So I covered the HUGE certification ruling against Citibank earlier this year. 7 years of wrong number data at issue. A simply enormous class. Probably about a billion dollars at stake, but we don’t know quite yet.
In the meantime Citibank took an appeal to the Ninth Circuit of the order and did not prevail.
Now the Court has ordered the parties to figure out a notice plan. Really interesting Order has been proposed worth discussing.
First, the administrator must demonstrate it has an information security plan sufficient to comply with the data security regulations of the Gramm-Leach Bliley Act. Until it demonstrates such data security Citibank does not need to produce data. I like that a lot and it is a good item for defense lawyers to keep in mind.
Once the administrator demonstrates its infosec chops, Citibank has 30 days to produce : (1) all cellular telephone numbers in Citibank’s Contact Utilities Database to which Citibank attempted to deliver a prerecorded message in connection with a past-due credit card account during the class period that reflect a change of phone indicator code to “B” or “N” between November 2, 2017 and January 28, 2022; and (2) the date(s) of the phone indicator change(s). At the same time, Citibank must notify Plaintiff of the number of unique telephone numbers it provided to KCC and an explanation of its process for gathering the telephone numbers and associated name, address, and account number information.
(I’m assuming that “b” means “bad” [as in “bad number”] and “n” means “no good” or the like so this could be a huge data set.)
Once the data is in the administrator’s hands reverse directory look ups will be performed–those things are terribly inaccurate–and then Citibank has to advise the Plaintiff of any class members who cannot be identified.
Then, presumably, class notice will be mailed to a bunch of people.
Pretty interesting saga so far. I’ll keep an eye on it. The proposed order–which has not yet been accepted by the court–is here: Order on Class Notice