ann-h / pexelsNews in the ARM industry never stops. It’s nearly impossible to read everything everyday, and determining what’s truly relevant can be a challenge. That’s where insideARM’s weekly recap comes in. Our weekly recap of top stories will give you the news we found most interesting last week and, more importantly, why we think it’s relevant. Last week, we brought you info about a state court mail vendor lawsuit in which the debt collector prevailed and a deep dive into the intersection of cybersecurity and compliance.
On Wednesday, we brought you news from Orrick about a state court lawsuit in which the state’s appellate court affirmed the dismissal of a suit alleging the debt collector violated the FDCPA by using a mail vendor. When these cases first entered the scene nearly 5 years ago, through a well-known, but will-not-be-named case, these mail vendor suits became all the rage among certain groups of consumer attorneys. After all, why pursue cases where there might be actual consumer harm when you can make a technical challenge to a decades-long industry practice that uses a very basic function of technology? These cases were like dollar scratchers for consumer attorneys: available whenever, little work, little effort, sometimes a dud, sometimes a small payout, and sometimes a larger one. But they were available everywhere, so they kept trying again and again.
When the case law made it apparent that state court, not federal court, was the proper venue, we saw another wave of these cases, and there was some concern that state court judges would see things differently than their federal counterparts. Fortunately, reason and logic seem to be winning out, and at least in this case, both the state court judge and the appellate court understand that sending a data file to a vendor to print and mail a letter is not the type of third-party disclosure prohibited by the FDCPA.
On Thursday, we brought you an article from Phillips & Cohen Associates that breaks down why cybersecurity should be treated as a compliance function measured by consumer outcomes. Notably, this piece was written by PCA’s CISO and not a regulatory compliance person. Over the last two decades, compliance, operations, and IT have become like the legs on a three-legged stool: all three must work together for the organization’s benefit. If any one of these is weighted more heavily than the others, things can become unbalanced. This article is a wonderful glimpse into a CISO’s view of this structure and how an organization can establish or maintain its security and balance.
Have a question about how your company should react to the news above? We have a group for that! The weekly peer call hosted by insideARM’s Research Assistant is the perfect place to ask a question and get advice from industry colleagues who are facing the same challenges you are. Not sure if it is for you? Try it on for size with our 1-month free trial. Click here to learn more!
