BROKER RISK MANAGEMENT
WEEKLY PRACTICE TIP
Real estate agents have a legal obligation to protect confidential and private financial information belonging to their clients. The California Department of Real Estate (“DRE”) has taken a strict position that all such real estate transaction files must be secured and online documents be password protected.
Under California Civil Code § 2079.16, a real estate agent owes fiduciary duties to their client including the duty of confidentiality. This duty includes keeping sensitive personal information confidential, such as:
- Financial information
- Employment details
- Social Security numbers
- Motivation to buy or financial capacity
Note: This duty survives the end of the agency relationship, especially regarding confidential information that could be used to the disadvantage of the client.
In addition, California passed the California Consumer Privacy Act, which applies to any business earning more than $25,000,000 in a year, sets forth specific requirements for the protection of consumers’ confidential and private information.
Finally, the federal Gramm-Leach-Bliley Act (GLBA), which requires safeguarding of non-public personal information, primarily targets financial institutions but may apply to mortgage brokers and some real estate services when they are involved in arranging financing.
Consider the following situations which could be alleged to be a violation of client’s privacy:
- Leaving transaction files on a desk, in a car or garage, or in an open area where anyone can review information in that file.
- Sharing a transaction file with a transaction coordinator outside your office who is not contracted with your office and who does not use appropriate privacy controls.
- Emailing private information, including driver’s license numbers, without any form of security.
- Transmitting documents containing consumers’ Social Security or bank account numbers by email without security or leaving them on an email or computer without appropriate security measures being in place.
Recently, one of our clients was sued when the buyers provided driver’s license information to the agent and transaction coordinator. Subsequently, the buyers’ emails were spoofed, leading to a wire of the buyers’ deposit being sent to a “fraudster.” The buyers lost the deposit and subsequently filed suit claiming that the agent, transaction coordinator, and brokerage did not properly manage the receipt of their driver’s license information.
PRACTICE TIPS:
- If an agent collects any confidential information about a consumer, including a FIRPTA form, that agent needs to ensure the information is properly saved and secured through the broker’s document retention program. The agent should not print out or maintain such documents in hard-copy files unless they are kept under lock and key.
- Transaction coordinators, who are not affiliated or licensed through your brokerage should not be used or given access to a transaction file which contains bank account numbers, Social Security numbers, and driver’s license numbers, or other client confidential personally identifiable information. Please note that in this situation, the California Department of Real Estate would likely consider sanctioning an agent’s license for allowing the dissemination of this information to a third party. For further reference to risks affiliated with transaction coordinators, please see the attached tip, which was previously distributed.
Attachment: 250228 Sellers Confirming Buyer’s Agent’s Entitlement to Compensation
WEEKLY PRACTICE TIP: DO NOT FORWARD TO CLIENTS. This Weekly Practice Tip is an attorney-client privileged communication for the exclusive use of clients of Broker Risk Management and their agents. It may not be reproduced or distributed without the express written consent of Broker Risk Management LLP. The advice and recommendations contained herein are not necessarily indicative of standards of care in the industry but rather are intended to suggest good risk management practice.