In traditional office environments, collectors benefit from the hum of the floor. They overhear strong talk-offs and tuck those phrases away for future use. They absorb tone, pacing, how to handle objections, and how to close with confidence. It’s casual, constant exposure—and it builds real skill.
Think about Po from Kung Fu Panda. No formal training, no polished technique—just wide eyes, raw enthusiasm, and a front-row seat to the masters. He watches, mimics their stance, their timing, their moves. Clumsy at first, but gradually, he starts to find his rhythm.
On July 8, 2025, Connecticut Attorney General William Tong announced a settlement with TicketNetwork for alleged violations of the Connecticut Data Privacy Act (“CTDPA”). According to the Attorney General’s press release, the Office of the Attorney General (“OAG”) first sent a “cure notice” to TicketNetwork on November 9, 2023. In that notice the OAG alleged that the company’s privacy notice was deficient under the CTDPA and provided the company with an opportunity to cure the alleged violation. In particular, the OAG alleged that the company’s privacy notice was largely unreadable, missing key data rights and contained rights mechanisms that were misconfigured or inoperable.
Today, in the Consumer Financial Protection Bureau’s (CFPB) November 12, 2021 lawsuit against FirstCash, Inc., and nineteen subsidiaries alleging violations of the Military Lending Act (MLA), the parties reached a settlement and jointly filed a stipulated final judgment and proposed order, which if entered by the court, would resolve the lawsuit. The MLA puts in place protections for active duty servicemembers and certain dependents in connection with extensions of consumer credit. These protections include a maximum allowable annual percentage rate of 36%, a prohibition against required arbitration, and certain mandatory loan disclosures.
The compliance landscape is shifting. Recent regulatory changes suggest a retreat from strict federal oversight—especially in digital financial services. For collections teams, this can look like an opening: fewer constraints, faster experimentation.
But deregulation doesn’t erase risk. It redistributes it.
When guardrails recede, accountability doesn’t disappear—it moves inward. And in a landscape where digital outreach is high-volume, multi-channeled, and vendor-dependent, the need for internal infrastructure is more urgent than ever.
The US “comprehensive” law landscape continues to expand, with two more states—Tennessee (July 1) and Minnesota (July 31) —joining the “comprehensive” privacy law club. Five of these -Delaware, Iowa, Nebraska, New Hampshire, and New Jersey- took effect in January. As the patchwork of state-level “comprehensive” privacy laws expands, what should business keep in mind? As outlined below, perhaps the biggest takeaway is that the laws add to a patchwork, one which consists of many overlapping requirements.