Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
Turning up the Heat – A Look at the FTC’s Groundbreaking Fine Against Bankrupt Digital Asset Services Provider Celsius Network LLC - The Crypto Exchange Podcast
CFPB's Section 1071 Final Rule (Part 3): Potential Problem Areas – The Consumer Finance Podcast
Video: Introduction: A Deep Dive into Privacy
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
An increasingly aggressive plaintiffs’ bar has brought purported class action suits based on the nearly ubiquitous use of tracking technologies used for website analytics. Although any actual harm to the plaintiffs is...more
The California Privacy Protection Agency board voted on November 8, 2024, to advance a proposed rulemaking package for, among other things, a proposed regulation to clarify the application of the California Consumer Privacy...more
Employee security awareness training is a best practice and a “reasonable safeguard” for protecting the privacy and security of an organization’s sensitive data. The list of data privacy and cybersecurity laws mandating...more
Editor’s Note: The FTC continues to crack down on privacy and cybersecurity, including issuing a new warning to tax preparation companies and entering into a consent decree with 1Health.io. VPPA and BIPA litigation continues...more
Automotive dealers and their service providers should take note of an important key difference between the California Consumer Privacy Act (CCPA) and other recent state privacy laws designed to protect consumer information....more
The Health Information Portability and Accountability Act (“HIPAA”) has long been described as the floor for health care privacy laws and that states and regulators are free to enact more restrictive health care privacy laws....more
Editor’s Note: On February 15, 2023, HaystackID shared an educational webcast to provide valuable insight into the ways in which AI is being used to address key issues in the realm of privacy and cybersecurity. The expert...more
INTRODUCTION - As more of our lives and work become digitized, an inherent overlap continues to grow between data privacy and cyber security programs. Think of two similarly sized circles: in the past, data privacy and cyber...more
On Friday, June 3, Representative Frank Pallone (D-NJ), Chairman of the House Energy & Commerce Committee, Representative Cathy McMorris Rodgers (R-WA), the committee’s Ranking Member, and Senator Roger Wicker (R-MS), Ranking...more
After California and Virginia, Colorado recently became the third state to pass a comprehensive consumer data privacy bill. Although this new Colorado Privacy Act (CPA) overlaps with the California and Virginia privacy laws,...more
There are many similarities between the Colorado Privacy Act (ColoPA), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Virginia Consumer Data privacy Act (VCDPA), and Europe’s GDPR,...more
The Virginia Consumer Data Protection Act (CDPA) overwhelmingly passed both legislative chambers this month and is expected to be signed by the Governor in the coming weeks with an effective date of January 1, 2023. Best...more
The Colorado legislature just passed the Colorado Privacy Act (CPA). Once signed by the Governor, Colorado will become just the third state – after California and Virginia – to enact broad consumer data privacy legislation....more
It’s a hot spring for state privacy legislation. Privacy bills are pending in roughly 20 states, and while Gramm-Leach-Bliley Act (GLBA) exemptions may act as a cool breeze in some, issues remain...more
Update: The VCDPA was signed into law by Governor Ralph Northam without amendment on March 2, 2021. The VCDPA will become operative on January 1, 2023, and businesses should remain mindful of pending legislation in states...more
On March 2, 2021, Governor Northam signed the Virginia Consumer Data Protection Act (CDPA or the Act) making it the country’s second comprehensive data privacy legislation following California’s Consumer Protection Act of...more
The California Consumer Protection Act (“CCPA”) is one of the strongest and most comprehensive consumer data privacy laws in the country. It is designed to protect the data privacy rights of citizens living in California, and...more
Managers of private investment funds that collect personal information are required to comply with the landmark California Consumer Privacy Act – with some exemptions. ...more
Florida lawmakers have proposed data privacy legislation that, if adopted, would impose significant new obligations on companies offering a website or online service to Florida residents, including allowing consumers to “opt...more
In this miniseries, John ReVeal will discuss key issues and top of mind concerns for businesses under the California Consumer Privacy Act, which will go into effect January 1, 2020. In the second episode, John ReVeal...more
The rush for California to get all of the “rules of the road” ready for next year has seemed to cause a bit of confusion with California’s privacy law. Draft regulations were published the same day the Governor signed into...more
Effective tomorrow, October 1, 2019, the existing Nevada Privacy of Information Collected on the Internet from Consumers Act will be amended to include a consumer right to opt out from the sale of personal information and to...more
On August 6, 2019, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) released ISO/IEC 27701 (ISO 27701), a privacy extension to ISO/IEC 27001 and ISO/IEC 27002...more
California’s new privacy statute imposes a number of new requirements on businesses that touch the personal information of California consumers. Its reach includes banks and financial services companies....more
Last week, Nevada Governor Steve Sisolak signed new privacy legislation into law in Nevada. Senate Bill 220 (SB-220) updates Nevada Revised State 603A to provide consumers a new right to opt out of the sale of their data....more