As the popularity of mobile payments grows, it becomes increasingly important to understand the legal framework in which these transactions take place. Consumers need to know their rights and responsibilities. They need to be alert to the financial risks they are exposed to and the legal remedies available when transactions go awry. Financial institutions and other companies that facilitate mobile payments need clear rules describing their obligations, rights, and liability as they develop new mobile payment products and contract with consumers for mobile payment services. Finally, policymakers need to understand the impact of applicable laws and rules on consumers and mobile payment providers so they can evaluate whether they are adequate, and if not, what new provisions are needed.
This report describes and analyzes the legal framework of mobile payments. That framework consists of a wide variety of state and federal statutes, regulations, agency "guidance," and court decisions. Determining which laws apply to mobile payments is complicated by several factors. For example, many federal agencies have regulatory, supervisory, or enforcement authority over various aspects of mobile payments services when offered by financial institutions under their jurisdiction. These include the "prudential regulators," the Office of Comptroller of the Currency, the Federal Reserve, the Federal Deposit Insurance Corp., and the National Credit Union Administration. Companies not within legal definitions of financial institutions, such as PayPal and other nonbanks, are subject to the authority of the Consumer Financial Protection Bureau and the Federal Trade Commission. Telecommunications companies are regulated by the Federal Communications Commission. State agencies, such as bank commissioners and attorneys general, enforce their laws applicable to mobile payments.
A final factor making it difficult to determine which laws apply is the flood of new products and services that the industry offers, as well as the different types of situations in which consumers make mobile payments. For example, most consumers charge their mobile payments for goods and services to credit cards, debit cards linked to a checking account, or prepaid card accounts. Others agree to charges being placed on their wireless carrier’s monthly bills along with the communications charges for using their cellphones. Entirely different laws apply depending on which type of account the consumer uses. Issues that arise vary significantly, from the circumstances under which online contract provisions are enforceable to a company’s liability for data security breaches and privacy invasions.1 Applicable laws range from centuries-old contract law and tort theories to new federal and state statutes. In some instances, no law at all applies.
What emerges is a patchwork of laws that is characterized to a large extent by three features: gaps (situations in which no law applies); ambiguities (where it is not clear whether a law applies); and overlap (where two or more laws apply to the same situation and more than one agency has legal authority over the same type of conduct).