On Thursday, the Federal Trade Commission (FTC) announced that it reached a settlement with Vivint Smart Homes Inc., a smart home security and monitoring company, thus settling claims that the company “misused credit reported to help unqualified customers obtain financing for the company’s products and services.”
Previously, the United States, acting on behalf of the FTC, filed a complaint in the District of Utah against Vivint, alleging that Vivint violated the Fair Credit Reporting Act (FCRA) by improperly obtaining credit reports in order to qualify potential customers for financing for its smart home monitoring and security products. The FTC also averred that Vivint violated its Red Flags Rule because it failed to implement an identity theft prevention program as required for companies that regularly use or obtain credit reports. The agency claimed that Vivint used door-to-door salespeople who worked on a commission basis to sell the company’s products and services.
According to the complaint, in order to proceed in the sale, a customer must meet the credit requirement, thus if a customer did not qualify then the sales representative could not proceed; however, sales representatives employed two means to circumvent the credit requirement qualification if a prospective customer failed to qualify on their own: “white paging” and “adding impermissible co-signers.”
Reportedly, some of the company’s sales representatives would use a “white paging” process whereby they would find a consumer with the same or similar name on White Pages and use that unrelated consumer’s credit history to qualify the prospective unqualified customer. Alternatively, according to the FTC, Vivint sales representatives also may have asked customers to provide them with the name of someone, such as a relative, who had better credit; that third party was unknowingly added as a co-signer to the unqualified customer’s account without permission. As a result, the third party’s credit history was used to qualify the unqualified prospective customer. The FTC added that Vivint was aware of this issue and terminated sales representatives over this conduct, but it rehired some shortly after.
The FTC asserted that if unqualified customers ended up qualifying because of this alleged scheme but then defaulted on their loans, the innocent third party would be referred to Vivint’s debt buyer, “thus implicating the innocent individual’s credit standing and causing them to be pursued by debt collectors.” Furthermore, many of these third parties complained to the FTC that they were victims of identity theft after they were contacted by Vivint’s debt collectors.
“Vivint’s sales staff stole people’s personal information to approve others for loans,” Daniel Kaufman, acting director of the FTC’s Bureau of Consumer Protection, said in a press release. “For misusing consumer credit reports and other sensitive data, and harming people’s credit, this company will pay $20 million.”
Under the proposed settlement, Vivint will pay a $15 million civil penalty and another $5 million to compensate harmed consumers (those improperly contacted by debt collectors). The commission noted that this is the largest FCRA monetary judgment for the FTC. Additionally, pursuant to the proposed settlement, Vivint must implement an employee monitoring and training program, an identity theft prevention program, and a customer service task force to verify that accounts belong to the correct customer before referring accounts to debt collectors, as well as help customers who were wrongly referred to debt collectors. Furthermore, Vivint must have an independent third party perform biennial assessments to ensure FCRA compliance. The company also is barred from further engaging in the alleged conduct and must adhere to an oversight and annual certification requirement, among other things.
The FTC’s vote to authorize the Department of Justice to file the complaint and approve the stipulated final order was 4-0.