On August 24, California Attorney General Rob Bonta announced a $1.2 million settlement with Sephora over allegations that the cosmetic retailer had violated the California Consumer Privacy Act (CCPA). This first public...more
On August 11, the CFPB published a circular confirming that covered persons and service providers under the Consumer Financial Protection Act (CFPA) may violate the CFPA’s prohibition against unfair acts or practices when...more
The CFPB recently published a report analyzing how certain actions announced earlier this year by the three largest national consumer reporting agencies—Equifax, Experian, and TransUnion—will affect people who have allegedly...more
On June 27, the Oregon Department of Consumer and Business Services’ (“Department”) Division of Financial Regulation (“Division”) finalized new regulations implementing Senate Bill 485, which requires companies to obtain a...more
On June 18, 2022, Louisiana’s Governor signed into law two new bills that impose new requirements for student loans. Both bills are effective on August 1, 2022....more
In a report released June 21, 2022, the U.S. Government Accountability Office (GAO) urged the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the Department of the...more
Four Democratic members of the California state legislature recently sent a letter to the Federal Deposit Insurance Corporation (FDIC) urging the agency to take action against FDIC-supervised banks that partner with non-bank...more
The Federal Trade Commission (FTC) recently issued a blog post stating that a failure to disclose a data breach may be a violation of Section 5 of the FTC Act. The May 20 blog post, titled Security Beyond Prevention: The...more
The Federal Trade Commission (FTC) recently issued a blog post stating that a failure to disclose a data breach may be a violation of Section 5 of the FTC Act. The May 20 blog post, titled Security Beyond Prevention: The...more
The last few months have seen a flurry of new federal cybersecurity incident reporting requirements and proposals impacting private entities in the financial sector. As the number and frequency of cyber attacks continue to...more
Last week, CFPB Deputy Director Zixta Martinez provided the opening remarks at the CFPB’s Academic Research Council meeting. In her remarks, Martinez emphasized the CFPB’s role as a data-driven agency and welcomed further...more
On February 3, the Illinois Supreme Court unanimously ruled in McDonald v. Symphony Bronzeville Park, LLC, 2022 IL 126511, that the exclusivity provisions of the Illinois Workers’ Compensation Act (WCA) do not preempt...more
On October 27, the Federal Trade Commission (FTC) announced a final rule (Final Rule) and supplemental notice of proposed rulemaking (NPRM) to amend the Safeguards Rule promulgated under the Gramm-Leach-Bliley Act (GLBA),...more
On September 15, 2021, the Federal Trade Commission (“FTC”) issued a policy statement affirming the applicability of its Health Breach Notification Rule (the “Rule”), 16 CFR Part 318, to health apps and connected devices that...more
With a little over a year of enforcing the California Consumer Privacy Act (CCPA) under its belt, the Office of the California Attorney General (OAG) recently held a press conference to announce updates on its CCPA...more
On July 9, 2021, New York City’s biometric identifier information law became effective. The law, which was enacted in January 2021, addresses the collection and use of biometric identifier information (BII) by commercial...more
On June 4, 2021, the European Commission adopted an updated and long-awaited set of standard contractual clauses (SCCs) for the international transfer of personal data. The previous standard contractual clauses were created...more
On May 12, 2021, President Joe Biden issued an Executive Order to implement new policies aimed at strengthening the nation’s cybersecurity. The Executive Order was issued in response to the recent SolarWinds, Microsoft...more
On April 29, 2021, the Federal Trade Commission (FTC) hosted a virtual workshop, entitled “Bringing Dark Patterns to Light,” to examine “dark patterns.” In her opening remarks, Acting FTC Chairwoman Rebecca Kelly Slaughter...more