The SEC continues its overhaul of cybersecurity, cyber incident reporting, and privacy controls and requirements for industry registrants, their services providers, and corporate America generally.
On March 15, 2023, the SEC...more
4/14/2023
/ Broker-Dealer ,
Compliance ,
Covered Entities ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Disposal Protocols ,
Financial Industry Regulatory Authority (FINRA) ,
Incident Response Plans ,
Mutual Funds ,
Personal Information ,
Policies and Procedures ,
Proposed Rules ,
Registered Investment Advisors ,
Regulation S-P ,
Safeguards Rule ,
Securities and Exchange Commission (SEC) ,
Sensitive Personal Information
On August 20, the People’s Republic of China became the latest global economic powerhouse to pass an omnibus privacy law. Titled the Personal Information Protection Law (“PIPL”), the law was adopted by the Standing Committee...more
9/3/2021
/ China ,
Consent ,
Data Privacy ,
Data Processing Rules ,
Enforcement ,
Extraterritoriality Rules ,
International Data Transfers ,
New Legislation ,
Personal Information ,
Personal Information Protection Law (PIPL) ,
Personally Identifiable Information ,
Privacy Laws ,
Sensitive Personal Information
On July 7, 2021, Colorado Governor Jared Polis signed the Colorado Privacy Act (“CPA”) into law. The CPA will take effect on July 1, 2023 and joins the California Consumer Privacy Act (“CCPA”), the California Privacy Rights...more
7/29/2021
/ Consent ,
Consumer Privacy Rights ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Subjects Rights ,
Enforcement ,
Notice Requirements ,
Opt-Outs ,
Penalties ,
Personal Data ,
Personally Identifiable Information ,
Sensitive Personal Information ,
State Privacy Laws
In early March, the New York State Department of Financial Services (“NYDFS”) announced a consent order that required Maine-based mortgage servicer Residential Mortgage Services, Inc. (“Residential”) to pay a $1.5 million...more
3/23/2021
/ Banking Sector ,
Business E-Mail Compromise (BEC) ,
Consent Order ,
Covered Entities ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Security ,
Failure to Report ,
Financial Institutions ,
Financial Services Industry ,
Mortgage Servicers ,
Non-Public Information ,
NYDFS ,
Personally Identifiable Information ,
Sensitive Personal Information
On March 2, 2021, Virginia enacted the Consumer Data Protection Act (“VCDPA”). The VCDPA will become effective January 1, 2023. The VCDPA shares its roots with the California Consumer Protection Act (“CCPA”) and the recently...more
3/9/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Acts ,
Data Security ,
Data Sellers ,
Data-Sharing ,
Enforcement Actions ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Sensitive Personal Information