January 23, 2022

Volume XII, Number 23

Advertisement
Advertisement

January 21, 2022

Subscribe to Latest Legal News and Analysis

January 20, 2022

Subscribe to Latest Legal News and Analysis
Advertisement

ALERT: New State Privacy Requirements for Mortgages Funded After December 1, 2021

As of yesterday, any new Freddie Mac mortgage funded will need to comply with state Address Confidentiality Program (ACP) requirements. ACPs are state-sponsored programs designed to protect victims of crimes such as domestic abuse, sexual assault, stalking, or human trafficking from further harm. Recently ACPs have been extended to other individuals, such as healthcare workers and public health officials. Although ACPs have been in effect since at least 1991, with Washington state being the first to adopt such a law, they have largely flown under the radar within many privacy compliance programs. However, these lesser known statutes are now gaining recognition in the world of corporate compliance.

By keeping a victim’s home, work, and/or school address confidential, ACPs act as a shield to prevent perpetrators from finding – and continuing to harm – their victims. ACPs operate by providing a “designated address” for victims to use instead of their physical (or actual) address. When used properly, the designated address diverts a victim’s mail to a confidential third-party location (often a P.O. Box and/or a “lot number”), after which a state agency forwards the mail to the victim’s actual address. Additionally – and perhaps most importantly – ACPs prohibit those with knowledge of a victim’s location information from disclosing it to other parties. In this way, ACPs seek to protect the physical location and safety of victims.

While the obligation to accept and use ACP “designated addresses” (and the corollary designation to keep actual addresses confidential) only applies to government entities in many states, there are a handful of states that apply these obligations to private entities as well.

Some private companies, however, have chosen to expand state ACP law protections to all customers who identify as victims, regardless of whether the underlying state law requires these obligations. Likewise, Freddie Mac, opting to broaden the scope of these obligations, released a bulletin on September 1, 2021 requiring all sellers to inform Freddie Mac of a borrower’s substitute ACP mailing address. Additionally, within five business days after the funding date the seller must email Freddie Mac with the following information:

  • Freddie Mac loan number

  • Borrower name

  • Borrower ACP mailing address (including, when applicable, any lot number or required uniquely identifiable number)

Previously, Freddie Mac did not have a process for identifying borrowers participating in an ACP. Freddie Mac stated in its bulletin that the new guidance was in response to questions regarding its process regarding victim borrowers.

Freddie Mac also updated its delivery instructions for ULDD Data Point Borrower Mail To Address Same As Property Indicator (Sort ID 572) to specify that “false” should be selected when the mailing address is not the same as the mortgaged premises and to add a reference to the notification requirement (see guide impacts: Sections 1301.2 and 6302.9).

© 2022 Bradley Arant Boult Cummings LLPNational Law Review, Volume XI, Number 336
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Erin Illman Charlotte Privacy Security Data Technology Attorney Bradley Arant Boult Cummings LLP
Partner

Recognized as a Board Certified Specialist in Privacy and Information Security Law by the State of North Carolina, Erin is an experienced thought leader in privacy, data security, and the integration of technology into business practices. Erin is co-chair of Bradley’s Cybersecurity and Privacy Practice Group and leads the firm’s Fintech team.

Erin is a dynamic problem solver with a strong understanding of U.S. and international private-sector privacy laws and regulations and the legal requirements for the transfer of sensitive personal data to/...

704-338-6026
Leah M. Campbell Attorney Banking Financial Services Bradley Arant Boult Cummings Charlotte
Senior Attorney

Leah Campbell is a senior attorney in the Banking and Financial Services Practice Group. Leah has significant experience representing financial services and insurance company clients in both federal and state courts, as well as before state regulators. She has advised national mortgage servicers on FDCPA claims, loan finance companies on UDAAP claims, and banks on OFAC- related issues. 

In addition, Leah has provided intellectual property guidance in M&A and corporate structuring matters and advised on GDPR implementation and cross-border...

704-338-6102
Rachel M. LaBruyere Litigation Attorney Bradley Arant Boult Cummings Charlotte
Associate

Rachel LaBruyere joined the firm in Fall 2019 as an associate in the Litigation Practice Group.

While in law school, Rachel gained a breadth of litigation experience working for the ACLU of North Carolina, the U.S. Attorney for the Eastern District of North Carolina, and the Equal Employment Opportunity Commission’s trial and appellate practices.

Rachel received her J.D. from the University of North Carolina School of Law, where she was inducted into the James E. and Carolyn B. Davis Society, recognizing third-year law...

704-338-6054
Advertisement
Advertisement
Advertisement