The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity – Part 1 — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Google and Microsoft are spearheading the Coalition for Secure AI, focusing on supply chain security and mitigation strategies. Whether this attempt at self-regulation will ultimately succeed is unknown, as it overlaps with...more
The Digital Operational Resilience Act (DORA) regulation is part of the European Union’s (EU) strategy to enhance the overall stability of the EU financial system by ensuring that financial entities are resilient to digital...more
The financial services and banking industry landscape continues to evolve in the face of new and emerging technologies. This phenomenon is especially prevalent in the sharing of consumer data between financial institutions...more
In the highly competitive payments space, where safety and efficiency tools are table stakes, financial institutions are increasingly employing artificial intelligence (AI) solutions....more
The Final Rules keep rolling in, but with a twist. Each of the two Final Rules released in March were accompanied by Supplemental Notices of Proposed Rulemaking. In both cases, the Supplemental Rulemakings, if adopted, would...more
On March 11, the Governor of Indiana signed SB 220 (the “Act”) which will add cyber incident notification guidelines for financial institutions. The Act defined the term "corporation" as the following entities organized in...more
Coyote, a new Brazilian malware, is currently hunting down credentials for sixty-one (61) different banking applications. Researchers expect the malware to spread internationally. Russian cybersecurity firm Kaspersky has...more
The 24th National Forum on Prepaid Accounts Compliance will address the latest developments impacting the prepaid industry and provide answers to the most pressing questions and challenges being faced by practitioners in this...more
On December 12, 2023, the Department of Justice (“DOJ”) issued guidance related to the process by which companies may request the United States Attorney General authorize delays of cyber incident disclosures, pursuant to a...more
On Sept. 21, 2023, the Consumer Financial Protection Bureau (CFPB) officially announced it is considering a rulemaking to address several consumer reporting topics under the Fair Credit Reporting Act (FCRA). Under the process...more
Welcome to the latest edition of Updata – the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
On October 27, the FTC approved an amendment to the Safeguards Rule to require nonbanks to report data breaches. Under the amended rule, financial institutions, including mortgage brokers, motor vehicle dealers, and payday...more
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
The federal banking agencies have jointly issued a final rule that will modify how examiners assess compliance with the Community Reinvestment Act (CRA). Among other changes to the CRA regulations announced on October 24, the...more
The Massachusetts State Police Commonwealth Fusion Center (CFC) believes that cyber actors may use the current bank failures for future phishing and business email compromise (BEC) attacks. Cyber actors often use current...more
The financial services sector must already contend with a maze of regulations in a variety of areas, and 2023 is poised to usher in new cybersecurity regulations for the industry. Organizations should ensure their security...more
Please join Consumer Financial Services Partner Chris Willis and his colleagues Ron Raether and Kim Phan, partners in our Privacy + Cyber Practice Group, as they discuss recent privacy and data security updates in the...more
Headlines - ..New FDIC Guidance Highlights Risks from Multiple NSF Fees for Re-presented Items ..Fed Provides Advice to Banks Engaging in Crypto-Asset-Related Activities ..Federal Banking Agencies Propose Policy...more
In This Issue: ..The Consumer Financial Protection Bureau (CFPB) published a Consumer Financial Protection Circular 2022-04 (Circular) in relation to safeguarding consumer data under the Consumer Financial Protection Act...more
Continuing a trend it has been pursuing, the CFPB on Thursday used a non-rulemaking circular (Consumer Financial Protection Circular 2022-04) to state that its UDAAP authority extends its enforcement authority to situations...more
Broadly, there are two sets of rules governing obtaining authorizations to debit consumers’ bank accounts. One is Regulation E (12 C.F.R. Part 210). The other are the Operating Rules & Guidelines (the “Nacha Rules”),...more
Given the omnipresent concern about cyber attacks targeting the banking industry, the FDIC, OCC and Federal Reserve recently published a new joint final rule establishing enhanced security incident notification requirements...more
Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements. Throughout 2021, government agencies issued new cybersecurity guidance,...more
As the federal government continues its whole-of-government response to cyber incidents, federal banking regulators took action to impose a new notice requirement on federally regulated banks. In November, the Federal Deposit...more
Data Aggregators Launch Open Finance Data Security Standard - A group of data aggregator fintechs and security and compliance companies recently released a new data security standard for the open finance industry – the...more