The settlement marks the largest to date for an FTC Fair Credit Reporting Act case and requires Vivint to implement an ID theft prevention program.
PROVO, Utah — Vivint Smart Home, based here, has agreed to pay $20 million to settle Federal Trade Commission (FTC) claims that the company misappropriated credit reports to help unqualified customers obtain financing for its security, monitoring and IoT services.
The settlement calls for Vivint to pay a $15 million civil penalty, plus $5 million to compensate injured consumers, the FTC announced on Saturday.
In a complaint filed by the Department of Justice (DOJ) on behalf of the FTC, the Commission alleged that Vivint violated the Fair Credit Reporting Act (FCRA) by improperly obtaining credit reports in order to qualify potential customers for financing for its smart home monitoring and security products.
The FTC also alleged that Vivint violated the FTC’s Red Flags Rule by failing to implement an identity theft prevention program, which is required of certain companies that regularly use or obtain credit reports.
“Vivint’s sales staff stole people’s personal information to approve others for loans,” states Daniel Kaufman, acting director of the FTC’s Bureau of Consumer Protection. “For misusing consumer credit reports and other sensitive data, and harming people’s credit, this company will pay $20 million.”
Vivint uses door-to-door sales representatives working on a commission-only basis to sell the company’s home security devices and monitoring services, according to the FTC complaint.
Sales Reps Utilized ‘White Paging’
The FTC alleged that some Vivint sales representatives used a process known as “white paging,” which involved finding another consumer with the same or a similar name on the White Pages app and using that consumer’s credit history to qualify the prospective unqualified customer.
Vivint sales representatives also sometimes asked customers to provide the name of someone they knew who had better credit, such as a relative, then added that innocent third-party as a co-signer to the account without their permission, and used their credit history to qualify the prospective customer, according to the complaint.
If customers qualified using these deceptive tactics later defaulted on their loans, Vivint referred the innocent third party to its debt buyer, potentially harming that consumer’s credit and subjecting them to debt collectors, the FTC alleged.
Many consumers whose credit reports were misused by Vivint sales representatives complained to the FTC that they were victims of identity theft after being contacted by Vivint’s debt collectors.
The FTC alleged that Vivint was aware of the problem, and in fact terminated many sales representatives for misconduct only to rehire some of them shortly thereafter, according to the complaint.
In addition to the monetary judgment — the largest to date for an FTC FCRA case — the settlement requires Vivint to implement an employee monitoring and training program, as well as an identity theft prevention program. The company must also establish a customer service task force to verify that accounts belong to the right customer before referring any account to a debt collector, and must assist consumers who were improperly referred to debt collectors.
In addition, Vivint must obtain biennial assessments by an independent third party to ensure the company is complying with the FCRA. Vivint is also prohibited from engaging in the types of improper conduct detailed in the complaint.
People who did not sign up for Vivint’s services but were contacted by debt collectors or found Vivint accounts improperly listed on their credit reports may be eligible for compensation from this settlement and can sign up for email updates here.