Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
Turning up the Heat – A Look at the FTC’s Groundbreaking Fine Against Bankrupt Digital Asset Services Provider Celsius Network LLC - The Crypto Exchange Podcast
CFPB's Section 1071 Final Rule (Part 3): Potential Problem Areas – The Consumer Finance Podcast
Video: Introduction: A Deep Dive into Privacy
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
Whether the game is football, baseball, hockey, or Indy Car racing, no team goes into their major championship matchup without training. Companies need to train as well if they intend to operate on the internet and expect to...more
UK-U.S. Data Bridge Approved - The UK has approved an extension to the EU-U.S. Data Privacy Framework (DPF) called the ‘UK-U.S. Data Bridge,’ which facilitates data flows from the UK to the U.S. From October 12, 2023...more
As we noted in our 2023 DSIR, there has been a flurry of activity within the information governance space, at home and abroad. This activity deserves further analysis, because while it seems from a distance that there are...more
Montana and Tennessee on Verge of Joining Other States in Passing Comprehensive Privacy Laws - On April 21, 2023, the state legislatures of Montana and Tennessee passed comprehensive privacy legislation bills. To become...more
Editor’s Note: On February 15, 2023, HaystackID shared an educational webcast to provide valuable insight into the ways in which AI is being used to address key issues in the realm of privacy and cybersecurity. The expert...more
SEC Chair Gensler Indicates Commission is Looking to Update SEC’s Regulation S-P - On September 28, 2022, Securities and Exchange Commission (“SEC” or the “Commission”) Chairman Gary Gensler appeared via video at the...more
On August 6, 2019, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) released ISO/IEC 27701 (ISO 27701), a privacy extension to ISO/IEC 27001 and ISO/IEC 27002...more
There is a growing trend to regulate biometric data and severely punish companies that do not adequately protect this data. Every company that collects or uses biometric data should be careful to ensure compliance with...more
The announcement by Equifax, Inc. that it had been victimized in a hacking incident involving the personal information of 143 million Americans generated headlines this past week. The sheer size of the hack means that most...more
The best way to handle any emergency is to be prepared. When it comes to data breaches, incident response plans are the first step organizations take to prepare....more
Throughout the past several years, data privacy and security practices have evolved into more than just defending against identity theft and protecting sensitive data. In fact, since 2014, to help raise awareness for data...more
Whether you realize it or not, you are probably storing some personal or business data in the cloud. The National Institute of Standards and Technology (NIST) defines cloud computing as a model for enabling ubiquitous,...more
Updates on the EU: German DPA Publishes First Privacy Shield Guidelines, Requires German-Law Contracts for Transfers. On June 7, 2016, the European Commission adopted the EU-U.S. Privacy Shield. One question that many...more
Privacy Shield – An Early Reflection - EU law generally prohibits the transfer of personal data from the European Economic Area to the U.S., unless the transfer is made in accordance with an authorized data transfer...more
Financial Industry Developments - OCC Discusses Marketplace Lending - On September 13, 2016, Comptroller of the Currency Thomas J. Curry discussed marketplace lending's risks and associated policy questions. He...more
I. Legal Exposure to Federal and State Privacy Laws - A. Federal Statutes and Enforcement - 1. Federal Trade Commission Act, 15 U.S.C. §§ 41-58 - The Federal Trade Commission (FTC) has emerged as the leading...more
On October 6, 2015, the European Court of Justice (“ECJ”), the top court of the European Union (“EU”), released its opinion in Maximillian Schrems v. Data Protection Commissioner (C-362/14), invalidating the U.S.-EU Safe...more
Navigating today’s complex legal and regulatory framework surrounding data breaches can be a daunting process for even the most sophisticated organization. In the United States, there is not currently a national uniform data...more
UCITS 5 Political Agreement Reached - On February 25, the European Parliament published a press release announcing that political agreement has been reached with the Council of the EU on the proposed UCITS V Directive....more