Patco Construction Company, Inc. v People's United Bank dba Ocean Bank, no pending in state court in Maine, may tell us just whose fault it really is, besides the cyber criminal of course.
Patco was a long time customer of the bank but after losing hundreds of thousands of dollars from online theft and then getting a notice from the bank that they wanted Patco to pay it back, they decided they had enough. Patco sued the bank for the loss. 'bout time, some would say. So would I.
While the claims include negligence, breach of contract, breach of fiduciary duty, and more (what, not bailment?), fundamentally the theory is that the bank failed to live up to its most basic obligation, which is to protect its customers' funds from theft. Patco's case is one to watch. With the increasing rise of cyber theft, sooner or later a client may come to you and ask what they can do about it.
The Patco bank's claims of sophisticated "behind the scenes" security measures and computer programs didn't do much good to stop cyber thieves who dipped not only into Patco's accounts, but did so repeatedly, transferring money to accounts that Patco had never used before, and from internet addresses that Patco had never used before either. The thieves even managed to tap into Patco's line of credit for a hefty $200,000 transfer.
When you think about it, Patco's claims make sense. All banks are quick to point out, on their websites and in their paper brochures, how they have all these computer theft protection measures set up to protect your deposits from theft. Much of it is advertising directed at encouraging consumers to use the internet for electronic transfers and bill paying that are high-profit transactions for the banking industry. After all, there aren't many tellers working inside that big bank computer box. Heck, there's even fewer of them at the walk in windows nowadays.
A century or two ago people put their money under the mattress or buried it in the backyard because that was safe. Now when you put your money in the bank, it's because you think it's safe. Well, not quite as safe as it used to be.
Still, if you give a friend $50 to hold for you, it's only natural to expect that they'll have it on hand to give back to you when you ask for it later. Especially if that "friend" is a big bank that collects millions of dollars from thousands of people and then invests it and charges interest on loans and makes money off your money (which they keep). That's a simple idea that any juror can grasp.
You expect the bank to protect your money and when they don't, it doesn't really matter whether they had one computer program to stop cyber thieves or a hundred of those programs. When the money is gone, it's gone. But it ought to be the bank's fault.
So let's stop calling it identity theft and call it what it is. Bank robbery. That makes a difference because, you see, the bank is insured. Okay, so if the insurance pays off, then the bank's next insurance premium will go up. Sooner or later the bank will decide it needs to fix it so cyber theives can't get into your account. It's either that or facing rising insurance premiums or cover the loss themselves.
So when will that happen? When we all make it happen. Banks don't like losing money and they don't like paying out money either. When it starts costing them money, they'll do something about it. Until then, they will keep tellling you that it's "your" identity theft problem and that it was "your" money that was stolen and not theirs.
How Patco's case comes out will be very interesting. But, one thing is for sure, the rest of us will be watching. And you can bet that the banks will really be watching.
Ron Burdge
Helping consumers and consumer law attorneys since 1978.
