A mortgage broker who discarded consumers’ personal financial records in a publicly- accessible dumpster paid a $35,000 civil penalty to settle Federal Trade Commission charges.
According to an FTC complaint filed in December 2008, the defendant improperly disposed of about 40 boxes of sensitive consumer records collected by companies he had owned, including tax returns, mortgage applications, bank statements, photocopies of credit cards and drivers’ licenses, and at least 230 credit reports. In addition, two mortgage brokerage companies he previously owned failed to provide reasonable and appropriate security for sensitive consumer information, despite promising they would do so.
The FTC charged the defendant with failing to take reasonable measures to protect credit report information from unauthorized access during its disposal, in violation of the Fair Credit Reporting Act and the FTC’s Disposal Rule. The complaint also charged him with violations of the FTC Act for his companies’ misrepresentations about their data security practices.
In addition to imposing a $35,000 penalty, the settlement order bars the defendant from misrepresenting measures taken to protect sensitive consumer information and failing to take reasonable measures to protect credit report information during its disposal. The order also requires him to employ a comprehensive information security program for sensitive consumer information, and to hire an independent, third-party security professional to review the program every year for 10 years to ensure that it meets or exceeds the order’s requirements.
The defendant is Gregory Navone of Las Vegas, Nevada; his two former mortgage brokerage companies were First Interstate Mortgage Corporation and Nevada One Corporation. The Commission vote to authorize staff to file the stipulated final order in the U.S. District Court for the District of Nevada was 4-0. The order was entered by the court on December 30, 2009.
NOTE: Stipulated final orders are for settlement purposes only and do not constitute an admission by the defendant of a law violation. Stipulated orders have the force of law when signed by the judge.
Source: Ftc