Theft or loss of a credit card: Who has the burden of proof?
THE FACTS
In this case, the plaintiff, who had a credit card issued by MBNA Bank Canada (“MBNA”), claimed that $8,759.76 of purchases on her credit card in Bangladesh were fraudulent transactions made without her authorization and that MBNA could not claim payment from her. MBNA argued in defence that the plaintiff had participated in the fraud.
The plaintiff claimed to be entitled to protection under sections 123 and 124 of the Consumer Protection Act (the “CPA”), which provide that a consumer incurs no liability for a debt resulting from the use of his credit card by a third person after the issuer of the card is notified of its loss or theft. Even where such notice is not given, the liability of a consumer whose credit card is lost or stolen is limited to the sum of $503.
These two provisions do not establish any presumption of loss or theft in favour of the consumer and do not state what burden of proof has to be met to be entitled to protection under them. We must therefore refer to the rules of evidence in the Civil Code of Québec. “A person wishing to assert a right shall prove the facts on which his claim is based”4, according to the balance of probabilities. Evidence is sufficient if it “renders the existence of a fact more probable than its non-existence”5. A consumer must therefore show that the existence of the loss or theft is more probable than its non-existence.
THE DECISION
Justice Tremblay of the Court of Québec wrote that it is up to the holder of a card to prove that the card was lost or stolen and that it is not enough for a person to state that he or she has been the victim of fraud without explaining how the fraud was committed and how the alleged perpetrators were able to obtain certain information about the cardholder6.
Thus, according to the judge, the plaintiff did not meet her burden of proof. He noted the following evidence:
* the fact that, as the plaintiff admitted, her credit card was not stolen or lost7;
* the fact that the purchases relating to the alleged fraud were all made in Bangladesh, where the holder originally comes from8;
* the fact that the users of the card in Bangladesh were aware of personal information about the plaintiff, including her personal identification number, date of birth, her mother’s maiden name and her husband’s name9;
* identical frauds committed contemporaneously in Bangladesh using the cards of the plaintiff’s husband and father10;
* the very low likelihood of the cards of these three consumers being cloned11;
* the cardholders’ conduct after they were informed of the unauthorized transactions12.
The judge added that, given the presence of these serious, specific and consistent elements, it is very unlikely that the plaintiff was the victim of identity theft or card cloning. The plaintiff must therefore pay the balance owed on her card. However, as the balance is $8,759.76 whereas her credit limit is $8,400 and she never asked for the limit to be increased, Justice Tremblay limited the plaintiff’s liability to $8,400, applying section 128 of the CPA13.
ANALYSIS
This is not the first time the courts have had to examine the circumstances surrounding a loss of payment instruments14 or allegations of “unauthorized” payments from a bank account15. As a general rule, courts asked to decide on such issues are very strict in their analysis and assessment of the circumstances surrounding the alleged losses and thefts. The witnesses’ credibility plays an important role and, in many cases, the judgements rendered use presumptions of facts in deciding whether or not to accept the cardholders’ version. Consumers must adduce serious, specific and corroborating evidence to establish fraud16. Banks and card issuers hire specialists in this type of fraud who are very familiar with the practices of people who steal or clone cards and can tell when someone’s story doesn’t ring true. The courts consider them highly credible due to their experience17. In a 2010 decision the court wrote: [Translation] “Fraudsters generally make very costly purchases in a short period of time and do not use the card again a few days later”18. A person’s criminal record is also taken into consideration19.
OUTLOOK FOR THE FUTURE
These decisions are relevant since the legislator intends to make certain changes to the sections of the CPA dealing with them. In Bill 2420 currently being studied, it proposes extending the application of the CPA to debit cards. Section 10 of the Bill provides for the addition of sections 65.1 to 65.4 which, if they are adopted as proposed, would read as follows:
65.1. For the purposes of this division, “debit card” means an electronic payment card or any other electronic payment instrument, validated by a personal identification number or by any other means used to confirm the consumer’s identity, which allows the consumer’s account to be accessed for the purpose of transferring funds.
65.2. Consumers are not liable for losses resulting from the use of their debit card by a third person after the card issuer is given notice, by any means, of the loss, theft or fraudulent use of the card or of any other use of the card not authorized by them.
Even if no such notice is given, consumer liability for the unauthorized use of a debit card is limited to $50.
Any stipulation c ontrary to this section is prohibited.
65.3. Within two days after receiving notice of the loss, theft or fraudulent or unauthorized use of a debit card, the card issuer must reimburse to the consumer any amount debited from the consumer’s account after notice was given.
65.4. Despite section 65.2, the consumer may be held liable for the losses incurred by the card issuer if, after having reimbursed the consumer, the card issuer proves to the satisfaction of the court that the consumer authorized the use of the debit card. (emphasis added)
Under the proposed section 65.5, these provisions could be extended by regulation to products other than debit cards:
65.5. A regulation may be made to determine any other payment instrument to which this division applies.
Thus, in the case of the unauthorized use of a debit card, the burden of proving that the consumer authorized the use of his card will be up to the company that issued the card. This naturally raised concerns in the Parliamentary Commission since there is already a code of conduct that sets out rules governing liability for the unauthorized use of a debit card which are different from the proposed text.
It was argued that these new provisions would significantly reduce consumer liability, thereby increasing that of institutions that issue debit cards. These provisions would reduce the ability of these institutions to protect themselves against the actions of certain consumers who are fully or partially responsible for the unauthorized use of their debit cards21. Also, the question rightly arises as to why the legislator is proposing to reverse the burden of proof for debit cards but not for credit cards22.
In its Brief, the Desjardins Group proposed the following text for the future sections 65.3 and 65.4 of the CPA:
[Translation]
“65.3. Consumers are liable for losses resulting from any form of unauthorized use of their card if such losses result from fraud on their part or if they have not met, intentionally or further to gross negligence, any of the obligations set forth in the agreement relating to the use of the card in order to keep their personal security information confidential.
65.4. Within ten days after receiving notice of the loss, theft or fraudulent or unauthorized use of the card, the card issuer must reimburse the consumer any amount to which the consumer is entitled pursuant to sections 65.2 and 65.3.”23
The following wording of a new section 123.1 of the CPA was proposed with respect to credit cards:
“123.1. Consumers are liable for losses resulting from any form of unauthorized use of their card if such losses result from fraud on their part or if they have not met, intentionally or further to gross negligence, any of the obligations set forth in a contract with a variable credit rate in order to keep their personal security information confidential.”24
The Canadian Bankers Association (“CBA”) also commented on these new provisions before the Parliamentary Commission. It noted that they differ from those set out in the harmonization agreement25. However, the CBA’s comments were submitted subject to the fact that on several of the points raised by the Bill, banks are governed by the Bank Act and federal law rather than the CPA. This issue will soon be decided by the Court of Appeal in Marcotte26, a case involving the application of the CPA to currency conversion fees charged by credit card issuers.
Like the Desjardins Group, the CBA also mentioned that the Canadian Code of Practice for Consumer Debit Card Services is already applied across the country and that experience shows that it is effective and that it ensures that consumers are adequately protected27. The CBA submitted that the two-day period in section 65.2 of the CPA would [Translation] “prevent a financial institution from conducting the appropriate verifications and investigations before it has to reimburse a consumer, including someone who may in fact have authorized the use of his card”28.
The debate is not over. We will keep you informed of any developments as they come up.
Footnotes: 1. - Begum v. MBNA Canada Bank, 2012 QCCQ 2561, March 29, 2012, Christian Tremblay, J. (Court of Québec). 2. - An Act mainly to combat consumer debt overload and modernize consumer credit rules. 3. - “123. In case of loss or theft of a credit card, the consumer incurs no liability for a debt resulting from the use of such card by a third person after the issuer is notified of the loss or theft by telephone, telegraph, written notice or any other means. 124. Even where such notice is not given, the liability of the consumer whose credit card is lost or stolen is limited to the sum of $50.” 4. - Article 2803 of the Civil Code of Québec. 5. - Article 2804 of the Civil Code of Québec. 6. - Paragraph 64 of Tremblay, J.’s decision 7. - Paragraph 37 of the decision. 8. - Paragraph 50 of the decision. 9. - Paragraph 42 of the decision. 10. - Paragraph 45 of the decision. 11. - Paragraph 47 of the decision. 12. - Paragraphs 52 and following of the decision. 13. - 128. Where the merchant has indicated to the consumer the amount up to which variable credit is extended to him, the merchant shall not increase such amount unless the consumer expressly applies therefor. 14. - See, for example, for credit card transactions: El Masri v. Canadian Imperial Bank of Commerce, 2010 QCCQ 8174,August 26, 2010, Marie Michelle Lavigne, J. (Court of Québec); then, concerning the alleged loss of travellers’ cheques: Kattous v. Amex Canada inc., 2006 QCCS 960, February 24, 2006, Claude Tellier, J. (Superior Court). 15. - Louis v. Banque Laurentienne du Canada, 2007 QCCQ 424, January 9, 2007, Louise Comeau, J. (Court of Québec). 16. - El Masri v. Canadian Imperial Bank of Commerce, supra, footnote 14. 17. - See, for example: Louis v. Banque Laurentienne du Canada, supra, footnote 15, where the institution’s evidence was based on the investigation that was conducted. 18. - El Masri v. Canadian Imperial Bank of Commerce, supra, footnote 14, paragraph 43 of the decision. 19. - Kattous v. Amex Canada inc., supra, footnote 14; Louis v. Banque Laurentienne du Canada, supra, footnote 15. 20. - An Act mainly to combat consumer debt overload and modernize consumer credit rules (the “Bill”). 21. - See in particular pages 4 and following of the brief submitted by the Desjardins Group to the Committee on Citizen Relations in November 2011 (the “brief”). 22. - The proposed new wording for section 123 of the CPA did not reverse the burden of proof: “123. The consumer is not liable for debts resulting from the use of a credit card by a third person after the card issuer is notified, by any means, of the loss, theft or fraudulent use of the card or of any other use of the card not authorized by the consumer. Even if no notice was given, consumer liability for the unauthorized use of a credit card is limited to $50. Any stipulation contrary to this section is prohibited.” 23. - See page 6 of the Brief. 24. - See page 18 of the Brief 25. - See page 3 of the document dated October 18, 2011 submitted by the Canadian Bankers Association. 26. - Marcotte v. Fédération des caisses Desjardins du Québec, 2009 QCCS 2743, Gascon, J., in appeal. 27. - See in particular: http://www.cba.ca/en/consumer-information/43-rights-responsibilities/78-voluntary-commitments-and-codes-of-conduct; and http://www.cba.ca/contents/files/misc/vol_20090000_cdncodepracticeconsumerdebitcardservices_en.pdf. 28. - See page 4 of the document dated October 18, 2011 submitted by the Canadian Bankers Association. |
Link to article