In light of the growth of data breaches in both occurrence and scale, it is more important than ever for consumers to be aware of the protections afforded to them under the law regarding electronic fund transfers and alternative payment services. Additionally, it is important that agencies like the Consumer Financial Protection Bureau (“CFPB”), charged with the protection of unsuspecting and often defenseless consumers, are carefully monitoring these protections to ensure they keep pace with the technological evolution of the payment services they regulate. Alternative payment services, such as PayPal, are conducting an enormous number of payments and providing an extremely beneficial service in the era of e-commerce. This Issue Brief argues that, as currently written, the Electronic Fund Transfer Act, implemented by Regulation E, does not adequately protect consumers using these alternative payment services. Regulation E is insufficiently specific and provides circular language in its key definitions, including those for the terms “financial institution” and “account.” These deficiencies could leave consumers engaged with alternative payment services in the unique position of facing unlimited liability for losses resulting from unauthorized electronic fund transfers from their alternative payment service account. Thus, this Issue Brief argues that in order to ensure that Regulation E is written broadly enough to apply to all the functions of PayPal, the CFPB should clarify its language.
Eric Pacifici, Making PayPal Pay: Regulation E and Its Application to Alternative Payment Services, 13 Duke Law & Technology Review 90-115 (2015)