Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
Turning up the Heat – A Look at the FTC’s Groundbreaking Fine Against Bankrupt Digital Asset Services Provider Celsius Network LLC - The Crypto Exchange Podcast
CFPB's Section 1071 Final Rule (Part 3): Potential Problem Areas – The Consumer Finance Podcast
Video: Introduction: A Deep Dive into Privacy
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
An increasingly aggressive plaintiffs’ bar has brought purported class action suits based on the nearly ubiquitous use of tracking technologies used for website analytics. Although any actual harm to the plaintiffs is...more
In May, Montana enacted Senate Bill 297, which amends the Montana Consumer Data Privacy Act (MCDPA) to eliminate the broad exemption for financial institutions subject to the Gramm-Leach-Bliley Act (GLBA). Connecticut...more
In this episode of Moving the Metal: The Auto Finance Podcast, hosts Brooke Conkle and Chris Capurso are joined by colleagues Kim Phan and Aileen Ng for a deep dive into the Federal Trade Commission's (FTC) Safeguards Rule...more
On June 11, 2025, Connecticut passed Senate Bill 01295 (SB 01295). If signed by the governor, SB 01295 will amend the existing Connecticut Data Privacy Act (CTDPA) in several important ways, with the amendments going into...more
On Thursday, the U.S. House Committee on Financial Services Subcommittee on Financial Institutions held a hearing entitled, “Framework for the Future: Reviewing Data Privacy in Today’s Financial System.” Hearing testimony...more
Banks of all sizes must confront the rapid integration of artificial intelligence within their institutions (and everywhere, for that matter). AI tools are already widely used, often without proper oversight, as employees and...more
It can be daunting for Fintechs, money services businesses (MSBs), and other non-bank entities operating in the consumer financial products and services space to navigate privacy legislation and determine which provisions of...more
On November 12, 2024, the Consumer Financial Protection Bureau (CFPB) released a report examining the carve outs and limitations contained in comprehensive state privacy laws relating to financial institutions. In an...more
On November 12, the CFPB released a report analyzing federal and state-level privacy protections for consumer financial data. The current federal framework for financial data privacy relies on the Gramm-Leach-Bliley Act...more
Financial institutions are now required to notify the Federal Trade Commission about any security breach that involves the information of 500 customers or more. The breach must be reported no later than 30 days after it is...more
The CFPB issued a report on State Consumer Privacy Laws and the Monetization of Consumer Financial Data, which examines existing privacy protections for consumers’ financial data under federal and state laws....more
On November 12, the Consumer Financial Protection Bureau (“CFPB”) published a report called “State Consumer Privacy Laws and the Monetization of Consumer Financial Data” that took an uneven look at how Federal financial...more
This article is the first in a series that will address privacy concerns for insurance carriers, agents and brokers. The insurance industry is uniquely situated at the confluence of multiple data privacy regimes....more
In this episode of The Consumer Finance Podcast, Chris Willis is joined by privacy Partner Kim Phan and Rami Haddad, deputy general counsel at PRA Group. This episode delves into a range of emerging privacy issues impacting...more
In 2021, the U.S. Supreme Court held unanimously in AMG Capital Management, LLC v. Federal Trade Commission that the Federal Trade Commission is not entitled to consumer redress in cases brought under Section 13(b) of the FTC...more
Rhode Island Governor Daniel McKee allowed the Rhode Island Data Transparency and Privacy Protection Act (“RIDTPPA”) to pass on June 25, 2024 when he transmitted the bill back to the legislature without signature, making...more
The U.S. Department of the Treasury (“Treasury”) has released a Request for Information on the Uses, Opportunities, and Risks of Artificial Intelligence (“AI”) in the Financial Services Sector (“RFI”). Written comments are...more
On May 15, the Securities and Exchange Commission adopted amendments to Regulation S-P, which covers broker-dealers, registered investment advisors (RIAs), and investment companies (funds). These entities are now required to...more
El 2/20/23, FinCEN publicó la Guía de Cumplimiento para Pequeñas Entidades para los requisitos de Acceso y Salvaguardas de la información sobre los Beneficiarios Finales. La Guía de BOI Acceso y Salvaguardas (de seis páginas...more
On 2/20/23, FinCEN published the Small Entity Compliance Guide for Beneficial Ownership Information Access and Safeguards Requirements. The (six-pages and four sections) BOI Access & Safeguards Guide provides an overview...more
On May 13, 2024, the FTC’s new rule (the “Rule”) requiring certain financial institutions to report cyber incidents to the Commission will go into effect. The Rule, which is an amendment to the Gramm-Leach-Bliley Act (GLBA)...more
The beneficial ownership information (“BOI”) registry under the Corporate Transparency Act (“CTA”) is now up and running at the Financial Crimes Enforcement Network (“FinCEN”). This post will follow up on a previous blog...more
The Financial Crimes Enforcement Network (FinCEN) issued the Beneficial Ownership Information Access and Safeguards Rule (Access Rule) establishing the framework for access to and protection of beneficial ownership...more
This week, the Financial Crimes Enforcement Network (“FinCEN”) issued the much-anticipated final rule (“Final Rule”) under the Corporate Transparency Act (“CTA”) regarding access to beneficial ownership information (“BOI”)...more
On November 27, 2023, the New York State Department of Financial Services (“DFS”) and First American Title Insurance Company (“First American”) entered into a consent order1 that resolved litigation over First American’s...more