Previous month:
July 2018
Next month:
September 2018

12 posts from August 2018

Study: Most Consumers Fear Companies Will 'Go Too Far' With Artificial Intelligence Technologies

New research has found that consumers are conflicted about artificial intelligence (AI) technologies. A national study of 697 adults during the Spring of 2018 by Elicit Insights found:

"Most consumers are conflicted about AI. They know there are benefits, but recognize the risks, too"

Several specific findings:

  • 73 percent of survey participants (e.g., Strongly Agree, Agree) fear "some companies will go too far with AI"
  • 64 percent agreed (e.g., Strongly Agree, Agree) with the statement: "I'm concerned about how companies will use artificial intelligence and the information they have about me to engage with me"
  • "Six out of 10 Americans agree or strongly agree that AI will never be as good as human interaction. Human interaction remains sacred and there is concern with at least a third of consumers that AI won’t stay focused on mundane tasks and leave the real thinking to humans."

Many of the concerns center around control. As AI applications become smarter and more powerful, they are able to operate independently, without human -- users' -- authorization. When presented with several smart-refrigerator scenarios, the less control users had over purchases the fewer survey participants viewed AI as a benefit:

Smart refrigerator and food purchase scenarios. AI study by Elicit Insights. Click to view larger version

AI technologies can also be used to find and present possible matches for online dating services. Again, survey participants expressed similar control concerns:

Dating service scenarios. AI study by Elicit Insights. Click to view larger version

Download Elicit Insights' complete Artificial Intelligence survey (Adobe PDF). What are your opinions? Do you prefer AI applications that operate independently, or which require your authorization?


Verizon Throttled Mobile Services Of First Responders Fighting California Wildfires

Verizon logo Fighting fires is difficult, dangerous work. Recently, that was made worse by an internet service provider (ISP). Ars Technica reported:

"Verizon Wireless' throttling of a fire department that uses its data services has been submitted as evidence in a lawsuit that seeks to reinstate federal net neutrality rules. "County Fire has experienced throttling by its ISP, Verizon," Santa Clara County Fire Chief Anthony Bowden wrote in a declaration. "This throttling has had a significant impact on our ability to provide emergency services. Verizon imposed these limitations despite being informed that throttling was actively impeding County Fire's ability to provide crisis-response and essential emergency services." Bowden's declaration was submitted in an addendum to a brief filed by 22 state attorneys general, the District of Columbia, Santa Clara County, Santa Clara County Central Fire Protection District, and the California Public Utilities Commission. The government agencies are seeking to overturn the recent repeal of net neutrality rules in a lawsuit they filed against the Federal Communications Commission in the US Court of Appeals for the District of Columbia Circuit."

Reportedly, Verizon replied with a statement that the throttling, "was a customer service error." Huh? This is how Verizon treats first-responders? This is how an ISP treats first-responders during a major emergency and natural disaster? The wildfires have claimed 12 deaths, destroyed at least 1,200 homes, and wiped out the state's emergency fund. Smoke from the massive wildfires has caused extensive pollution and health warnings in Northwest areas including Portland, Oregon and Seattle, Washington. The thick smoke could be seen from space.

Ars Technica reported in an August 21 update:

"Santa Clara County disputed Verizon's characterization of the problem in a press release last night. "Verizon's throttling has everything to do with net neutrality—it shows that the ISPs will act in their economic interests, even at the expense of public safety," County Counsel James Williams said on behalf of the county and fire department. "That is exactly what the Trump Administration's repeal of net neutrality allows and encourages." "

In 2017, President Trump appointed Ajit Pai, a former Verizon attorney, as Chairman of the U.S. Federal Communications Commission. Under Pai's leadership, the FCC revoked both online privacy and net neutrality protections for consumers. This gave ISPs the freedom to do as they want online while consumers lost two key freedoms: a) the freedom to control the data describing their activities online (which are collected and shared with others by ISPs), and b) freedom to use the internet bandwidth purchased as they choose.

If an ISP will throttle and abuse first-responders, think of what it will do it regular consumers. What are your opinions?


T-Mobile Confirmed Data Breach Affecting Millions Of Customers

T-Mobile logo T-Mobile confirmed a data breach which impacted its customers. Last week, the mobile service provider said in a statement:

"On August 20, our cyber-security team discovered and shut down an unauthorized access to certain information, including yours, and we promptly reported it to authorities. None of your financial data (including credit card information) or social security numbers were involved, and no passwords were compromised. However, you should know that some of your personal information may have been exposed, which may have included one or more of the following: name, billing zip code, phone number, email address, account number and account type (prepaid or postpaid)."

Affected customers are being notified. The statement did not disclose the number of affected customers, exactly how criminals breached its systems, nor the specific actions T-Mobile is taking to prevent this type of breach from happening again. The lack of detail is discouraging and does not promote trust.

CBS News reported:

"... the breach affected about 3 percent of T-Mobile's 77 million customers, or 2 million people... In May, researchers detected a bug in the company's website that allowed anyone to access the personal data of customers with just a phone number. The company is waiting for regulatory approval of a proposed $26.5 billion takeover of Sprint, the fourth-largest carrier in the United States."

So, criminals have stolen enough information to do damage: send spam via e-mail or text, and conduct pretexting (e.g., impersonate others to take over online accounts by resetting passwords, and/or gain access to payment data).

If you received a breach notice from T-Mobile, how satisfied are you with the company's response?


Besieged Facebook Says New Ad Limits Aren’t Response to Lawsuits

[Editor's note: today's guest post, by reporters at ProPublica, is the latest in a series monitoring Facebook's attempts to clean up its advertising systems and tools. It is reprinted with permission.]

By Ariana Tobin and Jeremy B. Merrill, ProPublica

Facebook logo Facebook’s move to eliminate 5,000 options that enable advertisers on its platform to limit their audiences is unrelated to lawsuits accusing it of fostering housing and employment discrimination, the company said Wednesday.

“We’ve been building these tools for a long time and collecting input from different outside groups,” Facebook spokesman Joe Osborne told ProPublica.

Tuesday’s blog post announcing the elimination of categories that the company has described as “sensitive personal attributes” came four days after the Department of Justice joined a lawsuit brought by fair housing groups against Facebook in federal court in New York City. The suit contends that advertisers could use Facebook’s options to prevent racial and religious minorities and other protected groups from seeing housing ads.

Raising the prospect of tighter regulation, the Justice Department said that the Communications Decency Act of 1996, which gives immunity to internet companies from liability for content on their platforms, did not apply to Facebook’s advertising portal. Facebook has repeatedly cited the act in legal proceedings in claiming immunity from anti-discrimination law. Congress restricted the law’s scope in March by making internet companies more liable for ads and posts related to child sex-trafficking.

Around the same time the Justice Department intervened in the lawsuit, the Department of Housing and Urban Development (HUD) filed a formal complaint against Facebook, signaling that it had found enough evidence during an initial investigation to raise the possibility of legal action against the social media giant for housing discrimination. Facebook has said that its policies strictly prohibit discrimination, that over the past year it has strengthened its systems to protect against misuse, and that it will work with HUD to address the concerns.

“The Fair Housing Act prohibits housing discrimination including those who might limit or deny housing options with a click of a mouse,” Anna María Farías, HUD’s assistant secretary for fair housing and equal opportunity, said in a statement accompanying the complaint. “When Facebook uses the vast amount of personal data it collects to help advertisers to discriminate, it’s the same as slamming the door in someone’s face.”

Regulators in at least one state are also scrutinizing Facebook. Last month, the state of Washington imposed legally binding compliance requirements on the company, barring it from offering advertisers the option of excluding protected groups from seeing ads about housing, credit, employment, insurance or “public accommodations of any kind.”

Advertising is the primary source of revenue for the social media giant, which is under siege on several fronts. A recent study and media coverage have highlighted how hate speech and false rumors on Facebook have spurred anti-refugee discrimination in Germany and violence against minority ethnic groups such as the Rohingya in Myanmar. This week, Facebook said it had found evidence of Russian and Iranian efforts to influence elections in the U.S. and around the world through fake accounts and targeted advertising. It also said it had suspended more than 400 apps “due to concerns around the developers who built them or how the information people chose to share with the app may have been used.”

Facebook declined to identify most of the 5,000 options being removed, saying that the information might help bad actors game the system. It did say that the categories could enable advertisers to exclude racial and religious minorities, and it provided four examples that it deleted: “Native American culture,” “Passover,” “Evangelicalism” and “Buddhism.” It said the changes will be completed next month.

According to Facebook, these categories have not been widely used by advertisers to discriminate, and their removal is intended to be proactive. In some cases, advertisers legitimately use these categories to reach key audiences. According to targeting data from ads submitted to ProPublica’s Political Ad Collector project, Jewish groups used the “Passover” category to promote Jewish cultural events, and the Michael J. Fox Foundation used it to find people of Ashkenazi Jewish ancestry for medical research on Parkinson’s disease.

Facebook is not limiting advertisers’ options for narrowing audiences by age or sex. The company has defended age-based targeting in employment ads as beneficial for employers and job seekers. Advertisers may also still target or exclude by ZIP code — which critics have described as “digital red-lining” but Facebook says is standard industry practice.

A pending suit in federal court in San Francisco alleges that, by allowing employers to target audiences by age, Facebook is enabling employment discrimination against older job applicants. Peter Romer-Friedman, a lawyer representing the plaintiffs in that case, said that Facebook’s removal of the 5,000 options “is a modest step in the right direction.” But allowing employers to sift job seekers by age, he added, “shows what Facebook cares about: its bottom line. There is real money in age-restricted discrimination.”

Senators Bob Casey of Pennsylvania and Susan Collins of Maine have asked Facebook for more information on what steps it is taking to prevent age discrimination on the site.

The issue of discriminatory advertising on Facebook arose in October 2016 when ProPublica revealed that advertisers on the platform could narrow their audiences by excluding so-called “ethnic affinity” categories such as African-Americans and Spanish-speaking Hispanics. At the time, Facebook promised to build a system to flag and reject such ads. However, a year later, we bought dozens of rental housing ads that excluded protected categories. They were approved within seconds. So were ads that excluded older job seekers, as well as ads aimed at anti-Semitic categories such as “Jew hater.”

The removal of the 5,000 options isn’t Facebook’s first change to its advertising portal in response to such criticism. Last November, it added a self-certification option, which asks housing advertisers to check a box agreeing that their advertisement is not discriminatory. The company also plans to require advertisers to read educational material on the site about ethical practices.

Filed under:

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


Facebook To Remove Onavo VPN App From Apple App Store

Not all Virtual Private Network (VPN) software is created equal. Some do a better job at protecting your privacy than others. Mashable reported that Facebook:

"... plans to remove its Onavo VPN app from the App Store after Apple warned the company that the app was in violation of its policies governing data gathering... For those blissfully unaware, Onavo sold itself as a virtual private network that people could run "to take the worry out of using smartphones and tablets." In reality, Facebook used data about users' internet activity collected by the app to inform acquisitions and product decisions. Essentially, Onavo allowed Facebook to run market research on you and your phone, 24/7. It was spyware, dressed up and neatly packaged with a Facebook-blue bow. Data gleaned from the app, notes the Wall Street Journal, reportedly played into the social media giant's decision to start building a rival to the Houseparty app. Oh, and its decision to buy WhatsApp."

Thanks Apple! We've all heard of the #FakeNews hashtag on social media. Yes, there is a #FakeVPN hashtag, too. So, buyer beware... online user beware.


Study: Performance Issues Impede IoT Device Trust And Usage Worldwide By Consumers

Dynatrace logo A global survey recently uncovered interesting findings about the usage and satisfaction of Iot (Internet of things) devices by consumers. A survey of consumers in several countries found that 52 percent already use IoT devices, and 64 percent of users have already encountered performance issues with their devices.

Opinium Research logo Dynatrace, a software intelligence company, commissioned Opinium Research to conduct a global survey of 10,002 participants, with 2,000 in the United States, 2,000 in the United Kingdom, and 1,000 respondents each in France, Germany, Australia, Brazil, Singapore, and China. Dynatrace announced several findings, chiefly:

"On average, consumers experience 1.5 digital performance problems every day, and 62% of people fear the number of problems they encounter, and the frequency, will increase due to the rise of IoT."

That seems like plenty of poor performance. Some findings were specific to travel, healthcare, and in-home retail sectors. Regarding travel:

"The digital performance failures consumers are already experiencing with everyday technology is potentially making them wary of other uses of IoT. 85% of respondents said they are concerned that self-driving cars will malfunction... 72% feel it is likely software glitches in self-driving cars will cause serious injuries and fatalities... 84% of consumers said they wouldn’t use self-driving cars due to a fear of software glitches..."

Regarding healthcare:

"... 62% of consumers stated they would not trust IoT devices to administer medication; this sentiment is strongest in the 55+ age range, with 74% expressing distrust. There were also specific concerns about the use of IoT devices to monitor vital signs, such as heart rate and blood pressure. 85% of consumers expressed concern that performance problems with these types of IoT devices could compromise clinical data..."

Regarding in-home retail devices:

"... 83% of consumers are concerned about losing control of their smart home due to digital performance problems... 73% of consumers fear being locked in or out of the smart home due to bugs in smart home technology... 68% of consumers are worried they won’t be able to control the temperature in the smart home due to malfunctions in smart home technology... 81% of consumers are concerned that technology or software problems with smart meters will lead to them being overcharged for gas, electricity, and water."

The findings are a clear call to IoT makers to improve the performance, security, and reliability of their internet-connected devices. To learn more, download the full Dynatrace report titled, "IoT Consumer Confidence Report: Challenges for Enterprise Cloud Monitoring on the Horizon."


Whirlpool's Online Product Registration: Confidentiality and Privacy Concerns

Earlier this month, my wife and I relocated to a different city within the same state to live closer to our new, 14-month young grandson. During the move, we bought new home appliances -- a clothes washer and dryer, both made by Whirlpool -- which prompted today's blog post.

The packaging and operation instructions included two registration postcards with the model and serial numbers printed in the form. Nothing controversial about that. The registration cards included, "Other Easy Ways To Register," and listed both registration websites for the United States and Canada. I tried the online registration to see what improvements or benefits Whirlpool's United States registration site might offer over the old-school snail-mail method besides speed.

The landing page includes a form for the customer's contact information, product purchased information, and future purchase plans. Pretty standard stuff. Nothing alarming there. Near the bottom of the form and just above the "Complete Registration" button are links to Whirlpool's Terms & Conditions and Privacy policies. I read both and found some surprises.

First, the site uses inconsistent nomenclature: two different policy titles. The link says "Terms & Conditions" while the title of the actual policy page states, "Terms Of Use." Which is it? Inconsistent nomenclature can confuse users. Not good. Come on, Whirlpool! This is not hard. Good website usability includes the consistent use of the same page title, so uses know where they are going when they select a link, and that they've arrived at the expected destination.

Second, the Terms Of Use (well, I had to pick a title so it wold be clear for you) policy page lacks a date. This can be confusing, making it difficult to impossible for consumers to know and reference the exact document read; plus determine what, if any, changes were posted since the prior version. Not good. Come on Whirlpool! Add a publication date. It's not hard.

Third, the Terms Of Use policy contained this clause:

"Whirlpool Corporation welcomes your submissions; however, any information submitted, other than your personal information (for example, your name and e-mail address), to Whirlpool Corporation through this site is the exclusive property of Whirlpool Corporation and is considered NOT to be confidential. Whirlpool Corporation does not receive the submission in confidence or under any confidential or fiduciary relationship. Whirlpool Corporation may use the submission for any purpose without restriction or compensation."

So, the Terms of Use policy is both vague and clear at the same time. It was vague because it didn't list the exact data elements considered "personal information." Not good. This leaves consumers to guess. The policy lists only two data elements. What about the rest? Are all confidential, or only some? And if some, which ones? Here's the list I consider confidential: name, street address, country, phone number, e-mail address, IP address, device type, device model, device operating system, payment card information, billing address, and online credentials (should I create a profile at the Whirlpool site). Come on Whirlpool! Get it together and provide the complete list of data elements you consider "personal information." It's not hard.

Fourth, the Terms Of Use policy was also clear because the above sentences quoted made Whirlpool's intentions clear: submissions to the site other than "personal information" are not confidential and Whirlpool can do with them whatever it wants. Since the policy doesn't list which data elements are personal, one must assume all are.  Not good.

Next, I read Whirlpool's Privacy policy, and hoped that it would clarify things. Thankfully, a little good news. First, the Privacy policy listed a date: May 31, 2018. Second, more inconsistent site nomenclature: the page-bottom links across the site say "Privacy Policy" while the policy page title says "Privacy Statement." I selected the "Expand All" button to view the entire policy. Third, Whirlpool's Privacy Statement listed the items considered personal information:

"- Your contact information, such as your name, email address, mailing address, and phone number
- Your billing information, such as your credit card number and billing address
- Your Whirlpool account information, including your user name, account number, and a password
- Your product and ownership information
- Your preferences, such as product wish lists, order history, and marketing preferences"

This list is a good start. A simple link to this section from the Terms Of Use policy would do wonders to clarify things. However, Whirlpool collects some key data which it more freely collects and trades than "personal information." The Privacy Statement contains this clause:

"Whirlpool and its business partners and service providers may use a variety of technologies that automatically or passively collect information about how you interact with our Websites ("Usage Information"). Usage Information may include: (i) your IP address, which is a unique set of numbers assigned to your computer by your Internet Service Provider (ISP) (which, depending on your ISP, may be a different number every time you connect to the Internet); (ii) the type of browser and operating system you use; and (iii) other information about your online session, such as the URL you came from to get to our Websites and the date and time you visited our Websites."

And, the Privacy Statement mentions the use of several online tracking technologies:

"We use Local Shared Objects (LSOs) such as HTML5 or Flash on our Websites to store content information and preferences. Third parties with whom we partner to provide certain features on our Websites or to display advertising based upon your web browsing activity use LSOs such as HTML5 or Flash to collect and store information... Web beacons are tiny electronic image files that can be embedded within a web page or included in an e-mail message, and are usually invisible to the human eye. When we use web beacons within our web pages, the web beacons (also known as “clear GIFs” or “tracking pixels”) may tell us such things as: how many people are coming to our Websites, whether they are one-time or repeat visitors, which pages they viewed and for how long, how well certain online advertising campaigns are converting, and other similar Website usage data. When used in our e-mail communications, web beacons can tell us the time an e-mail was opened, if and how many times it was forwarded, and what links users click on from within the e- mail message."

While the "EU-US Privacy Shield" section of the privacy policy lists Whirlpool's European subsidiaries, and contains a Privacy Shield link to an external site listing the companies that are probably some of Whirlpool's service and advertising partners, the privacy policy really does not disclose all of the "third parties," "business partners," "service vendors," advertising partners, and affiliates Whirlpool shares data with. Consumers are left in the dark.

Last, the "Your Rights: Choice & Access" section of the privacy policy mentions the opt-out mechanism for consumers. While consumers can opt-out or cancel receiving marketing (e.g., promotional) messaging from Whirlpool, you can't opt-out of the data collection and archival. So, choice is limited.

Given this and the above concerns, I abandoned the product registration form. Yep. Didn't complete it. Maybe I will in the future after Whirlpool fixes things. Perhaps most importantly, today's blog post is a reminder for all consumers: always read companies' privacy and terms-of-use policies. Always. You never know what you'll find that is irksome. And, if you don't know how to read online polices, this blog has some tips and suggestions.


Survey: Complexities And Consumer Fears With Checking Credit Reports For Errors

Many consumers know that they should check their credit reports yearly for errors, but most don't. A recent survey found much complexity and fears surrounding credit reports. WalletHub surveyed 500 adults in the United States during July, and found:

  • 84 percent of survey respondents know that they should check their credit reports at least once each year
  • Only 41 percent of respondents said they check their credit reports
  • 27 percent said they don't have the time to check their credit reports
  • 14 percent said they are afraid to see the contents of their credit reports

WalletHub found that women were twice as likely as men to have the above fear. Millennials were five times as likely than Baby Boomers to have this fear. More findings are listed below.

It is important for consumers to understand the industry. Inaccurate credit report can lower your credit score, the overall number used to indicate your credit worthiness. A low credit score can cost you money: denied credit applications, or approved loans but with higher interest rates. The errors in credit reports can include another person's data co-mingled with yours (obviously, that should never happen), a dead person's data co-mingled with yours, or a credit report that doesn't accurately reflect a loan you truly paid off on time and in full.

A 2013 study by the U.S. Federal Trade Commission (FTC) found problems with credit reports accuracy. First, 26 percent of participants identified errors in their credit reports. So, one in four consumers were affected. Plus, of the 572 credit reports where errors were identified, 399 reports (70%) were modified by a credit reporting agency, and 211 (36%) resulted in a credit score changed. So, finding and reporting errors is beneficial for consumers. Plus, a report in 2013 by the 60 Minutes television news magazine listed problems with the dispute process: failures by the largest three credit reporting agencies to correct errors reported by consumers on their credit reports.

There are national and regional credit reporting agencies. The three national credit reporting agencies include Experian, Equifax, andTransUnion. Equifax operates a secondary consumer reporting agency focused solely upon the telecommunications industry and broadband internet services.

Credit reporting agencies get their data from a variety of sources including data brokers. So, their business model is based upon data sharing. Just about anyone can set up and operate a credit reporting agency. No special skills nor expertise are required. Credit reporting agencies make money by selling credit reports to lenders. Credit reports often contain errors. For better or worse regarding security, credit reporting agencies historically have outsourced work, sometimes internationally.

The industry and executives have arguably lackadaisical data security approaches. A massive data breach at Equifax affected about 143 million persons in 2017. An independent investigation of that breach found a length list of data security flaws and failures at Equifax. To compound matters, the Internal Revenue Service gave Equifax a no-bid contract in 2017.

The industry has a spotty history. In 2007, Equifax paid a $2.7 million fine for violating federal credit laws. In 2009, it paid a $65,000 fine to the state of Indiana for violating the state's security freeze law. In 2012, Equifax and some of its customers paid $1.6 million to settle allegations of improper list sales. A data breach at Experian in 2015 affected 15 million wireless carrier customers. In 2017, Equifax and TransUnion paid $23.1 million to settle allegations of deceptive advertising about credit scores.

See the graphic below for more findings from the WalletHub survey.

2018 Credit Report Complexity Survey by WalletHub. Click to view larger version


Federal Reserve Board Fined Citigroup For Mishandling Residential Mortgages

Citibank logo The Federal Reserve Board (FRB) announced on Friday that it had fined Citigroup $8.6 million for the "improper execution of residential mortgage-related documents" in a subsidiary. The announcement explained:

"The $8.6 million penalty addresses the deficient execution and notarization of certain mortgage-related affidavits prepared by a subsidiary, CitiFinancial. The improper practices occurred in 2015 and were corrected. CitiFinancial exited the mortgage servicing business in 2017.

Also on Friday, the Board announced the termination of an enforcement action from 2011 against Citigroup and CitiFinancial related to residential mortgage loan servicing. The termination of this action was based on evidence of sustainable improvements."

In 2014, Citigroup paid $7 billion to settle allegations by the Department of Justice (DOJ) and several states attorneys general (AGs) that the bank mislead investors about toxic mortgage-backed securities. So, sloppy or shoddy handling of mortgage paperwork  will get a bank fined. Good. There must be consequences when consumers are abused.

Earlier this month, Wells Fargo admitted to software bugs in its systems which led to the bank accidentally foreclosing on residential homeowners it shouldn't have. 400 homeowners lost their homes. Untold consumers' credit ratings wrecked. That sounds like shabby mortgage paperwork handling, too -- definitely worth a larger fine. What do you think?


Wells Fargo Accidentally Foreclosed on Homeowners. 400 Customers Lost Their Homes

Wells Fargo logo Earlier this week, Wells Fargo Bank admitted that it accidentally foreclosed on nearly 400 homeowners it shouldn't have due to a "software glitch." The San Francisco Business Times reported:

"Nearly 400 Wells Fargo customers lost their homes when they were accidentally foreclosed on after a software glitch denied them the ability to modify their mortgages as they sought federal aid, the bank disclosed in a regulatory filing... The bank apologized and has set aside $8 million to compensate those affected by the glitch, which occurred from 2010 to 2015... the software mistake miscalculated customers' eligibility for mortgage modifications. The error caused about 625 customers to be denied loan modifications they sought from a federal program to help homeowners avoid foreclosures."

The $8 million set aside is one small step towards rebuilding consumers' trust. It seems that the bank and its executives have a nasty habit of alleged wrongdoing that often results in fines and settlement agreements. Earlier this month, the U.S. Department of Justice announced a $2 billion settlement agreement where:

"... Wells Fargo Bank, N.A. and several of its affiliates (Wells Fargo) will pay a civil penalty of $2.09 billion under the Financial Institutions Reform, Recovery, and Enforcement Act of 1989 (FIRREA) based on the bank’s alleged origination and sale of residential mortgage loans that it knew contained misstated income information and did not meet the quality that Wells Fargo represented. Investors, including federally insured financial institutions, suffered billions of dollars in losses from investing in residential mortgage-backed securities (RMBS) containing loans originated by Wells Fargo... The United States alleged that, in 2005, Wells Fargo began an initiative to double its production of subprime and Alt-A loans. As part of that initative, Wells Fargo loosened its requirements for originating stated income loans – loans where a borrower simply states his or her income without providing any supporting income documentation... despite its knowledge that a substantial portion of its stated income loans contained misstated income, Wells Fargo failed to disclose this information, and instead reported to investors false debt-to-income ratios in connection with the loans it sold. Wells Fargo also allegedly heralded its fraud controls while failing to disclose the income discrepancies its controls had identified."

Sadly, there's plenty more. In April, federal regulators at the Consumer Financial Protection Bureau (CFPB) and the Office of the Comptroller of the Currency (OCC) assessed a $1 billion fine against the bank for violations of the, "Consumer Financial Protection Act (CFPA) in the way it administered a mandatory insurance program related to its auto loans..."

Since 2016, the bank paid a $185 million fine for alleged unlawful sales practices where its employees created phony accounts to game an internal sales compensation system. While the bank's CEO was let go and 5,300 workers were fired due to that scandal, bad behavior and poor executive decisions seem to continue.

In August of 2017, the results of an internal investigation of auto insurance policies sold from 2012 to 2016 found that thousands of the bank's customers were forced to buy unneeded and unwanted auto insurance.

The latest incident raises more questions:

  • How does a "software glitch" go undetected and unfixed for five years -- or longer?
  • Where was the quality assurance and software testing processes?
  • The post implementation audits failed to detect errors?
  • Were any employees reprimanded, demoted, or fired? And if none, why?
  • What specific changes are being implemented to prevent future software glitches?
  • How will the damaged credit histories of foreclosed homeowners be repaired?

Often, all or a portion of the settlement agreements are tax deductible. This both lessens the fines' impacts and shifts the burden to taxpayers. I hope that as regulators pursue solutions, tax-deductible settlements are not repeated. What are your opinions?


Keep An Eye On Facebook's Moves To Expand Its Collection Of Financial Data About Its Users

Facebook logo On Monday, the Wall Street Journal reported that the social media giant had approached several major banks to share their detailed financial information about consumers in order, "to boost user engagement." Reportedly, Facebook approached JPMorgan Chase, Wells Fargo, Citigroup, and U.S. Bancorp. And, the detailed financial information sought included debit/credit/prepaid card transactions and checking account balances.

The Reuters news service also reported about the talks. The Reuters story mentioned the above banks, plus PayPal and American Express. Then, in a reply Facebook said that the Wall Street Journal news report was wrong. TechCrunch reported:

"Facebook spokesperson Elisabeth Diana tells TechCrunch it’s not asking for credit card transaction data from banks and it’s not interested in building a dedicated banking feature where you could interact with your accounts. It also says its work with banks isn’t to gather data to power ad targeting, or even personalize content... Facebook already lets Citibank customers in Singapore connect their accounts so they can ping their bank’s Messenger chatbot to check their balance, report fraud or get customer service’s help if they’re locked out of their account... That chatbot integration, which has no humans on the other end to limit privacy risks, was announced last year and launched this March. Facebook works with PayPal in more than 40 countries to let users get receipts via Messenger for their purchases. Expansions of these partnerships to more financial services providers could boost usage of Messenger by increasing its convenience — and make it more of a centralized utility akin to China’s WeChat."

There's plenty in the TechCrunch story. Reportedly, Diana's statement said that banks approached Facebook, and that it already partners:

"... with banks and credit card companies to offer services like customer chat or account management. Account linking enables people to receive real-time updates in Facebook Messenger where people can keep track of their transaction data like account balances, receipts, and shipping updates... The idea is that messaging with a bank can be better than waiting on hold over the phone – and it’s completely opt-in. We’re not using this information beyond enabling these types of experiences – not for advertising or anything else. A critical part of these partnerships is keeping people’s information safe and secure."

What to make of this? First, it really doesn't matter who approached whom. There's plenty of history. Way back in 2012, a German credit reporting agency approached Facebook. So, the financial sector is fully aware of the valuable data collected by Facebook.

Second, users doing business on the platform have already given Facebook permission to collect transaction data. Third, while Facebook's reply was about its users generally, its statement said "no" but sounded more like a "yes." Why? Basically, "account linking" or the convenience of purchase notifications is the hook or way into collecting users' financial transaction data. Existing practices, such as fitness apps  and music sharing, highlight the existing "account linking" used for data collection. Whatever users share on the platform allows Facebook to collect that information.

Fourth, the push to collect more banking data appears at best poorly timed, and at worst -- arrogant. Facebook is still trying to recover and regain users' trust after 87 million persons were affected by the massive data breach involving Cambridge Analytica. In May, the new Commissioner at the U.S. Federal Trade Commission (FTC) suggested stronger enforcement on tech companies, like Google and Facebook. Facebook has stumbled as its screening to identify political ads by politicians has incorrectly flagged news sites. Facebook CEO Mark Zuckerberg didn't help matters with his bumbling comments while failing to explain his company's stumbles to identify and prevent fake news.

Gary Cohn, President Donald Trump's former chief economic adviser, sharply criticized social media companies, including Facebook, for allowing fake news:

"In 2008 Facebook was one of those companies that was a big platform to criticize banks, they were very out front of criticizing banks for not being responsible citizens. I think banks were more responsible citizens in 2008 than some of the social media companies are today."

So, it seems wise to keep an eye on Facebook as it attempts to expand its data collection of consumers' financial information. Fifth, banks and banking executives bear some responsibility, too. A guest post on Forbes explained (highlighted text added):

"Whether this [banking] partnership pans or not, the Facebook plans are a reminder that banks sit on mountains of wealth much more valuable than money. Because of the speed at which tech giants move, banks must now make sure their clients agree on who owns their data, consent to the use of them, and understand with who they are shared. For that, it is now or never... In the financial industry, trust between a client and his provider is of primary importance. You can’t sell a customer’s banking data in the same way you sell his or her internet surfing behavior. Finance executives understand this: they even see the appropriate use of customer data as critical to financial stability. It is now or never to define these principles on the use of customer data... It’s why we believe new binding guidelines such as the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act are welcome, even if they have room for improvement... A report by the US Treasury published earlier this week called on Congress to enact a federal data security and breach notification law to protect consumer financial data. The principles outlined above can serve as guidance to lawmakers drafting legislation, and bank executives considering how to respond to advances by Facebook and other big techs..."

Consumers should control their data -- especially financial data. If those rules are not put in place, then consumers have truly lost control of the sensitive personal and financial information that describes them. What are your opinions?


How Well Do Americans Distinguish Facts From Opinions? People With These 3 Skills Do The Best

The current fast-paced news environment, multitude of online sources, and the rise of "fake news" all place a premium upon being able to distinguish facts from opinions. And some opinions are also rumors or lies. Nobody wants to be duped as this shooter was in the Washington pizzeria attack in 2016. Nobody wants to waste their votes based upon misinformation.

How well do people in the United States distinguish facts from opinions? Earlier this year, the Pew Research Center conducted a survey to determine:

"... whether member of the public can recognize news as factual – something that’s capable of being proved or disproved by objective evidence – or as an opinion that reflects the beliefs and values of whoever expressed it."

Overall findings were not encouraging:

"The main portion of the study, which measured the public’s ability to distinguish between five factual statements and five opinion statements, found that a majority of Americans correctly identified at least three of the five statements in each set. But this result is only a little better than random guesses. Far fewer Americans got all five correct, and roughly a quarter got most or all wrong."

The survey of 5,035 U.S. adults was conducted between February 22 and March 8, 2018. Another key finding: people with certain skills outperformed others who lacked those skills:

"Those with high political awareness, those who are very digitally savvy and those who place high levels of trust in the news media are better able than others to accurately identify news-related statements as factual or opinion... 36% of Americans with high levels of political awareness (those who are knowledgeable about politics and regularly get political news) correctly identified all five factual news statements, compared with about half as many (17%) of those with low political awareness. Similarly, 44% of the very digitally savvy (those who are highly confident in using digital devices and regularly use the internet) identified all five opinion statements correctly versus 21% of those who are not as technologically savvy... Trust in those who do the reporting also matters in how that statement is interpreted. Almost four-in-ten Americans who have a lot of trust in the information from national news organizations (39%) correctly identified all five factual statements, compared with 18% of those who have not much or no trust. "

Pew Research. Survey findings. The politically aware, digitally savvy, and those more trusting of the news media fare better at distinguishing facts from opinions. Click to view larger version See the table on the right for details about the findings, which also apply across political parties:

"Both Republicans and Democrats show a propensity to be influenced by which side of the aisle a statement appeals to most. For example, members of each political party were more likely to label both factual and opinion statements as factual when they appealed more to their political side."

The study also investigated whether the news source brand affected person's abilities to distinguish facts from opinions:

"Overall, attributing the statements to news outlets had a limited impact on statement classification... Members of the two parties were as likely as each other to correctly classify the factual statements when no source was attributed or when USA Today or The New York Times was attributed. Labeling statements with a news outlet had no impact on how Republicans or Democrats classified the opinion statements."

When the source was attributed to Fox News, "Republicans were modestly more likely than Democrats to accurately classify the three factual statements... correspondingly, Democrats were modestly less likely than Republicans to do so.

Another finding:

"When Americans see a news statement as factual, they overwhelmingly also believe it to be accurate. This is true for both statements they correctly and incorrectly identified as factual, though small portions of the public did call statements both factual and inaccurate."

Many people I know strongly believe that persons in the other political party are misinformed and/or misled by their reliance upon opinions, rumors, and inaccurate information; while persons in their political party are uniquely informed without reliance upon opinions, rumors, and inaccurate information. We now know that belief isn't accurate.