Latest Publications

Share:

Uber Settles FTC Dispute Over Consumer Data Privacy and Security Allegations

There are several key takeaways from a 20-year proposed consent order agreed to by Uber Technologies, Inc. (Uber) and the Federal Trade Commission (FTC)...more

FTC Announces Improvements to its Investigation Process

On July 17th, the Federal Trade Commission (FTC) announced reforms to its civil investigative demand (CID) process designed to streamline information requests and improve transparency in FTC investigations.  The process...more

NYDFS Updates FAQs to Clarify Cybersecurity Regulations

The New York Department of Financial Services (NYDFS) recently updated frequently asked questions (FAQs) about its cybersecurity regulations, 23 NYCRR 500, to address four new issues. NYDFS published its initial set of FAQs...more

House Appropriations Bill Seeks CFPB Reforms

Yesterday, the House Appropriations Committee’s Subcommittee on Financial Services and General Government will mark up its draft fiscal year 2018 appropriations bill. The draft bill contains multiple provisions to reform the...more

Ponemon Institute Study on Costs of Data Breaches Highlights Improvement and New Risks for U.S. and Global Companies

The average cost of a data breach, on both an aggregate and a per-record basis, has decreased slightly according to the Ponemon Institute's 2017 Cost of Data Breach Study: Global Overview. In addition to presenting recent...more

DocuSign Breach a Strong Reminder for the Mortgage Industry to Manage Third-Party Service Provider Risks

On May 16, DocuSign confirmed that a data breach resulted in widespread malware phishing attacks targeting its customers. DocuSign provides electronic signature solutions for many companies in the mortgage banking industry...more

White House Issues New Cybersecurity Executive Order

President Trump recently signed the Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. The Order sets forth the Trump Administration's policy for cybersecurity of...more

FTC Privacy and Data Security Enforcement Activity Continues Unabated under the Trump Administration

Last week, the Federal Trade Commission (FTC) Bureau of Consumer Protection’s Acting Director, Thomas Pahl, posted on the FTC’s Business Blog about the FTC’s role as the federal agency with the “broadest jurisdiction” to...more

New Mexico becomes 48th state to enact data breach notification law

New Mexico recently became the 48th state to enact a data breach notification law. This continues the accelerated pace of state data breach legislative activity in the last two years. Since 2015, at least 41 states have...more

CFPB settles with consumer reporting agency for alleged UDAAP/FCRA violations

The CFPB announced that it has entered into a consent order with Experian, a consumer reporting agency, for allegedly engaging in the deceptive marketing of credit scores in violation of the Consumer Financial Protection...more

CFBP Releases Special Edition of its Supervisory Highlights Focusing on Consumer Reporting

The CFPB recently released a “Special Edition” of its Supervisory Highlights that focuses exclusively on data accuracy issues in consumer credit reporting and the handling and resolution of consumer disputes. The report...more

Collection Letter Containing Check Box To Dispute Debt Created Potential FDCPA Claims, Federal Court Rules

A collection letter potentially violated the Fair Debt Collection Practices Act (FDCPA) because a box the plaintiff could check to indicate she disputed the validity of the debt was accompanied by a statement that a reason...more

ABA comments on CFPB’s RFI on consumer access to financial information

The American Bankers Association has submitted a comment letter in response to the CFPB’s request for information regarding consumer access to financial information. The ABA observes that while larger institutions have...more

Letter With Check Box to Dispute Debt Created Potential FDCPA Claims, Court Rules

A collection letter potentially violated the Fair Debt Collection Practices Act (FDCPA) because a box that the plaintiff could check to indicate that she disputed the validity of the debt was accompanied by a statement that a...more

NYDFS Revises Cybersecurity Regulation, Extends Effective Date to March 1, 2017

The New York Department of Financial Services (NYDFS) announced today a revised regulation that will require all institutions subject to NYDFS supervision to establish and maintain a cybersecurity program meeting "certain...more

Envelope’s Display of Barcode With Embedded Account Number Does Not Violate FDCPA, Court Rules

A federal district court in Florida has ruled that a debt collector did not violate the Fair Debt Collection Practices Act (FDCPA) by sending a collection letter in an envelope that allegedly revealed a barcode in which the...more

DC Circuit Hears TCPA Oral Arguments

Oral arguments were recently held before the U.S. Court of Appeals District of Columbia Circuit in a consolidated case, spearheaded by ACA International, challenging the Federal Communications Commission's (FCC) recent order...more

Federal Banking Agencies Propose New Requirements for Managing Cyber Risk

Three federal banking agencies have announced plans to develop new rules that would establish cyber risk management and resiliency standards for large interconnected entities under the agencies' supervision, as well as those...more

CFPB Management Challenges Include Information Security

On September 29th, the Office of the Inspector General (OIG) that oversees the CFPB released a memorandum detailing the major management challenges facing the CFPB.  The memo identified four areas of improvement that, unless...more

CFPB to Compile List of Companies Providing Free Credit Scores

On October 5th, the CFPB published a notice announcing the CFPB Office of Financial Education’s intent to compile a list of companies offering existing customers free access to their credit score.  The CFPB’s stated intent in...more

N.Y. Moves Ahead with Proposed Cybersecurity Regulations for Financial Institutions

The New York Department of Financial Services (NYDFS) will require all institutions subject to NYDFS supervision to establish and maintain a cybersecurity program meeting "certain regulatory minimum standards." All financial...more

FFIEC Provides Concrete Guidance on Setting Up Information Security Programs

The Federal Financial Institutions Examination Council (FFIEC)—the interagency body tasked with setting uniform principals and standards for the examination of financial institutions by federal prudential regulators,...more

CFPB to Participate in FTC Workshop on Consumer Disclosures

On September 15th, the FTC will hold a workshop to examine the testing and evaluation of disclosures that companies make to consumers about advertising claims, privacy practices, and other information. The FTC’s workshop...more

Lessons for Businesses from FTC’s Opinion on LabMD’s Data Security Practices

The Federal Trade Commission (FTC) has issued an Opinion and Final Order finding that the data security practices of LabMD, Inc. were unreasonable, and therefore constituted an unfair act or practice in violation of Section 5...more

International Regulators Issue Cybersecurity Guidance to the Financial Industry

The Bank for International Settlement (BIS) Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) last week issued the first internationally agreed-upon...more

100 Results
/
View per page
Page: of 4

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.