BILL ANALYSIS ��
AB 2667
Page 1
CONCURRENCE IN SENATE AMENDMENTS
AB 2667 (Bloom)
As Amended August 13, 2014
Majority vote
-----------------------------------------------------------------
|ASSEMBLY: |75-0 |(May 23, 2014) |SENATE: |36-0 |(August 18, |
| | | | | |2014) |
-----------------------------------------------------------------
Original Committee Reference: JUD.
SUMMARY : Seeks to reflect recent federal regulatory actions and
make clear in California law pertaining to the state's "rent to
own" business sector that the secret use of geophysical (GPS)
location tracking and monitoring technologies on electronic
devices is generally prohibited, except with customer notice and
consent, and only in carefully bounded circumstances.
Specifically, this bill among other things:
1)Prohibits the use of GPS location tracking technology by
lessors under rental-purchase agreements absent express notice
and consent, and then only for the purpose of providing remote
technical assistance and preventing fraud or loss.
2)Requires that lessors in rental-purchase agreements give clear
and prominent notice when GPS location tracking or monitoring
technology is installed or activated.
The Senate amendments : 1) Clarify the notice and use
requirements contained in the Federal Trade Commission (FTC)
order addressing these types of rental products; 2) Permit
consumers to request technical assistance so long as personal
information protections are followed; and 3) Clarify that a
consumer shall be notified of tracking upon the activation of
GPS tracking by the lessor, except when such activation is
pursuant to the filing of a police report.
EXISTING LAW implements the Karnette Rental-Purchase Act, which
among other things, requires lessors in rental-purchase
agreements to provide price-tag disclosures, a sample
rental-purchase contract, and that any rental-purchase
advertisement states the total number of payments necessary to
acquire ownership.
�
AB 2667
Page 2
FISCAL EFFECT : According to the Senate Appropriations
Committee, pursuant to Senate Rule 28.8, negligible state costs.
COMMENTS : As noted by the author, rental-purchase agreements,
typically referred to as "rent to own" agreements, are
increasingly pervasive in today's marketplace, especially
regarding rapidly improving electronic devices such as laptop
computers. However, due to the lack of threshold consumer
protections in this area, it has become fertile ground for
abuse. This bill seeks to set just a few basic (and many would
assume given) privacy floors by, among other things, requiring
that before a lessor of electronic devices can track the
whereabouts of their customers, they must provide the consumer
notice and the opportunity to consent. Additionally, the bill
includes provisions allowing the use of tracking technology for
providing remote technical assistance to consumers and
preventing loss through fraud, recognizing the rent-to-own
industry's legitimate uses for monitoring technology in these
distinct areas.
According to the author, this bill is needed to stem the abuse
of monitoring and GPS location tracking technology in electronic
devices leased under rental-purchase agreements. Under current
law, lessors under rental-purchase agreements are not prohibited
from requesting security deposit fees to insure against fraud or
loss. The author states that consumers have a reasonable
expectation that lessors will use security deposits to insure
against any losses that may occur in the course of the
rental-purchase transaction, and that they will not be secretly
spied upon as an unknown cost of participating in the
rent-to-own marketplace.
The author notes that recent reports about, and federal actions
taken in, this growing industry have revealed serious concerns
about customer privacy invasions. According to recent reports,
electronic devices such as lap top computers are increasingly
being leased under rental-purchase agreements, and lessors have
been installing invasive GPS location tracking and monitoring
technology on these devices. The GPS technology, though useful
in obtaining devices in instances of fraud or loss, has often
reportedly been included without the consumer's knowledge, and
has not been shown to terminate after expiration of the lease
period. The monitoring technology meanwhile has reportedly been
used to determine who is using the device, and in one instance
even been used by a lessor to secretly remotely activate a
�
AB 2667
Page 3
laptop webcam to photograph a customer in his bedroom.
In 2012, the Federal Trade Commission (FTC) ordered seven rental
companies and a software manufacturer to cease using monitoring
technology on unsuspecting customers after discovering that
rent-to-own retailers were using technology to spy on and
photograph consumers. In its complaint the FTC alleged that the
companies had violated provisions of the FTC Act concerning
Unfair and Deceptive Gathering and Disclosure of Consumers'
Personal Information by installing software-oftentimes with
innocuous names such as "PC Rental Agent" - to monitor
consumers' information and track their behavior. The FTC's
complaint went so far as to state that the national rent-to-own
retailer, Aaron's, Inc., and DesignerWare, LLC, a software
manufacturer, had secretly captured images of customers in their
homes while they were "engaged in intimate activities."
The FTC Chairman, Jon Leibowitz, stated in a press release, "An
agreement to rent a computer doesn't give a company license to
access consumers' private emails, bank account information, and
medical records, or, even worse, webcam photos of people in the
privacy of their own homes." Many of these companies settled,
under the terms that they would be prohibited from using
monitoring technology that captures keystrokes or screen shots
and will not activate the webcam and microphone on a customer's
computer, except to provide technical support requested by
customers. There was however no reported fine for Aaron's,
Inc., its franchisees ColorTyme, Premier Rental Purchase, and
DesignerWare, for this seemingly outrageous abuse of customer
privacy.
As the author notes, the FTC complaint revealed that Aaron's had
collected "private, confidential and personal details about
consumers using rented computers" including passwords, medical
records, social security numbers, bank and credit card
statements and more. And DesignerWare had not only been able to
remotely activate software, but also "log[ged] the consumer
user's keystrokes, capture[d] screenshots and [took] pictures
with the computer's webcam and [sent] the data to DesignerWare
servers." Though DesignerWare itself apparently did not access
the information, by storing it and sharing it with rent-to-own
retailers, not only are consumers at risk of misuse by anyone in
possession, but are at risk of identity theft and other serious
harms.
�
AB 2667
Page 4
According to the author, without consumer notice and consent,
these harms may go unrecognized until it is far too late. The
companies in possession may no longer exist (DesignerWare's
Internet Web site is no longer available) or the harm may be too
far removed to determine its source - or for customers to be
even aware of its existence.
Prior to the FTC order, a civil class action was brought against
Aaron's, Inc. itself (Byrd v. Aaron's, 2011 U.S. Dist. LEXIS
73908 (W.D. Pa. June 16, 2011)). In that case, Aaron's, Inc.
reportedly used the "detective mode" program to monitor and
store data on a computer rented to a married couple through its
store. Mistakenly believing that the couple had defaulted on
their payments, an Aaron's, Inc. representative purportedly
visited the couple's home and showed the wife a photo of her
husband using the laptop just a few hours earlier, taken by the
webcam. However, the Court found that it was "purely conjecture
that the other members of the putative class will be subjected
to remote access of personal information."
In response to such shocking facts, the author states:
AB 2667 will put the FTC order, to prohibit the use of
monitoring technologies, into California statute -
ensuring that all Californians who enter into
contracts for a rent-to-own electronic device are
protected from the privacy violations that this
technology exposes them to.
The author further notes that the FTC actions, though important,
have not yet provided an adequate remedy for consumers who have
secretly been exposed to serious breaches of their privacy by
employees of rent-to-own companies and third-party monitoring
vendors. This measure seeks to address that substantial
consumer-protection gap.
Analysis Prepared by : Drew Liebert / JUD. / (916) 319-2334
FN: 0004753
�
AB 2667
Page 5