Attorney General Pam Bondi, along with the 49 other attorneys general and the District of Columbia, today reached a settlement with Uber Technologies, Inc. for allegedly failing to comply with the Florida Information Protection Act and other related laws. [Read more…] about $148 Million Settlement Reached with Uber for Data Breach
Attorney General Pam Bondi is reminding consumers who rented a car from Avis, Budget or Payless between Jan. 1, 2010 to July 10, 2017 and were charged for e-Toll services to file a claim before the January deadline. The deadline to submit a claim is Jan. 7, 2018. Refund checks will be mailed in March 2018 to eligible claimants wrongfully charged for e-Toll services.
For more information about the claims process and to access the claim form, click here. In July this year, Attorney General Bondi’s Office reached a settlement with Avis Budget Car Rental System, LLC, which owns Avis, Budget and Payless. The settlement resolves allegations related to the rental car companies’ practices involving add-on fees for cashless tolls in Florida and other related add-on charges. As part of the settlement, the three companies are required to provide refunds to any consumers charged for e-Toll without sufficient disclosures, who have not already been reimbursed and who file a claim for a refund. For more information about the settlement, click here.
Attorney General Pam Bondi today announced a $220 million multistate settlement with Deutsche Bank for fraudulent conduct involving the manipulation of LIBOR. LIBOR is a benchmark interest rate that affects financial instruments worth trillions of dollars and has a widespread effect on global markets and consumers. By manipulating LIBOR, Deutsche Bank defrauded government entities and not-for-profit organizations in Florida and throughout the U.S. out of millions of dollars.
The investigation, conducted by a working group of 45 state attorneys general, revealed that Deutsche Bank manipulated LIBOR in a number of ways. Deutsche Bank employees improperly made internal requests for LIBOR submissions to benefit Deutsche Bank’s trading positions. Deutsche Bank also attempted to influence other banks’ LIBOR submissions in a manner intended to benefit their trading positions. Lastly, Deutsche Bank received communications from inter-dealer brokers and external traders attempting to influence Deutsche Bank’s LIBOR submissions. At times, Deutsche Bank LIBOR submitters and supervisors expressly acknowledged and indicated they would work to implement the requests received.
Deutsche Bank employees had strong reason to believe that these LIBOR submissions did not reflect the true borrowing rates pursuant to published guidelines. Additionally, the LIBOR rates the bank submitted did not reflect the actual borrowing costs of Deutsche Bank and other panel banks. Even though these rates are material terms of LIBOR-referenced transactions, Deutsche Bank employees did not disclose these facts to the governmental and not-for profit counterparties who executed the transactions with the bank.
Governmental and not-for-profit entities with LIBOR-linked swaps and other investment contracts with Deutsche Bank will be notified if they are eligible to receive a distribution from the settlement fund of more than $213 million. The balance of the settlement fund will be used to pay costs and expenses of the investigation and for other uses consistent with state laws.
As part of the settlement, the Florida State Board of Administration is receiving more than $10 million and other Florida counter-parties are receiving a total more than $5 million.
To view a copy of the settlement, click here.
Deutsche Bank is the second of several USD-LIBOR-setting panel banks under investigation by the state attorneys general to settle. In August, 2016, the states settled with Barclays Bank PLC and Barclays Capital Inc. Deutsche Bank is cooperating with the investigation. The investigation into the conduct of several other USD LIBOR-setting panel banks is ongoing.
The Florida Public Service Commission (PSC) will hold a hearing Wednesday, October 25, 2017, on Duke Energy Florida, LLC’s (DEF) petition to approve its revised and restated stipulation and settlement agreement.
Following this, the PSC will begin its Cost Recovery Clause hearings to determine 2018 cost recovery charges for customers of Florida’s five investor-owned utilities.
The hearings are scheduled for the following times and location:
Wednesday, October 25, 2017
DEF Limited Proceeding
Betty Easley Conference Center
Joseph P. Cresse Hearing Room (Room 148)
4075 Esplanade Way
The Cost Recovery Clause hearings will begin after the DEF hearing concludes. In addition, October 26-27, 2017, are reserved to continue the hearing, if needed. The starting time of the next day’s session will be announced at the conclusion of each day.
The hearings will be broadcast on the Florida Channel (check your local listings) and is available online at www.floridapsc.com (look for the “Watch Live Broadcast” icon on the left side of the web page).
For additional information, visit www.floridapsc.com.
Attorney General Pam Bondi, 48 other state attorneys general and the District of Columbia today announced a $120 million consumer protection settlement with General Motors Company regarding allegations that GM concealed safety issues related to ignition-switch-related defects in GM vehicles. The settlement concludes a multistate investigation into the auto manufacturer’s failure to timely disclose known safety defects in several models of GM vehicles.
In 2014, GM issued seven vehicle recalls in response to unintended key-rotation-related and ignition-switch-related issues that affected more than nine million vehicles in the United States. The recalls involved a defective ignition switch that, under certain conditions, could move out of the run position to the accessory or off position. If this occurred, the driver experienced a loss of electrical systems, including power steering and power brakes. If a collision occurred while the ignition switch was in the accessory or off position, the vehicle’s safety airbags may have also fail to deploy, increasing the risk of serious injury or death in certain types of crashes in which the airbag was otherwise designed to deploy.
Certain employees of GM and General Motors Corporation, which went through bankruptcy in 2009, allegedly knew as early as 2004 that the ignition switch posed a safety defect because it could cause airbag non-deployment. Despite this knowledge, GM personnel decided the defect was not a safety concern and delayed making recalls. GM continued to market the reliability and safety of motor vehicles equipped with this defective ignition switch.
As part of a consent judgment, GM will:
- Not represent that a motor vehicle is safe unless GM complied with the Federal Motor Vehicle Safety standards applicable to the motor vehicles;
- Not represent that certified pre-owned vehicles are safe, repaired for safety issues or have been subject to rigorous inspection, unless such vehicles are not subject to any open recalls relating to safety or have been repaired pursuant to such a recall;
- Instruct dealers that all applicable recall repairs must be completed before any GM motor vehicle sold in the U.S. and included in a recall is eligible for certification; and
- If there is a recall on any certified pre-owned vehicle sold in the U.S., the required repair must be completed before the vehicle is delivered to a customer.
As part of the consumer protection settlement, GM also agreed to pay the participating attorneys general a total of $120 Million, of which Florida’s share is more than $6 million.The settlement is pending judicial approval.
To view a copy of the settlement, click here.
Attorney General Pam Bondi, 31 other state attorneys general and the District of Columbia today announced a $5.5 million settlement reached with Nationwide Mutual Insurance Company and its subsidiary, Allied Property & Casualty Insurance Company, concerning an October 2012 data breach. The data breach resulted in the loss of personal information belonging to 1.27 million consumers, including their Social Security numbers, driver’s license numbers, credit scoring information and other personal data. Nationwide collected this personal information to provide insurance quotes to consumers applying for insurance. Nationwide’s alleged failure to apply a critical security patch led to the loss of the personal information.
The settlement requires Nationwide to take a number of steps to both generally update security practices and to ensure the timely application of patches and other updates to security software. Nationwide must also hire a technology officer responsible for monitoring and managing software and application security updates. The tech officer will supervise employees responsible for evaluating and coordinating the maintenance, management and application of all security patches and software and application security updates.
Nationwide agrees to take steps during the next three years to strengthen its security practices, including:
- Updating procedures and policies relating to the maintenance and storage of consumers’ personal data;
- Conducting regular inventories of the patches and updates applied to its systems, performing internal assessments of patch management practices and hiring an independent provider to perform annual audits; and
- Maintaining and utilizing system tools to monitor the health and security of systems used to maintain personal information.
Many of the consumers affected by the data breach never became Nationwide insured, but the company retained these consumers’ data to more easily provide the consumers re-quotes at a later date. The settlement requires Nationwide to be more transparent about data collection practices by requiring the disclosure to consumers that Nationwide retains personal information even if the consumers do not become customers.
In addition to Florida, a lead state in the investigation, participants in the settlement include: Alaska, Arizona, Arkansas, Connecticut, Hawaii, Illinois, Indiana, Iowa, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Mississippi, Missouri, Montana, Nebraska, Nevada, New Jersey, New Mexico, New York, North Carolina, North Dakota, Oregon, Pennsylvania, Rhode Island, South Dakota, Tennessee, Texas, Vermont, Washington and the District of Columbia.
To view a copy of the settlement, click here.
Attorney General Pam Bondi and 42 other attorneys general today announced a multimillion dollar settlement with Johnson & Johnson and Johnson & Johnson Consumer, Inc. resolving allegations that the company unlawfully promoted over-the-counter drugs. According to the complaint filed simultaneously with the states’ consent judgment today, the defendants misled consumers into believing they were purchasing drugs manufactured in an FDA compliant facility. As part of the settlement, Florida will receive more than $1.6 million.
“When a consumer purchases over-the-counter drugs, they should be able to trust that the medication is produced in a safe facility,” said Attorney General Bondi. “Thanks to collaborative multistate efforts, this settlement will help us better protect consumers buying OTC drugs across the country.”
The consent judgment requires McNeil-PPC, Inc., a division of Johnson & Johnson Consumer, Inc. that manufactures and distributes OTC drugs, to ensure that its marketing and promotional practices do not unlawfully promote OTC drug products. According to the multistate investigation, the defendants acted through McNeil to promote OTC drugs as compliant with federally mandated current Good Manufacturing Practices. The Food and Drug Administration, however, found that, between 2009 and 2011, some McNeil manufacturing facilities did not comply with the mandated practices. McNeil has changed from a wholly-owned subsidiary of Johnson & Johnson to a division of Johnson & Johnson Consumer, Inc.
As part of the settlement, the defendants are required to conform to the following terms:
- Provide information to participating attorneys general within 60 days of a written request regarding the identity of wholesalers or warehouses where any recalled OTC drugs were distributed in their state;
- Ensure not to represent on its websites that McNeil’s OTC Drug Product facilities meet cGMP as outlined by the FDA if McNeil has had a Class I or Class II Recall of OTC drug products within the prior 12 months; and
- Follow internal standard operating polices regarding whether to open a Corrective Action and Preventive Action plan during the manufacture of an OTC drug.
To view a copy of the consent judgment, click here.
To view a copy of the complaint, click here.
Florida served on the executive committee investigating the defendants’ practices. The following also participated in the settlement: Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Hawaii, Idaho, Illinois, Indiana, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Vermont, Virginia, Washington, West Virginia, Wisconsin and the District of Columbia.
This settlement is pending judicial approval.
Attorney General Pam Bondi and 47 other attorneys general are announcing the largest multistate data breach settlement achieved to date. The $18.5 million settlement with Target Corporation resolves the states’ investigation into the retail company’s 2013 data breach that affected more than 41 million customer payment card accounts and contact information for more than 60 million customers. Florida served on the executive committee for the investigation.
“This data breach jeopardized the financial information of millions of Target customers in Florida and across the nation,” said Attorney General Bondi. “Under our multistate settlement announced today, Target consumers are now better protected from cyberattacks.”
The states’ investigation found that cyber attackers accessed Target’s gateway server through credentials stolen from a third-party vendor. The attackers used the credentials to exploit weaknesses in Target’s system that allowed access to a customer service database, installation of malware on the system and the capture of data. Consumer data included full names, telephone numbers, email addresses, mailing addresses, payment card numbers, card expiration dates, CVV1 codes and encrypted debit PINs.
In addition to the monetary payment to the states, the settlement agreement requires Target to develop, implement and maintain a comprehensive information security program and to employ an executive or officer responsible for executing the plan. The company is also required to hire an independent, qualified third-party to conduct a comprehensive security assessment.
As part of the settlement, Target is required to implement security measures including:
- Maintain and support software on its network;
- Segment its cardholder data environment from the rest of its computer network;
- Maintain appropriate encryption policies, particularly as it pertains to cardholder and personal information data; and
- Undertake steps to control access to its network, including implementing password rotation policies and two-factor authentication for certain accounts.
In addition to Florida, the following participated in this settlement: Alaska, Arizona, Arkansas, California, Colorado, Connecticut, Delaware, Georgia, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington and West Virginia and the District of Columbia.
To view a copy of the settlement, click here.
Attorney General Pam Bondi and the Federal Trade Commission announced a settlement with several related debt relief and credit repair services companies and their principal. The settlement resolves allegations that Chastity Valdes and her companies, Consumer Assistance LLC, Consumer Assistance Project Corp. and Palermo Global LLC, engaged in unlawful debt relief operations targeting student loan holders. Among other things, the settlement bans the defendants from operating in the debt relief and credit repair industries.
In 2016, Attorney General Bondi’s Office and the FTC filed a joint lawsuit against Valdes and her companies, alleging the defendants took illegal up-front fees in return for their purported debt relief and credit repair services. According to the complaint, the defendants allegedly falsely claimed these services reduced consumers’ student loan debt and repaired consumers’ credit. The complaint also asserted violations of the Florida Deceptive and Unfair Trade Practices Act, the FTC Act, the Telemarketing Sales Rule and the Credit Repair Organizations Act.
As part of the settlement, the defendants are banned from selling debt relief and credit repair services and prohibited from making material misrepresentations about any products or services. The defendants are also barred from misrepresenting endorsements, profiting from consumers’ personal information and failing to dispose of personal information properly.
The order also imposes a judgment of more than $2.3 million, which will be suspended upon the surrender of virtually all of the defendants’ assets. If the defendants are found to have misrepresented their financial condition, the full judgment will become due immediately.
To view the stipulated order, click here.
To view the motion for preliminary injunction against Valdes and her companies, click here, and for the complaint, click here.
Attorney General Pam Bondi today filed an enforcement motion against ITG Brands, LLC f/k/a Lignum-2 LLC (ITG) and R.J. Reynolds Tobacco Company (RJR) to enforce the explicit terms of the tobacco settlement agreement dated Aug. 25, 1997. That agreement resolved Florida’s landmark 1995 lawsuit against RJR and the other major tobacco companies seeking relief from decades of past unlawful actions relating to the marketing and sale of cigarettes.
Pursuant to that agreement, RJR and the other major tobacco companies agreed to make annual payments to Florida of several hundred million dollars, in perpetuity. The annual payments compensate Florida for the past and future public health care expenses from its citizens’ consumption of the settling defendants’ cigarettes.
RJR recently sold three of its most iconic cigarette brands, Winston, Kool and Salem, along with a legacy Lorillard Tobacco Company brand, Maverick, to ITG for $7 billion. These four brands accounted for approximately 17 billion cigarettes sold in 2016, eight percent of the domestic tobacco market.
RJR has refused to include the sales of these cigarette brands when making annual payments to Florida, despite not having been released from its payment obligations. ITG has similarly refused to make any payment to Florida even after agreeing with RJR to assume the payment obligations for these iconic brands. The exact same cigarette brands continue to be sold to Floridians, thus imposing the very public health care expenditures that the settlement payments are intended to compensate.
“The sale of major, pre-existing tobacco brands to another company for billions of dollars does not cause the payment obligations to vanish like a puff of smoke,” said Attorney General Bondi. “I look forward to the state obtaining prompt relief.”
According to the enforcement motion, both RJR and ITG are liable for millions of dollars of missed payments to Florida on these brands. The motion seeks the entry of an order requiring payment to Florida for the past and future sales of these cigarettes and directing RJR and ITG to provide the necessary information to accurately calculate the amounts owed pursuant to reporting requirements under the settlement agreement.
To view a copy of the enforcement motion, click here.