Writing fraudulent reviews about businesses on services like Yelp can land you in big legal trouble. But suppose a financial services merchant hit back on your legitimate complaint or confusion by revealing all the juicy details shown in your personal credit report.
A California-based mortgage broker will pay $120,000 to settle Federal Trade Commission allegations that it violated the Fair Credit Reporting Act and other laws by revealing personal information about consumers in response to negative reviews posted on the review website Yelp.
In a complaint filed by the Department of Justice on behalf of the Commission, the FTC alleges that Mortgage Solutions FCS, Inc. (doing business as Mount Diablo Lending) and its sole owner, Ramon Walker, responded to consumers who posted negative reviews on Yelp by revealing their credit histories, debt-to-income ratios, taxes, health, sources of income, family relationships, and other personal information. Several responses also revealed reviewers’ first and last names, according to the complaint.
For example, in response to one negative Yelp review, Walker wrote on behalf of the company: “Your credit report shows 4 late payments from the Capital One account, 1 late from Comenity Bank which is Pier 1, another late from Credit First Bank, 3 late payments from an account named SanMateo. Not to mention the mortgage lates. All of these late payments are having an enormous negative impact on your credit score.”
“Companies that use credit reports and scores have a legal obligation to keep that information confidential,” said Andrew Smith, Director of the FTC’s Bureau of Consumer Protection. “They should not disclose that information to third parties without a legitimate reason to do so, and they certainly should not post that information on the Internet to embarrass or punish consumers, as happened here.”
The FTC alleges that Walker and Mount Diablo also violated the FTC Act and the Gramm-Leach-Bliley Act, including by failing to implement an information security program until September 2017 and by not subsequently testing the program.
As part of the settlement, Walker and Mount Diablo will pay a $120,000 penalty for violating the FCRA. In addition, they are prohibited from misrepresenting their privacy and data security practices, misusing credit reports, and improperly disclosing personal information to third parties.
Mount Diablo must also implement a comprehensive data security program designed to protect the personal information it collects and obtain third-party assessments of its information security program every two years. The company must designate a senior corporate manager responsible for overseeing the information security program to certify compliance with the order every year.
The Federal Trade Commission works to promote competition, and protect and educate consumers. You can learn more about consumer topics and file a consumer complaint online or by calling 1-877-FTC-HELP (382-4357).
@FTC #YELP #negativereviews #privacy #creditreports #personal data #consumerdebt #loans #mortgages #security #FCRA