The year 2023 will likely go down in history as a major inflection point in the enactment of comprehensive consumer data privacy laws in the United States. At the beginning of the year, only five states (California, Virginia,...more
State legislatures continue to take privacy matters into their own hands while talks of a federal privacy law linger. Indiana is set to become the seventh state to enact a comprehensive privacy law when Senate Bill No. 5 is...more
Recently, the CFPB released an outline of proposed measures related to the Bureau’s Dodd-Frank Section 1033 rulemaking efforts that would allow consumers to take control of their personal financial data and determine which...more
Colorado has now joined California and Virginia to become the third US state to pass a comprehensive data privacy legislation when Governor Jared Polis signed the Colorado Privacy Act (the “CPA”) into law on July 8, 2021. The...more
The Gramm-Leach-Bliley Act (GLBA) is a federal law that establishes various legal requirements for companies that qualify as “financial institutions” under the Act. The GLBA’s definition of a “financial institution” is...more
While businesses have been focused on meeting the looming January 1, 2020 deadline of the California Consumer Privacy Act ("CCPA"), Nevada just ratchetted up the heat by imposing an earlier October 2, 2019 deadline for...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
The Consumer Financial Protection Bureau (CFPB) has issued its final rule adopting changes to Regulation P, which governs the requirements for financial institutions to issue privacy notices to its customers....more
The CFPB has issued a final rule amending the provisions of Regulation P that implement the Gramm-Leach-Bliley Act (GLBA) annual privacy notice requirement. The final rule is intended to reflect the GLBA amendments made by...more
As most people started to wind down for the July 4th holiday week, California was just ramping up its “as California goes” focus on data privacy. On June 28, 2018, California passed a comprehensive data privacy bill that has...more
Covered businesses will need to update policies and procedures for responding to customer inquiries about collection, use, sale and disclosure of customers’ personal information or face stiff enforcement actions. The...more
On Tuesday, June 27, the Illinois legislature passed HB 3449, the “Geolocation Privacy Protection Act.” If signed by Governor Bruce Rauner (R), the bill would prohibit a “private entity” from collecting, using, storing or...more
Following on the heels of an active 2015, where eight states enacted changes to their data breach notification laws, another five states amended their statutes in 2016, adding complexity to the current “patchwork” system of...more
Earlier this month, the Consumer Financial Services Bureau issued its proposed rule amending the Gramm-Leach-Bliley Act’s annual privacy notice requirement set forth in Regulation P....more
The Gramm-Leach-Bliley Act (GLBA) requires financial institutions to provide customers with initial and annual notices of their privacy policies, including whether they share consumers’ non-public information with third...more