Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
Turning up the Heat – A Look at the FTC’s Groundbreaking Fine Against Bankrupt Digital Asset Services Provider Celsius Network LLC - The Crypto Exchange Podcast
CFPB's Section 1071 Final Rule (Part 3): Potential Problem Areas – The Consumer Finance Podcast
Video: Introduction: A Deep Dive into Privacy
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
In May, Montana enacted Senate Bill 297, which amends the Montana Consumer Data Privacy Act (MCDPA) to eliminate the broad exemption for financial institutions subject to the Gramm-Leach-Bliley Act (GLBA). Connecticut...more
On Thursday, the U.S. House Committee on Financial Services Subcommittee on Financial Institutions held a hearing entitled, “Framework for the Future: Reviewing Data Privacy in Today’s Financial System.” Hearing testimony...more
On November 12, the CFPB released a report examining federal and state consumer financial data privacy protections. The report highlighted how several states have recently enacted new data privacy laws, most of which provided...more
Financial institutions are now required to notify the Federal Trade Commission about any security breach that involves the information of 500 customers or more. The breach must be reported no later than 30 days after it is...more
On October 22, 2024, the Consumer Financial Protection Bureau (CFPB) released its long-awaited final rule implementing Section 1033 of the Consumer Financial Protection Act (CFPA) concerning personal financial data rights....more
This article is the first in a series that will address privacy concerns for insurance carriers, agents and brokers. The insurance industry is uniquely situated at the confluence of multiple data privacy regimes....more
The U.S. Department of the Treasury (“Treasury”) has released a Request for Information on the Uses, Opportunities, and Risks of Artificial Intelligence (“AI”) in the Financial Services Sector (“RFI”). Written comments are...more
On March 1, the House Subcommittee on Innovation, Data, and Commerce, a subcommittee of the House Energy and Commerce Committee, held a hearing entitled “Promoting U.S. Innovation and Individual Liberty through a National...more
The world of cybersecurity and privacy have grown exponentially in recent years, both on the federal and state level. A pandemic-driven shift to remote has increased social media interaction and electronic communication, and...more
On August 11, 2022, the Consumer Financial Protection Bureau (CFPB) published a Circular stating that the failure of financial institutions, including nonbank financial firms such as fintech companies and credit reporting...more
Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements. Throughout 2021, government agencies issued new cybersecurity guidance,...more
On October 27, 2021, the Federal Trade Commission (FTC) released a final rule that updates the Safeguards Rule of the Gramm-Leach-Bliley Act (Final Rule). This Final Rule comes after the FTC sought comment on proposed changes...more
The ways consumers make payments, including the data and technology associated with those payments, is becoming an increased focus of regulators. Financial institutions should carefully and thoroughly consider the recent...more
Purpose and Background of the GLBA - The Gramm-Leach-Bliley Act (“GLBA”), also known as the Financial Services Modernization Act of 1999, is a federal statute enacted by Congress in 1999 that requires financial...more
The Gramm-Leach-Bliley Act (GLBA) is a federal law that establishes various legal requirements for companies that qualify as “financial institutions” under the Act. The GLBA’s definition of a “financial institution” is...more
Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the...more
On February 25th, the Federal Trade Commission (FTC) released its annual Privacy and Data Security Update, which highlights the FTC’s activities during the past year....more
Last week, Democratic Senators Ron Wyden and Sherrod Brown and Congresswoman Anna Eshoo sent a letter to FTC Chairman Joseph J. Simons urging the agency to investigate whether analytics firm Envestnet, Inc. (which operates...more
The rush for California to get all of the “rules of the road” ready for next year has seemed to cause a bit of confusion with California’s privacy law. Draft regulations were published the same day the Governor signed into...more
California’s new privacy statute imposes a number of new requirements on businesses that touch the personal information of California consumers. Its reach includes banks and financial services companies....more
Many readers have reached out to learn about the Capital One data breach and how it affects us. If you haven’t been watching the story unfold as closely as I have, here is a summary of what happened, what information was...more
Less than three months after California passed the California Consumer Privacy Act of 2018 (CCPA), Governor Jerry Brown signed SB 1121 this week, making a number of technical and substantive changes to the law....more
Financial institutions that are grappling with how the European Union’s General Data Protection Regulation (“GDPR”) may impact their U.S. operations should also be keeping a close eye on the California Consumer Privacy Act of...more
Updates on the EU: German DPA Publishes First Privacy Shield Guidelines, Requires German-Law Contracts for Transfers. On June 7, 2016, the European Commission adopted the EU-U.S. Privacy Shield. One question that many...more