The Diablo Is in the Customer's Private Details

A recent complaint filed by the Federal Trade Commission serves as a perfect illustration . . . 

March 2020
By Andrea S. Cottrell*

A recent complaint filed by the Federal Trade Commission serves as a perfect illustration of why one should not fire off a response to something on social media when angry. The diablo (Spanish for devil) in this article's title is a mortgage broker, Mortgage Solutions FCS, Inc., dba Mount Diablo Lending, that took offense to unflattering Yelp reviews. The details are the personal tidbits about the broker's customers that the broker plastered all over Yelp. As one might expect, the FTC took issue with the broker's privacy violation-filled tirade and brought an enforcement action.

According to the FTC's complaint, Ramon Walker, as owner and sole officer of the broker, had access to a bevy of personal financial information and consumer credit reports. Unfortunately for the consumers who trusted him with their information, Walker used that information against them in a very public way.

The FTC alleged that Walker posted personal information about his customers in response to Yelp reviews he did not like. Walker's Yelp responses oftentimes included consumers' first and last names. One response stated: "I know you feel entitled to the funds from your mother's house as you clearly stated to me but unfortunately that is not the way the law works and there is nothing my company can do about it." Another one overshared: "The high debt to income ratio was caused by this borrower cosigning on multiple mortgages for his children."

The FTC's complaint against the broker and Walker alleged violations of Section 5 of the FTC Act, the Fair Credit Reporting Act, Regulation P, and the Safeguards Rule, all of which protect consumers and their information. FTC Bureau of Consumer Protection Director Andrew Smith stated in the press release announcing the settlement with the defendants, "Companies that use credit reports and scores have a legal obligation to keep that information confidential. They should not disclose that information to third parties without a legitimate reason to do so, and they certainly should not post that information on the Internet to embarrass or punish consumers, as happened here."

Smith probably felt like a parent explaining to a child that even if her brother says something she doesn't like, she is not allowed to hit him in the head with a toy. Alas, both the toy-wielding child and the defendants surely knew better.

In the end, the defendants paid $120,000 to settle the allegations and must implement a comprehensive data security program.
These defendants' actions highlight the need to check yourself when posting online. Before you fire off a response to an online complaint or review, ask someone else to read it first. Better yet, have social media policies and procedures in place to ensure this never happens to your business. 

Copyright © 2020 LLC.  All rights reserved.  This article appeared in Spot Delivery®.  Reprinted with express permission from

*Andrea S. Cottrell is an associate in the Texas office of Hudson Cook, LLP. She can be reached at 682.350.9152 or by email at


There have been no comments made on this article. Why not be the first and add your own comment using the form below.

Leave a comment

Commenting is restricted to members only. Please login now to submit a comment.