Cohen v. Sheehy Ford of Springfield, Inc.

27 Va. Cir. 161, 1992 Va. Cir. LEXIS 164

• Court: Fairfax County Circuit Court
• Decided: March 2, 1992
• Docket: Case No. (Law) 108305
• Status: Published

Opinion

By Judge William G. Plummer

Defendant Sheehy Ford of Springfield, Inc. (“Sheehy”) has demurred to Count I, Violation of Fair Credit Reporting Act, and Count II, Negligence and Invasion of Privacy, of Plaintiff Marc Cohen’s Motion for Judgment. Having heard arguments and reviewed memoranda submitted by counsel, the Court overrules Sheehy’s demurrer as to Count I. Further, the Court sustains the demurrer as to Count II and dismisses Count II with prejudice.

In Count I, Cohen alleges a violation of the Fair Credit Reporting Act (“FCRA”), 15 U.S.C. §§ 1681 et seq., by both Sheehy and Defendant Murphy, a former employee of Sheehy. In Count II, he advances a claim for common law invasion of privacy. In support of both counts, Cohen alleges that Murphy or an unknown employee of Sheehy used, or caused a Sheehy employee to use, a Sheehy computer to obtain credit information concerning Cohen from two credit reporting agencies. He contends that the Defendants had no lawful purpose for obtaining the credit information and that the credit reports were obtained for or by Murphy solely for personal reasons.

Sheehy demurs to Count I and argues that it cannot be vicariously liable under the FCRA for the conduct of an employee who acted outside the scope of his employment for personal reasons. Additionally, Sheehy demurs to Count II, insisting that Virginia law does not recognize a common law cause of action for invasion of privacy.

Fair Credit Reporting Act

The FCRA prohibits a user of credit information from obtaining credit reports outside the scope of the user’s legitimate business purposes. The Act provides, in pertinent part:

A consumer reporting agency may furnish a consumer report under the following circumstances and no other: (1) In response to the order of a court having jurisdiction to issue such an order. (2) In accordance with the written instructions of the consumer to whom it relates. (3) To a person which it has reason to believe — (A) intends to use the information in connection with a credit transaction involving the consumer on whom the information is to be furnished and involving the extension of credit to, or review or collection of an account of, the consumer; or (B) intends to use the information for employment purposes; or (C) intends to use the information in connection with the underwriting of insurance involving the consumer; or (D) intends to use the information in connection with a determination of the consumer’s eligibility for a license or other benefit granted by a governmental instrumentality required by law to consider an applicant’s financial responsibility or status; or (E) otherwise has a legitimate business need for the information in connection with a business transaction involving the consumer.

15 U.S.C. § 1681b.

Establishing a standard of care for the procurement of credit information, the FCRA expressly creates a civil cause of action against any user of information who willfully or negligently fails to comply with any requirements under the Act. 15 U.S.C. §§ 1681n, 1681o. A “user” of information includes both the “ultimate destination of a credit report” and one who acquires such information for another. Yohay v. City of Alexandria Employees Credit Union, 827 F.2d 967, 973 (4th Cir. 1987) (quoting Boothe v. TRW Credit Data, 557 F. Supp. 66, 71 (S.D. N.Y. 1982)). The Act provides for actual damages and, in the case of a willful violation, punitive damages, together with costs and reasonable attorney’s fees. See 15 U.S.C. §§ 1681n, 1681o.

The FCRA targets precisely such unauthorized procurement of credit information as alleged in Cohen’s Motion for Judgment. The case at bar is similar to Yohay v. City of Alexandria Employees Credit Union, 827 F.2d 967, 973 (4th Cir. 1987). In Yohay, the Fourth Circuit held a credit union civilly liable for a violation of the FCRA where its employee, an attorney, obtained a credit report on her ex-husband for personal reasons. The attorney had obtained the credit information through other employees at the credit union. The Fourth Circuit emphasized the credit union’s failure to post rules regarding the procurement of credit information and the apparent ability of anyone with physical access to the credit union’s computer to secure credit information for any purpose. Id. at 973.

The Yohay court expressed that anyone using the computer under such conditions enjoyed apparent authority to obtain credit information. Id. The court concluded that the credit union was liable for the actions of its employees in obtaining the reports for the attorney. The court reasoned that where the conduct of a principal confers apparent authority upon an agent, the principal may be liable for the acts of that agent “regardless of whether the principal either benefitted by the acts of the agent or ratified the acts of the agent.” Yohay, 827 F.2d at 972.

Similarly, in the case at bar, one may find that Sheehy cloaked its employees with actual or apparent authority to obtain the credit information in the manner alleged by Cohen. Consequently, one could find Sheehy liable for the acts of its agents. Moreover, the Yohay decision suggests that an employee might incur direct liability for facilitating unrestricted use of its computers with access to credit information. In light of the Yohay decision and generally recognized principles of agency law, this Court is unable to conclude that Cohen’s claim under the FCRA is insufficient as a matter of law.

Accordingly, the Court denies Sheehy’s demurrer to Count I of Cohen’s Motion for Judgment concerning a violation of the Fair Credit Reporting Act.

Invasion of Privacy

The Court declines Cohen’s invitation to establish a general common law cause of action for invasion of privacy where the Supreme Court of Virginia has yet to recognize such a cause of action. Cohen’s reliance on Town of Galax v. Waugh, 143 Va. 213, 129 S.E. 504 (1925), is inapposite. Waugh, an eminent domain case, involved a change in the grade of a public street, which change obstructed two doors to the defendant’s business. The defendant called upon the Court to consider the change in market value of his property due to the obstruction. Among several authorities quoted by the Court, one authority identified an invasion of privacy as one of many factors to consider regarding just compensation in eminent domain cases. Waugh, 143 Va. at 229 (quoting 10 R.C.L. 175 § 152). While the Court acknowledged an invasion of privacy to be a possible element of a property damage claim, the Court did not establish a general cause of action for invasion of privacy.

Plaintiff has expressly acknowledged that the Virginia has not recognized a common law cause of action for invasion of privacy. Absent direction from the Supreme Court of Virginia or from the General Assembly, this Court is simply unwilling to create a general cause of action for invasion of privacy, particularly where existing legislation already addresses the act complained of by the Plaintiff. Accordingly, the Court sustains Sheehy’s demurrer and dismisses with prejudice Count II of the Motion for Judgment.