consumer Finance Blog

California

California Governor Moves to Strengthen State Consumer Protection Enforcement in 2020

A&B ABstract:

On January 10, 2020, California Governor Gavin Newsom released his budget summary for 2020 to 2021. Fearing that the Trump administration will further roll back consumer financial protections, Gov. Newsom proposed the California Consumer Financial Protection Law, which would provide the state’s primary financial services regulator with additional authority to enforce consumer protection laws.

Discussion

In his budget summary for 2020 to 2021 (“Budget”), Gov. Newsom expressed concern that “[t]he federal government’s rollback of the [Consumer Financial Protection Bureau (“CFPB”)] leaves Californians vulnerable to predatory businesses and leaves companies without the clarity they need to innovate.” Seeking to protect Californians from the effects of such rollbacks, Gov. Newsom proposed that state funds be allocated to enact and administer the California Consumer Financial Protection Law (“CCFPL”).

A draft of the CCFPL is not yet available.  However, as described in the Budget, the CCFPL would expand the authority and capacity of the state’s primary financial services regulator, the Department of Business Oversight (“DBO”), “to protect [California] consumers and foster the responsible development of new financial products.”

Change in Regulatory Structure

The DBO, which would be re-named the Department of Financial Protection and Innovation (“DFPI”), would be responsible for:

  • Offering services to empower and educate consumers, especially older Americans, students, military service members, and recent immigrants;
  • Licensing and examining new industries that are currently under-regulated [including, but not limited to, debt collectors, credit reporting agencies, and financial technology companies];
  • Analyzing patterns and developments in the market to inform evidence-based policies and enforcement;
  • Protecting consumers through enforcement against unfair, deceptive, and abusive practices;
  • Establishing a new Financial Technology Innovation Office that will proactively cultivate the responsible development of new consumer financial products;
  • Offering legal support for the administration of the new law; and
  • Expanding existing administrative and information technology staff to support the DFPI’s increased regulatory responsibilities.

The statements on the DFPI indicate that it will be another “mini-CFPB” (i.e. a state version of the CFPB) that will protect California consumers in a way that Gov. Newsom believes the CFPB cannot. Former CFPB Director Richard Cordray is reportedly working with California to develop the DFPI.

DFPI Funding and Staffing

The Budget includes a $10.2 million Financial Protection Fund and the creation of 44 new positions at the DFPI between 2020 and 2021. This will grow to $19.3 million and 90 new positions at the DFPI between 2022 and 2023, to establish and administer the CCFPL. According to the Budget, initial costs for the DFPI and the CCFPL “will be covered by available settlement proceeds in the State Corporations and Financial Institutions Funds, with future costs covered by fees on any newly-covered industries and increased fees on existing licensees.”

Takeaway

Gov. Newsom’s comments in the Budget suggest that California will be more active in investigating regulated financial services entities and enforcing California’s existing consumer protection laws. Additional regulations may be passed as part of this initiative. Action by California is consistent with a growing trend among the states to be more active in their oversight of regulated industries in response to a less active CFPB. Industry participants should be mindful of this trend, assessing their compliance programs to manage oversight from multiple entities under multiple regulatory schemes.

Alston & Bird Details 21 Potentially Significant Impacts from Draft CCPA Regulations

Late last week, the California Attorney General published much-anticipated proposed Regulations under the California Consumer Privacy Act (“CCPA”). The Regulations are extensive and contain a number of potentially material business impacts.

To help companies work through the Regulations, Alston & Bird’s Privacy & Data Security team published a client advisory outlining “21 Potentially Significant Business Impacts” from the proposed CCPA Regulations. View the full advisory here.

This advisory tackles a number of issues likely of interest to companies attempting to get ready for CCPA, including:

  • Why posting a CCPA privacy policy on your website may not be enough to satisfy your CCPA notice obligations – instead you may need additional “just in time” notices at every specific point where you collect data (or lose the right to collect it);
  • Why you may hear discussions about a potential return of Do Not Track in the online context, this time as a “Do Not Sell My Info” request;
  • Why brick-and-mortar interactions with consumers may require companies to facilitate “offline” CCPA rights requests; and
  • Why companies that take a position as vendor or service provider may need to examine any aspect of their business that involves pooling customer data for regulatory risk.

Alston & Bird is closely following the development of the CCPA and its Regulations. For more information, contact Jim HarveyDavid KeatingAmy MushahwarKaren Sanzaro, or Daniel Felz.