Consumer Financial Protection Bureau v. The Source for Public Data, LP
Filing
26
MEMORANDUM OPINION AND ORDER: The Court GRANTS the Consumer Financial Protection Bureau's 1 Petition to Enforce Civil Investigative Demand. (Ordered by Magistrate Judge David L. Horan on 6/6/2017) (twd)
<![CDATA[
IN THE UNITED STATES DISTRICT COURT
NORTHERN DISTRICT OF TEXAS
DALLAS DIVISION
CONSUMER FINANCIAL
PROTECTION BUREAU,
Petitioner,
V.
THE SOURCE FOR PUBLIC
DATA, LP,
Respondent.
§
§
§
§
§
§
§
§
§
§
§
No. 3:17-mc-16-G-BN
MEMORANDUM OPINION AND ORDER
The Consumer Financial Protection Bureau has filed a Petition to Enforce Civil
Investigative Demand. See Dkt. No. 1. Senior United States District Judge A. Joe Fish
referred this petition to the undersigned United States magistrate judge for
determination under 28 U.S.C. § 636(b). See Dkt. No. 5.
As the petition explains,
[o]n January 5, 2017, the Consumer Financial Protection Bureau
(Bureau) issued a civil investigative demand (CID) to The Source for
Public Data, L.P. (Public Data). The CID was issued as part of a
nonpublic investigation to determine whether consumer reporting
agencies, persons using consumer reports, or other persons have engaged
or are engaging in unlawful acts and practices in connection with the
provision or use of public records information in violation of the Fair
Credit Reporting Act, 15 U.S.C. §§ 1681 et seq., Regulation V, 12 C.F.R.
Part 1022, or any other federal consumer financial law. The CID required
Public Data to produce documents and provide answers to interrogatories
and a written report by February 16, 2017.
On January 25, 2017, pursuant to the Bureau’s rules, Public Data
filed a petition to set aside or modify its CID. The Bureau denied the
petition on February 14, 2017, and the Bureau served the order on Public
Data on February 16, 2017. That order directed Public Data to comply
-1-
with the CID within 10 calendar days. The order also invited Public Data
to engage in further discussions with Bureau staff about modifying the
CID.
Public Data has not complied with the CID. Accordingly, the
Bureau petitions this Court for an order requiring Public Data to comply
with its CID.
Dkt. 1 at 1-2. More specifically, the Bureau’s petition asks the Court to enter “[a]n
order directing Public Data to show cause why it should not be required to comply with
the CID” and, “[a]fter Public Data’s response to the order to show cause, an order
directing Public Data to comply with the CID within ten days of the order or at a later
date as may be established by the Court or the Bureau.” Id. at 3; see also Dkt. No. 2 at
5-6.
“In support of this petition, the Bureau has filed a memorandum of law with
exhibits [Dkt. No. 2], including the Declaration of Erin Mary Kelly,” who is “an
Enforcement Attorney in the Consumer Financial Protection Bureau’s (Bureau) Office
of Enforcement” and “the lead attorney on an investigation to determine whether
consumer reporting agencies, persons using consumer reports, or other persons have
engaged or are engaging in unlawful acts and practices in connection with the
provision or use of public records information in violation of the Fair Credit Reporting
Act, 15 U.S.C. §§ 1681 et seq., Regulation V, 12 C.F.R. Part 1022, or any other ‘Federal
consumer financial law’ as defined by 12 U.S.C. § 5481(14).” Dkt. No. 2-1 at 1.
The Court issued an Order to Show Cause, and Public Data filed a response, see
Dkt. No. 15, and a notice of supplemental authority in support of its opposition to the
petition, see Dkt. No. 17, and the Bureau has filed a reply, see Dkt. No. 16.
-2-
The Court held a show cause hearing on April 26, 2017, at which the Bureau’s
counsel and Public Data’s counsel appeared. See Dkt. Nos. 20, 24.
After the hearing, the Bureau filed a Notice of Supplemental Authority. See Dkt.
No. 21. Public Data filed a response, see Dkt. No. 22, and the Bureau filed a reply, see
Dkt. No. 23. The Bureau subsequently filed a Second Notice of Supplemental
Authority. See Dkt. No. 25.
For the reasons and to the extent explained below, the Court GRANTS the
Bureau’s Petition to Enforce Civil Investigative Demand [Dkt. No. 1].
Background
The Bureau’s petition explains that
[o]n January 5, 2017, the Bureau issued a CID to Public Data, a company
that purchases or obtains public records from governmental entities and
provides its users with access to these records via an internet website for
a fee. The Bureau issued the CID as part of its investigation into possible
violations of the Fair Credit Reporting Act (FCRA), 15 U.S.C. §§ 1681 et
seq., Regulation V, 12 C.F.R. Part 1022, or any other federal
consumer-financial laws. The CID requires Public Data to respond to
fifteen document requests, fourteen interrogatories, and one
written-report request.
On January 25, 2017, Public Data petitioned the Bureau to set
aside the CID (Petition). The Bureau denied the Petition on February 14,
2017, issuing an order that directed Public Data to produce “all
responsive documents, items, and information within its possession,
custody, or control that are covered by the CID” within 10 days. The order
also invited Public Data to engage in further discussions with Bureau
staff about modifying the CID. The Bureau served the order on Public
Data on February 16, 2017.
Public Data has not responded to any of the CID requests. On
March 6, 2017, Bureau counsel conferred with counsel for Public Data,
Keith Barnett of Troutman Sanders, LLP. Counsel stated that Public
Data did not intend to comply with the Bureau’s CID. As of March 6,
2017, Public Data has not complied with the CID.
....
-3-
The law is well-settled that administrative agencies should be
given wide latitude in exercising their power to investigate by subpoena,
including investigating by CID. It is also well-settled that the
requirements for judicial enforcement are minimal. As a general rule,
courts will enforce an administrative subpoena if (1) the subpoena is
within the statutory authority of the agency, (2) the information sought
is reasonably relevant, and (3) the demand is not unreasonably broad or
burdensome. These three criteria are readily met here.
Dkt. No. 2 at 2, 3 (footnotes omitted).
The Bureau asserts that
[t]he Consumer Financial Protection Act of 2010 (CFPA) gives the Bureau
authority to issue CIDs and to enforce them in federal district court. CIDs
are a type of investigative, administrative subpoena. The Bureau may
initiate a proceeding to enforce a CID by filing a petition to the federal
district court where the CID recipient “resides, is found, or transacts
business” for an order to enforce the CID. Because the Bureau has
authority to issue the CID, and the Court has authority to enforce it, the
Bureau respectfully requests that this Court order Public Data to show
cause as to why it should not be required to comply with the CID and,
thereafter, enter an order requiring compliance.
....
[T]he CID falls squarely within the Bureau’s authority. The CFPA
broadly authorizes the Bureau to investigate violations of federal
consumer-financial laws, including the Fair Credit Reporting Act and
Regulation V, and to issue a CID to “any person” the Bureau “has reason
to believe ... may be in possession, custody, or control of ... any
information, relevant to a violation.” Here, the Bureau followed all
applicable procedural requirements for the issuance of a CID. The CID
was issued by a Deputy Assistant Director of the Office of Enforcement
and included a Notification of Purpose advising Public Data of the nature
of the conduct being investigated. The CID was served by a Bureau
investigator on Public Data’s registered agent via certified US Mail,
return receipt requested. The CID seeks information to determine
whether consumer reporting agencies, persons using consumer reports,
or other persons have engaged or are engaging in unlawful acts and
practices in connection with the provision or use of public records
information in violation of the Fair Credit Reporting Act, 15 U.S.C. §§
1681 et seq., Regulation V, 12 C.F.R. Part 1022, or any other federal
consumer financial law. Such an investigation is plainly an acceptable
use of the Bureau’s authority under the CFPA. Moreover, it is well-settled
-4-
that “agencies should remain free to determine, in the first instance, the
scope of their own jurisdiction when issuing investigative subpoenas.” An
agency such as the Bureau “has a power of inquisition ... [and] can
investigate merely on suspicion that the law is being violated, or even just
because it wants assurance that it is not.”
Second, the information the Bureau seeks is relevant and material
to its investigation. Courts traditionally give wide latitude in determining
relevance in the context of an administrative subpoena, which must be
enforced if the information sought could be pertinent to a legitimate
agency inquiry. An agency request is relevant as long as it is “not plainly
incompetent or irrelevant to any lawful purpose” of the agency. Here, the
Bureau seeks materials as part of its investigation into whether the
FCRA, Regulation V, and other federal consumer-financial laws have
been violated in connection with the provision or use of public records
information. Each request in the CID relates to Public Data’s role in use
or provision of public records. The information the Bureau seeks is
relevant and material to the Bureau’s inquiry into whether the laws the
Bureau enforces have been violated in connection with the provision or
use of public records information. Among other information, the Bureau
has requested information about Public Data’s: operations and structure;
the products and services it offers; form contracts with its users; policies
and procedures; data collection relating to the use or provision of public
records information; databases and systems used in the provision of
public records information; and information regarding consumer disputes
about public records information.
Finally, the CID is not overly broad or unduly burdensome. The
Bureau met with Public Data on January 17, 2017 for a meet-and-confer
to discuss any possible modifications to the CID. Public Data did not
make any specific requests to modify the requests, nor did it claim that
the CID was overly burdensome. The Bureau fashioned the requests
specifically to determine whether consumer reporting agencies, persons
using consumer reports, or other persons may have violated the FCRA or
other federal consumer-financial laws. The Bureau focused the requests
on materials that should be readily producible and Public Data does not
contend otherwise. Further, when the Bureau Director denied Public
Data’s Petition to Modify the CID, the order invited Public Data to
engage with the Enforcement team to suggest modifications. To date,
Public Data has not asked for any changes to reduce the breadth or
burden of responding to the CID.
Dkt. No. 2 at 1, 3-5 (footnotes omitted).
In opposition to the petition, Public Data provides its own procedural history:
-5-
On January 5, 2017, the CFPB mailed its improperly issued CID
to Public Data. The CID was received by Public Data on January 9, 2017.
The CID provided the following inadequate and nonspecific Notification
of Purpose under 12 C.F.R. § 1080.5:
The purpose of this investigation is to determine whether
consumer reporting agencies, persons using consumer
reports, or other persons have engaged or are engaging in
unlawful acts and practices in connection with the provision
or use of public records information in violation of the Fair
Credit Reporting Act, 15 U.S.C. § 1681, et seq., Regulation
V, 12 C.F.R. Part 1022, or any other federal consumer
financial law. The purpose of this investigation is also to
determine whether Bureau action to obtain legal or
equitable relief would be in the public interest.
On January 17, 2017, Public Data’s attorney met and conferred
with the CFPB via teleconference about the defective CID in accordance
with 12 C.F.R. § 1080.6(c). At this conference, Public Data’s counsel
advised the CFPB that it lacked jurisdiction over Public Data, that the
Notification of Purpose stated in the CID was inadequate, and that the
CID was grossly overbroad, especially since Public Data was not a CRA.
Public Data also inquired into the factual basis for the CFPB’s
investigation as it had not received any client or employee complaints,
and was unaware of any other grounds for such an invasive and
sweepingly broad investigation. The CFPB refused to provide any
substantive response and further would not consider any modifications
to or narrowing of the CID. Accordingly, Public Data informed that it
would be filing a petition to modify or set aside the CID, which it
subsequently submitted on January 25, 2017.
On February 16, 2017, the CFPB’s Director denied Public Data’s
Petition, seemingly as a matter of course, and issued a short,
approximately three-page boilerplate decision and order directing Public
Data to simply comply with the CID. On March 6, 2017, the CFPB
conferred with Public Data’s counsel who advised that Public Data would
not comply with the CFPB’s improperly issued CID.
On March 6, 2017, the CFPB filed the instant Petition to enforce
the CID against Public Data.
Dkt. No. 15 at 7-8.
Public Data asserts that the Bureau
improperly issued an unwarranted and extremely invasive Civil
Investigative Demand (“CID”) to Respondent, The Source for Public Data,
-6-
L.P. (“Respondent” or “Public Data”), seeking information on all of Public
Data’s employees, contractors, clients, databases, confidential and
proprietary technologies, policies, procedures, products, and services, as
well as its parent and related companies and subsidiaries.
However, to date, the CFPB has provided no reason or justification
for issuing the sweepingly overbroad and thus burdensome CID. Public
Data has requested that the CFPB provide any legal or factual basis for
imposing such an enormous burden on Public Data’s business, but the
CFPB has refused to do so. The CFPB has not informed Public Data of
any complaints filed against it (which the CFPB would generally
disclose), and Public Data is not aware of any complaints or other
grounds that would support the instant investigation, let alone the
involvement of the CFPB which does not even have jurisdiction over
Public Data. See, e.g., U.S. v. Morton Salt Co., 338 U.S. 632, 652 (1950)
(CIDs should not be enforced if they demand information that is (a) not
“within the authority of the agency,” (b) “too indefinite,” or (c) not
“reasonably relevant to the inquiry.”).
The only explanation provided to date is the vague and incomplete
Notice of Purpose included by the CFPB in its CID stating that the
investigation relates to the CFPB’s jurisdiction under the Fair Credit
Reporting Act (“FCRA”) or “any other federal consumer financial law.”
The CFPB, however, fails to recognize Public Data is not subject to the
FCRA, and therefore the CFPB does not have jurisdiction over Public
Data. Indeed, the U.S. District Court for the Southern District of Texas
has already ruled that Public Data is not a consumer reporting agency
(“CRA”) and therefore Public Data is not subject to the FCRA. Wilson v.
The Source for Public Data, L.P., 4:12-cv-00185 (S.D. TX. 2013),
Memorandum and Order (Dkt. No. 36). Specifically, the District Court in
Wilson granted Public Data’s Motion for Summary Judgment, after
substantial discovery had been conducted in the case, finding that Public
Data simply generates search results and does not have or prepare any
consumer “files” subject to the FCRA. Id. at p. 8. Indeed, Public Data does
not create, use, or maintain consumer reports or files, nor does it provide
or participate in the provision of any financial product or service. Instead,
Public Data is essentially a “Google-like” search engine for public records,
no different from the access that courts provide to records through Pacer
and the like. If Public Data is governed by the FCRA, then so too is Pacer
and any other web-based access point offered by government agencies –
a result clearly not intended by Congress. As such, there is no basis on
which the CFPB may exercise jurisdiction over Public Data under either
the FCRA or any other “federal consumer financial law.”
Public Data has repeatedly advised the CFPB of these facts and of
the U.S. District Court precedent. The CFPB still maintains, without any
-7-
legal authority or further explanation, that it may nevertheless exercise
unlimited jurisdiction over Public Data. The CFPB has completely failed
to address this threshold issue in its Petition, and has not presented any
evidence, argument, or other authority as to why the CFPB can ignore
the Wilson court’s holding that Public Data is not subject to the FCRA.
Public Data’s public records search functions have not materially changed
since the court’s holding in Wilson, thus the finding still holds true. The
CFPB’s Petition should be denied for this reason alone.
Notwithstanding the above jurisdictional defects, even if the CFPB
could somehow exercise jurisdiction, the CID is fundamentally defective.
The CID fails to adequately state the nature of the conduct underlying
the investigation into Public Data as required by statute and is therefore
too indefinite. Morton Salt, supra, 338 U.S. at 652 (CIDs should be
quashed if “too indefinite.”) The CID’s requests are also grossly overbroad
and demonstrate a misunderstanding of the nature of Public Data’s
business. Because Public Data is not a CRA, the requests which assume
Public Data is a CRA are fundamentally flawed and are not reasonably
relevant to any authorized inquiry.
Ultimately, this is an action involving the clear over-stepping of a
federal agency outside the boundaries of its established authority. The
CFPB’s Petition and supporting memorandum concede this fact as not a
single sentence therein substantively addresses the above-referenced
issues, all of which were raised in the parties’ prior meet and confer
conference as well as in Public Data’s prior Petition to Set Aside or
Modify the CID. Instead, the CFPB’s petition is comprised of only
boilerplate and conclusory contentions that insist, without any legal or
factual support or analysis, that Public Data must simply defer to the
CFPB’s authority and comply with the CID. This is not the law, especially
in light of the U.S. District Court’s holding in Wilson that Public Data is
not subject to the FCRA. Wilson, supra, 4:12-cv-00185 (S.D. TX. 2013).
For these reasons, the CID was improperly issued and the Petition to
enforce the CID must be denied.
Id. at 1-3 (emphasis removed).
The Bureau replies that
[t]he question before the Court is whether to enforce the Bureau’s civil
investigative demand (CID). Respondent argues that the CID is
unenforceable, primarily by raising premature substantive defenses
about the Bureau’s authority to enforce consumer protection laws against
it – an issue that is irrelevant to the Court’s inquiry. The Bureau may
issue a CID to any person to gather facts to inform itself about whether
-8-
unlawful conduct has occurred and whether the Bureau should take
action to address it. Because the CID meets the applicable standard, and
the Bureau’s jurisdiction is not “plainly lacking,” the Court should enforce
the CID.
Dkt. No. 16 at 1.
In a notice of supplemental authority, Public Data submitted a copy of a decision
of the United States Court of Appeals for the District of Columbia in Consumer
Financial Protection Bureau v. Accrediting Council for Independent Colleges and
Schools (ACICS), 854 F.3d 683 (D.C. Cir. 2017), and argued that, where “the Court of
Appeals affirmed the District Court’s denial of the CFPB’s Petition to enforce a civil
investigative demand (‘CID’) issued against ACICS” and “noted that the CID’s
‘Notification of Purpose’ did not comply with the governing statute, 12 U.S.C. §
5562(c)(2), and that it ‘fail[ed] to state adequately the unlawful conduct under
investigation or the applicable law,’” and where “[t]he CFPB’s defective Notification of
Purpose in the ACICS CID is essentially identical to its Notification of Purpose in the
CID in this action directed to Public Data,” “the D.C. Circuit Court of Appeals’ Opinion
in the ACICS case supports its Opposition to the CFPB’s Petition to enforce the CID
in this action, and the CFPB’s Petition should be denied in its entirety.” Dkt. No. 17
at 1-2.
Legal Standards
The United States Court of Appeals for the D.C. Circuit very recently
summarized the statutory background of a petition by the Bureau to enforce a civil
investigative demand:
-9-
Congress enacted the Dodd-Frank Wall Street Reform and
Consumer Protection Act (“Dodd-Frank Act”) in the wake of the financial
crisis of 2008 and 2009. State Nat’l Bank of Big Spring v. Lew, 795 F.3d
48, 51 (D.C. Cir. 2015) (citing Pub. L. No. 111-203, 124 Stat. 1376 (2010)).
Title X of the Dodd-Frank Act—the Consumer Financial Protection Act
(“CFPA”) – established the Consumer Financial Protection Bureau to
“regulate the offering and provision of consumer financial products or
services under the Federal consumer financial laws,” 12 U.S.C. § 5491(a),
and “to implement and ... enforce Federal consumer financial law,” id. §
5511(a); see also id. §§ 5492(a), 5511(b)-(c). The “Federal consumer
financial law” that the CFPB enforces includes the CFPA and eighteen
pre-existing consumer protection statutes. Id. § 5481(12), (14); Morgan
Drexen, Inc. v. CFPB, 785 F.3d 684, 686–87 (D.C. Cir. 2015). Relevant to
our analysis, the CFPA prohibits “unfair, deceptive, or abusive act[s] or
practice[s] under Federal law in connection with any transaction with a
consumer for a consumer financial product or service, or the offering of
a consumer financial product or service.” 12 U.S.C. § 5531(a); see also id.
§ 5536(a)(1)(B). “Consumer financial product[s] or service[s]” include
consumer loans and debt collection activities. See id. § 5481(5), (15).
The CFPA vests the Bureau with broad “rulemaking, supervisory,
investigatory, adjudicatory, and enforcement authority....” Morgan
Drexen, 785 F.3d at 687 (citing 12 U.S.C. §§ 5512(b), 5514-5516, 55625564). One of the CFPB’s “primary functions” is to “supervis[e] covered
persons for compliance with Federal consumer financial law, and tak[e]
appropriate enforcement action to address violations of Federal consumer
financial law[.]” 12 U.S.C. § 5511(c)(4). Pursuant to its investigative
authority, the Bureau may issue CIDs requiring the production of
documents and oral testimony from “any person” that it believes may be
in possession of “any documentary material or tangible things, or may
have any information, relevant to a violation” of the laws that the Bureau
enforces. Id. § 5562(c)(1); see also 12 C.F.R. § 1080.6. CIDs allow the
Bureau to investigate and collect information “before the institution of
any proceedings.” 12 U.S.C. § 5562(c)(1). Each CID must “state the nature
of the conduct constituting the alleged violation which is under
investigation and the provision of law applicable to such violation.” Id. §
5562(c)(2); see also 12 C.F.R. § 1080.5. Because “CIDs are not
self-enforcing,” John Doe Co. v. CFPB, 849 F.3d 1129, 1131 (D.C. Cir.
2017), the CFPB must file a petition in federal court to enforce a CID if
a recipient refuses to comply, 12 U.S.C. § 5562(e)(1).
Consumer Fin. Prot. Bureau v. Accrediting Council for Indep. Colleges & Sch., 854 F.3d
683, 687-88 (D.C. Cir. 2017) (“ACICS”). More fully, 12 U.S.C. § 5562(c)(1) provides that,
-10-
“[w]henever the Bureau has reason to believe that any person may be in possession,
custody, or control of any documentary material or tangible things, or may have any
information, relevant to a violation, the Bureau may, before the institution of any
proceedings under the Federal consumer financial law, issue in writing, and cause to
be served upon such person, a civil investigative demand requiring such person to –
(A) produce such documentary material for inspection and copying or reproduction in
the form or medium requested by the Bureau; (B) submit such tangible things; (C) file
written reports or answers to questions; (D) give oral testimony concerning
documentary material, tangible things, or other information; or (E) furnish any
combination of such material, answers, or testimony.” The courts – and the parties
here – “have treated CIDs as a form of administrative subpoena.” ACICS, 854 F.3d at
688.
“Under the ‘reasonable relevance’ standard, courts will enforce an
administrative subpoena issued in aid of an investigation if: ‘(1) the subpoena is within
the statutory authority of the agency; (2) the information sought is reasonably relevant
to the inquiry; and (3) the demand is not unreasonably broad or burdensome.’” United
States v. Zadeh, 820 F.3d 746, 755 (5th Cir. 2016) (quoting United States v. Transocean
Deepwater Drilling, Inc., 767 F.3d 485, 488 (5th Cir. 2014) (footnote omitted)). In
previously affirming a district court’s decision to enforce an administrative subpoena,
the United States Court of Appeals has “noted that [t]he court’s inquiry is limited to
two questions: (1) whether the investigation is for a proper purpose and (2) whether the
documents the agency seeks are relevant to the investigation, essentially a tracking
-11-
of the reasonable relevance standard.” Id. at 756 (internal quotation marks and
footnote omitted).
The Fifth Circuit “has consistently recognized the summary nature of
administrative subpoena enforcement proceedings, and has made clear that when
reviewing an administrative subpoena, the court plays a strictly limited role. The
government need only make a prima facie showing under the reasonable relevance
standard, at which point the party opposing enforcement bears the heavy burden of
demonstrating that the government has not met this standard.” Zadeh, 820 F.3d at 757
(internal quotation marks and footnotes omitted). “The burden on the government...
can be fulfilled by a simple affidavit of an agent involved in the investigation.” Id. at
757-58 (internal quotation marks and footnote omitted). Thus, “‘[i]t is settled that the
requirements for judicial enforcement of an administrative subpoena are minimal.’”
United States v. Chevron U.S.A., Inc., 186 F.3d 644, 647 (5th Cir. 1999) (quoting
Burlington Northern Railroad Co. v. Office of Inspector General, Railroad Retirement
Board, 983 F.2d 631, 637 (5th Cir. 1993)). “Courts will not enforce an administrative
subpoena, however, if the above requirements are not met or if the subpoena was
issued for an improper purpose, such as harassment.” Burlington Northern, 983 F.2d
at 638.
The Fifth Circuit has explained that “an administrative agency’s power to issue
subpoenas as it performs its investigatory function is a broad-ranging one which courts
are reluctant to trammel. The agency ‘has a power of inquisition, if one chooses to call
it that, which is not derived from the judicial function. It is more analogous to the
-12-
Grand Jury, which does not depend on a case or controversy for power to get evidence
but can investigate merely on suspicion that the law is being violated, or even just
because it wants assurance that it is not. When investigative and accusatory duties are
delegated by statute to an administrative body, it, too, may inform itself as to whether
there is probable violation of the law.’” Sandsend Fin. Consultants, Ltd. v. Fed. Home
Loan Bank Bd., 878 F.2d 875, 878 (5th Cir. 1989) (quoting United States v. Morton Salt
Co., 338 U.S. 632, 642 (1950)).
Where the party opposing enforcement contends that the agency had no
authority to issue the administrative subpoenas because it lacks jurisdiction, the Fifth
Circuit has noted that “[a]n administrative agency’s authority is necessarily derived
from the statute it administers and may not be exercised in a manner that is
inconsistent with the administrative structure that Congress has enacted.”
Transocean, 767 F.3d at 489. But the inquiry focuses on whether the agency has
jurisdiction to investigate the subject of the investigation, not the subject of the
subpoena. See id. at 489-97; cf. Sandsend, 878 F.2d at 880, 881 (“[12 U.S.C. §] 481
limits only the class of people national bank examiners may examine; it does not, for
example, limit the class of people from whom national bank examiners may request
documents with a subpoena duces tecum. .... The FHLBB’s subpoena power extends to
the records of persons who, like Sandsend, are not directly associated with the target
of the FHLBB’s inquiry.”).
Analysis
Public Data opposes enforcement of the CID on four grounds. First, Public Data
-13-
argues that the Bureau exceeded its statutory authority in issuing the CID. Second,
Public Data argues that the Bureau lacks jurisdiction to issue the CID and,
specifically, that the Bureau does not have jurisdiction under either the Fair Credit
Reporting Act (“FCRA”) or any other federal consumer financial law. Third, Public
Data argues that the CID must be quashed because it fails to identify the nature of the
conduct under investigation as required by statute. Fourth, Public Data argues that
the CID should be quashed because it is grossly overbroad. At oral argument, the
dispute was narrowed to the issue of whether the Bureau has statutory authority to
issue the CID.
An administrative agency’s authority to issue subpoenas “is created solely by
statute.” ACICS, 854 F.3d at 690 (quoting Peters v. United States, 853 F.2d 692, 696
(9th Cir. 1988)). “Although the [Bureau] may define the boundary of its investigation
‘quite generally,’ it must comply with the terms of 12 U.S.C. § 5562(c)(2).” Id. (quoting
FTC v. Invention Submission Corp., 965 F.2d 1086, 1090 (D.C. Cir. 1992)).
Section 5562(c)(1) authorizes the Bureau to issue CIDs to “any person” who “may
be in possession, custody, or control of any documentary material or tangible things,
or may have any information, relevant to a violation” of federal consumer financial law.
12 U.S.C. § 5562(c)(1). “Federal consumer financial law” includes the Fair Credit
Reporting Act. See 12 U.S.C. §§ 5481(12), (14).
Section 5562(c)(2) mandates that each CID “state the nature of the conduct
constituting the alleged violation which is under investigation and the provision of law
applicable to such violation.” 12 U.S.C. § 5562(c)(2); see also 12 C.F.R. 1080.5. “Section
-14-
5562(c)(2) ensures that the recipient of a CID is provided with fair notice as to the
nature of the Bureau’s investigation. Because the validity of a CID is measured by the
purposes stated in the notification of purpose, the adequacy of the notification of
purpose is an important statutory requirement.” ACICS, 854 F.3d at 690 (citation
omitted).
The Bureau contends that Public Data waived its lack-of-specificity and notice
arguments by not raising them during the mandatory meet and confer process or in its
petition to set aside or modify the CID. As a general matter, courts have held that “[a]
party waives arguments that are not raised during the administrative process.” N.
Plains Res. Council, Inc. v. Surface Transp. Bd., 668 F.3d 1067, 1081 (9th Cir. 2013);
see also 12 C.F.R. § 1080.6(c)(3) (when reviewing petitions to set aside or modify a CID,
the Bureau “will consider only issues raised during the meet and confer process.”).
While the parties disagree on what issues Public Data raised during the meet and
confer process, Public Data challenged the specificity of the Notification of Purpose in
the CID in its motion to set aside or modify, and the Bureau addressed that issue in
its decision denying the order. See Dkt. No. 2-2 at 2. Public Data sufficiently alerted
the Bureau to its position and contentions, and the specificity and lack-of-notice
arguments were not waived.
Public Data relies heavily on the D.C. Circuit’s recent ACICS case to support its
argument that it is not subject to the FCRA. In that case, the Bureau issued a CID that
was identical to the one at issue here except that it was directed to “any entity or
person ... engaged ... or engaging in unlawful acts and practices in connection with
-15-
accrediting for-profit colleges” in violation of the Consumer Financial Protection Act.
ACICS, 854 F.3d at 690. The Court concluded that, “as written, the Notification of
Purpose fails to state adequately the unlawful conduct under investigation or the
applicable law.” Id.
To begin with, the CID describes “the nature of the conduct constituting
the alleged violation which is under investigation,” 12 U.S.C. § 5562(c)(2),
as simply “unlawful acts and practices in connection with accrediting forprofit colleges.” Granted a notification of purpose may use broad terms to
articulate an investigation’s purpose, but § 5562(c)(2) mandates that the
Bureau provide the recipient of the CID with sufficient notice as to the
nature of the conduct and the alleged violation under investigation. ...
[T]he CID in this case does not inform ACICS of the investigation’s
purpose. The Notification of Purpose defines the relevant conduct as
“unlawful acts and practices in connection with accrediting for-profit
colleges.” It never explains what the broad and non-specific term
“unlawful acts and practices” means in this investigation. Tellingly, in
attempting to explain the scope of its investigation, the Bureau merely
repeats the broad language used in the Notification of Purpose. As we
observed above, our review of the validity of a CID is governed by the
Morton Salt analysis. While that review is narrow, it is not without
content. As we noted in a subpoena enforcement proceeding involving a
different federal agency, “broad language used to describe th[e] purpose
makes it impossible to apply the other prongs of the Morton Salt test.” ...
We cannot determine, for example, whether the information sought in the
CID is reasonably relevant to the [Bureau’s] investigation without
knowing what “unlawful acts and practices” are under investigation. That
is to say, where, as in this case, the Notification of Purpose gives no
description whatsoever of the conduct the CFPB is interested in
investigating, we need not and probably cannot accurately determine
whether the inquiry is within the authority of the agency and whether
the information sought is reasonably relevant.
Id. at 690-91 (citations omitted). The ACICS Court also noted the Bureau’s recognition
that it lacked statutory authority over the accreditation process of for-profit colleges.
See id. at 691. The Court of Appeals found the Bureau’s interest in a “possible
connection” and “intersection” between the lending practices of ACICS-accredited
-16-
institutions and the accreditation process too tenuous, and the D.C. Circuit held that,
even if correct, the interest did not appear on the face of the Notification of Purpose.
Id. The Court of Appeals explained that, “[w]hile the Bureau may be correct in noting
that it need not speculate as to ‘the precise character of [the] possible violations’ its
investigation might uncover, it is required by statute to adequately inform ACICS of
the link between the relevant conduct and the alleged violation” and that “the
Notification of Purpose ‘says nothing’ about this potential link.” Id. (footnote and
citation omitted). And, the ACICS Court determined,
[t]he CID’s description of “the provision of law applicable to such
violation,” 12 U.S.C. § 5562(c)(2), is similarly inadequate. The
Notification of Purpose identifies 12 U.S.C. §§ 5531 and 5536, as well as
“any other Federal consumer financial protection law,” as the applicable
laws. Sections 5531 and 5536 set forth the CFPA's general prohibition of
unfair, deceptive, or abusive acts and practices in connection with
transactions involving consumer financial products and services. See id.
§§ 5531(a), 5536(a)(1)(B). These provisions “stand[ ] broadly alone” in the
Bureau's Notification of Purpose, especially considering the Bureau's
failure to adequately state “the specific conduct under investigation,” and
thus tell ACICS nothing about the statutory basis for the Bureau's
investigation. The CFPA provides detailed definitions of “Federal
consumer financial law,” 12 U.S.C. § 5481(12), (14), and “[c]onsumer
financial product or service,” id. § 5481(5), (15), yet the CID contains no
mention of these definitions or how they relate to its investigation. The
inclusion of the uninformative catch-all phrase “any other Federal
consumer financial protection law” does nothing to cure the CID’s defects.
Congress limited the Bureau’s CID authority with § 5562(c)(2)’s notice
requirements, and framing the applicable law in such a broad manner
does not satisfy Congress’s clear directive.
Id. at 691-92 (citation omitted).
The D.C. Circuit concluded that the Notification of Purpose to ACICS did not
meet Section 5562’s statutory requirements and that, “were we to hold that the
-17-
unspecific language of this CID is sufficient to comply with the statute, we would
effectively write out of the statute all of the notice requirements that Congress put in.”
Id. at 692.
Public Data asserts that, just as in ACICS, based on the Notification of Purpose
in the CID issued here – which Public Data asserts does not give fair notice of what the
Bureau is investigating – the Court and Public Data are not in a position to
meaningfully analyze and argue the Morton Salt factors.
The Bureau responds that the CID here does not present the same issue as in
ACICS, where the Notification of Purpose in the CID to Public Data identifies specific
persons and specific conduct under specific statutes and laws. The Bureau argues that
the Notification of Purpose in ACICS, in contrast, did not provide notice of the nature
of the investigation and conduct at issue.
The CID to Public Data presents a closer case than the one in ACICS. The CID’s
Notification of Purpose states:
The purpose of this investigation is to determine whether consumer
reporting agencies, persons using consumer reports, or other persons
have engaged or are engaging in unlawful acts and practices in
connection with the provision or use of public records information in
violation of the Fair Credit Reporting Act, 15 U.S.C. §§ 1681m et seq.,
Regulation V, 12 C.F.R. Part 1022, or any other federal consumer
financial law. The purpose of this investigation is also to determine
whether Bureau action to obtain legal or equitable relief would be in the
public interest.
Dkt. No. 2-2 at 2.
Whereas, in ACICS, the D.C. Circuit noted the Bureau’s “recognition that it
lacks statutory authority over the accreditation process of for-profit colleges,” 854 F.3d
-18-
at 691, here the Bureau has broad statutory authority to investigate consumer
reporting agencies, see 12 U.S.C. §§ 5481(12), (14). The FCRA defines a “consumer
reporting agency” as
any person which, for monetary fees, dues, or on a cooperative nonprofit
basis, regularly engages in whole or in part in the practice of assembling
or evaluating consumer credit information or other information on
consumers for the purpose of furnishing consumer reports to third
parties, and which uses any means or facility of interstate commerce for
the purpose of preparing or furnishing consumer reports.
15 U.S.C. §1681(c)(f). And it defines a “consumer report ” as
any written, oral, or other communication of any information by a
consumer reporting agency bearing on a consumer’s credit worthiness,
credit standing, credit capacity, character, general reputation, personal
characteristics, or mode of living which is used or expected to be used or
collected in whole or in part for the purpose of serving as a factor in
establishing the consumers eligibility for (A) credit or insurance to be
used primarily for personal, family, or household purposes; (B)
employment purposes; or (C) any other purpose authorized under section
1681b of this title.
15 U.S.C. § 1681(c)(d)(1). The term “other persons” is not defined. See 15 U.S.C. §
1681(c).
Public Data’s counsel may believe that the statutory definition of a “consumer
reporting agency” is a mess and a lawyer’s dream, but the Bureau’s reference to it in
context, along with the persons and specific laws at issue and other details identified
in the Notification of Purpose, provides fair notice of an investigation with generally
defined boundaries and a purpose articulated in broad terms and complies with the
requirements that the Bureau adequately inform Public Data of the link between the
relevant conduct and the alleged violation. The Notification of Purpose in the CID to
-19-
Public Data therefore meets Section 5562(c)(2)’s statutory requirements.
Public Data further asserts that it is not subject to the FCRA because it is not
a consumer reporting agency. And Public Data has relied heavily on Wilson v. The
Source for Public Data, L.P., Civil Action No. H-12-0185, 2013 WL 12106128 (S.D. Tex.
April 30, 2013), for support. The plaintiff in that case sued Public Data for a violation
of Section 1681e(b) of the FCRA based on a search of her name through Public Data’s
website that revealed information concerning more than one person with the plaintiff’s
name. Section 1681e(b) “requires a consumer reporting agency preparing a consumer
report to ‘follow reasonable procedures to assure maximum possible accuracy of the
information concerning the individual about whom the report relates.’” Wilson, 2013
WL 12106128, at *2 (quoting 15 U.S.C. § 1681e(b) (emphasis in original)). The district
court in Wilson granted Public Data’s motion for summary judgment because Plaintiff
failed to present evidence that raised a genuine issue of material fact regarding
whether the result of a search of Public Data’s website contained “information
concerning” Plaintiff, as opposed to other persons with the same name, for the purposes
of her FCRA claim. See id. at *4. While instructive, Wilson arises in a different
procedural context and is not controlling.
Public Data also asserts that the Bureau lacks authority to issue the CID
because Public Data merely operates an internet website that allows users to conduct
searches for public records using search criteria selected by the customer and the
search results simply contain public record information for all public records that
match the customer’s search terms. Public Data further asserts that it does not alter,
-20-
assemble, or merge any records or make any determination as to whether a public
record is accurate or relates to a specific person. See Dkt. No. 15-2.
Although couched as a challenge to the Bureau’s jurisdiction, this argument
invites a fact-intensive inquiry into whether Public Data is a consumer reporting
agency. Because Public Data’s challenge concerns the “coverage” of the applicable
consumer financial statutes and the company’s compliance with the law, it cannot raise
this issue to prevent enforcement of the Bureau’s administrative subpoena. See
Consumer Fin. Prot. Bureau v. Future Income Payments, LLC, Case No. SACV 1700303-JLS (Ssx), 2017 WL 2190069, at *3 (C.D. Cal. May 17, 2017). Public Data is
raising a premature defense to an enforcement action, rather than a challenge to the
Bureau’s investigative authority. See Consumer Fin. Prot. Bureau v. Harbour Portfolio
Advisor, LLC, No. 16-14183, 2017 WL 631914, at *3 (S.D. Mich. Feb. 16, 2017). It
would be premature for the Court to decide whether Public Data is a consumer
reporting agency at this stage. See EEOC v. Karuk Tribe Hous. Auth., 260 F.3d 1071,
1076 (9th Cir. 2001) (stating that the Supreme Court has “consistently reaffirmed” that
courts should not refuse to enforce an administrative subpoena when confronted by a
fact-based claim regarding coverage or compliance with the law); FTC v. Texaco, 555
F.2d 862, 872 (D.C. Cir. 1977) (stating that courts considering petitions to enforce
administrative subpoenas should not consider the ultimate question of whether the
subpoenaed entity’s activities are in fact covered by the statute); Future Income
Payments, 2017 WL 2190069, at *2 (“[A] party cannot avoid complying with an
administrative subpoena based on what would normally would be a defense to an
-21-
action by the agency.” (internal quotation and citation omitted)).
Instead, the question when an agency’s investigative action is challenged is
whether there is “some plausible ground for jurisdiction or, to phrase it another way,
[whether] jurisdiction is plainly lacking.” Karuk Tribe Hous. Auth., 260 F.3d at 1077
(internal quotation marks and citations omitted); see also EEOC v. Sidley Austin
Brown & Wood, 315 F.3d 696, 700 (7th Cir. 2002) (“Only if ... the information that the
subpoenaed firm resists furnishing is not even arguably relevant ... can the court
resolve the issue then and there without insisting on further compliance with the
subpoena.” (internal citations omitted)); FTC v. Ken Roberts Co., 276 F.3d 583, 587
(D.C. Cir. 2001) (“[E]nforcement of an agency’s investigatory subpoena will be denied
only when there is a ‘patent lack of jurisdiction’ in an agency to regulate or to
investigate.”).
Here, the Bureau’s jurisdiction for issuing the CID is not plainly lacking because
there are plausible grounds to believe that Public Data may have information related
to a violation of the FCRA. Public Data may have information that is relevant to a
violation of federal consumer financial law, and the Bureau “‘can investigate merely
on suspicion that the law is being violated, or even just because it wants assurance
that it is not.’” Harbour Portfolio Advisors, 2017 WL 631914, at *3 (quoting Morton
Salt Co., 338 U.S. at 642-43).
In light of the foregoing, the Court concludes that the Bureau’s authority to issue
the CID – as opposed to any authority to undertake an enforcement action against, for
example, Public Data, which the Bureau is seeking information to assess and which
-22-
is not the issue before the Court on this petition – is not “plainly lacking.” Karuk Tribe
Hous. Auth., 260 F.3d at 1076. Without deciding the question of whether Public DataI
is a consumer reporting agency, the Court finds that there are plausible grounds to
believe that Public Data may have information related to violations of the FCRA.
Conclusion
For the reasons and to the extent explained above, the Court GRANTS the
Bureau’s Petition to Enforce Civil Investigative Demand [Dkt. No. 1].
SO ORDERED.
DATED: June 6, 2017
_________________________________________
DAVID L. HORAN
UNITED STATES MAGISTRATE JUDGE
-23-
]]>
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?
