The Road to Regulation: Vehicle Service Contracts Explained — Moving the Metal: The Auto Finance Podcast
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
Turning up the Heat – A Look at the FTC’s Groundbreaking Fine Against Bankrupt Digital Asset Services Provider Celsius Network LLC - The Crypto Exchange Podcast
CFPB's Section 1071 Final Rule (Part 3): Potential Problem Areas – The Consumer Finance Podcast
Video: Introduction: A Deep Dive into Privacy
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
It’s no secret that states are focused on implementing consumer privacy laws given the ubiquity of personal data that is gathered, processed, stored and shared for commercial activities, including those involving financial...more
Congress is asking the financial industry – and anyone else with a stake in consumer data – to weigh in on the future of the Gramm-Leach-Bliley Act (GLBA). On July 31, the US House Financial Services Committee leaders issued...more
On July 31, two representatives from the House Committee on Financial Services requested public feedback on the current federal consumer financial data privacy law, the GLBA, and potential legislative proposals to address...more
An increasingly aggressive plaintiffs’ bar has brought purported class action suits based on the nearly ubiquitous use of tracking technologies used for website analytics. Although any actual harm to the plaintiffs is...more
In May, Montana enacted Senate Bill 297, which amends the Montana Consumer Data Privacy Act (MCDPA) to eliminate the broad exemption for financial institutions subject to the Gramm-Leach-Bliley Act (GLBA). Connecticut...more
On June 11, 2025, Connecticut passed Senate Bill 01295 (SB 01295). If signed by the governor, SB 01295 will amend the existing Connecticut Data Privacy Act (CTDPA) in several important ways, with the amendments going into...more
On Thursday, the U.S. House Committee on Financial Services Subcommittee on Financial Institutions held a hearing entitled, “Framework for the Future: Reviewing Data Privacy in Today’s Financial System.” Hearing testimony...more
Know What Laws Apply - Privacy and security laws, particularly in the U.S., have changed dramatically in the last few years. It’s not surprising many leaders are unsure which new laws or updated regulations apply to their...more
The California Privacy Protection Agency board voted on November 8, 2024, to advance a proposed rulemaking package for, among other things, a proposed regulation to clarify the application of the California Consumer Privacy...more
Last week, the New York legislature passed the New York Health Information Privacy Act (S 929) (the “Act”). If signed into law, the Act will add New York to the list of states that have enacted consumer health data-specific...more
The NJ Data Privacy Act takes effect tomorrow. The New Jersey Data Privacy Act is set to take effect tomorrow, January 15. The NJDPA was signed into law by Gov. Phil Murphy (D) on January 16, 2024. The NJDPA is similar to...more
We are moving westward this week from Iowa to Nebraska in our series of articles providing in-depth summaries of state consumer privacy laws taking effect across the nation. Nebraska Governor Jim Pillen (R) signed the...more
On November 12, 2024, the Consumer Financial Protection Bureau (CFPB) released a report examining the carve outs and limitations contained in comprehensive state privacy laws relating to financial institutions. In an...more
Iowa is next up in our series of articles providing in-depth summaries of state consumer privacy laws taking effect across the nation. On March 28, 2023, Iowa Governor Kim Reynolds (R) signed into law Senate File 262...more
On September 4, the California Privacy Protection Agency, the agency responsible for enforcing the California Consumer Privacy Act (CCPA), issued an enforcement advisory on “dark patterns” and their inability to constitute...more
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
On May 24, 2024, Minnesota’s governor signed an omnibus bill, HF4757 which included the new Consumer Data Privacy Act. The state joins Kentucky, Minnesota, Nebraska, New Hampshire, New Jersey, and Rhode Island in passing...more
On April 17, 2024, Nebraska Governor Jim Pillen signed the Nebraska Data Privacy Act (the "Act"), which takes effect on January 1, 2025. The Act maps in large part to the Texas Data Privacy and Security Act. Like Texas, the...more
The past couple of years have seen a number of states enact comprehensive privacy laws. Thus far, California, Colorado, Connecticut, Utah, and Virginia have enacted state privacy laws. In July, we will see three new privacy...more
Kentucky - On April 4, 2024, Kentucky joined the growing number of states to enact data privacy legislation, becoming the third state to do so in 2024 and the fifteenth state overall at the time of enactment....more
On April 4, Kentucky Governor Andy Beshear signed the Kentucky Consumer Data Protection Act (KCDPA) into law, making Kentucky the sixteenth state to enact comprehensive data privacy legislation and the third state to do so in...more
The Georgia Senate voted to pass the Georgia Consumer Privacy Protection Act (SB 473) on Feb. 27th. Although the bill is similar to many other comprehensive state privacy laws, there are some notable distinctions....more
Earlier this month, Governor Chris Sununu of New Hampshire signed SB255, “An Act Relative to the Expectation of Privacy”, into law. The latest comprehensive state privacy law—bringing the total to 14 now—will go into effect...more
On March 6, 2024, New Hampshire Governor Chris Sununu signed Senate Bill 255 into law, making New Hampshire the 14th U.S. state to enact a comprehensive privacy law. The law, which becomes effective on January 1, 2025, is...more