NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more
2/13/2024
/ Artificial Intelligence ,
Biometric Information ,
Biometric Information Privacy Act ,
Consumer Financial Products ,
Consumer Fraud ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
NIST ,
Personal Information ,
Personally Identifiable Information ,
Popular ,
Putative Class Actions
In recent regulatory and enforcement developments, the California Privacy Protection Agency (CPPA) proposed a regulatory framework for automated decision-making technology (ADMT) and revisions to the California Consumer...more
2/7/2024
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
COPPA ,
Cyber Attacks ,
Data Breach ,
Data Brokers ,
Data Protection ,
FCC ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
Personal Data ,
Popular ,
Reporting Requirements ,
Robocalling ,
Social Media ,
State Attorneys General ,
Vulnerability Assessments ,
Website Owner Liability
Join hosts Dave Gettings, Kim Phan, and Chris Willis in this special crossover episode of FCRA Focus and The Consumer Finance Podcast in the first installment of our Year in Review and a Look Ahead series. They are joined by...more
Join hosts Dave Gettings, Kim Phan, and Chris Willis in this special crossover episode of FCRA Focus and The Consumer Finance Podcast in the first installment of our Year in Review and a Look Ahead series. They are joined by...more
Troutman Pepper’s 2023 Privacy Year in Review is a comprehensive analysis of the year’s key developments in privacy, security, and artificial intelligence and offers practical advice for companies navigating the bewildering...more
We are pleased to share our annual review of regulatory and legal developments in the consumer financial services industry. With active federal and state legislatures, consumer financial services providers faced a challenging...more
2/1/2024
/ Automotive Loans ,
Banks ,
Class Action ,
Consumer Bankruptcy ,
Consumer Financial Products ,
Debt Collection ,
Digital Assets ,
Fair Lending ,
Financial Services Industry ,
FinTech ,
Mortgages ,
Student Loans ,
Tribal Loans ,
Uniform Commercial Code (UCC)
On January 16, New Jersey Governor Phil Murphy signed S332 (the act), making New Jersey the first state in 2024 to enact a comprehensive privacy law. Several other states are currently considering similar comprehensive...more
1/26/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Information Technology ,
New Jersey ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Reform ,
State Data Privacy Laws
In this episode of The Consumer Finance Podcast, host, Chris Willis, is joined by Partners Kim Phan and Lori Sommerfield, to discuss recent developments related to website accessibility under the Americans with Disabilities...more
Following several years of investigating the common practices in the space, the Federal Trade Commission (FTC) reached its first settlement with a data broker over the alleged collection and sale of location information that...more
1/18/2024
/ Consumer Financial Protection Bureau (CFPB) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Brokers ,
Data Collection ,
Data Sellers ,
Data Selling ,
Fair Credit Reporting Act (FCRA) ,
Federal Trade Commission (FTC) ,
Geolocation ,
Location Data ,
Personal Data ,
Request For Information ,
Settlement
On December 8, the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC) (collectively, the agencies) filed an amici curiae brief urging the U.S. Court of Appeals for the Fourth Circuit to reverse a...more
In this episode of The Consumer Finance Podcast, Chris Willis is joined by Kim Phan, a partner in our firm’s Privacy + Cyber practice, to discuss the Securities and Exchange Commission’s new cyber risk management and incident...more
On December 13, New York Governor Kathy Hochul signed into law S4907A, which prohibits hospitals, medical providers, or ambulance services from providing negative information about medical debt to consumer reporting agencies...more
12/15/2023
/ Consumer Financial Protection Bureau (CFPB) ,
Consumer Reporting Agencies ,
Consumer Reports ,
Creditors ,
Fair Credit Reporting Act (FCRA) ,
FDCPA ,
Healthcare ,
Medical Debt ,
New Legislation ,
New York ,
Regulatory Reform ,
Rulemaking Process ,
State and Local Government
In this special crossover episode with Regulatory Oversight podcast, Ashley Taylor is joined by Kim Phan and Kristen Eastman to discuss the Consumer Financial Protection Bureau's (CFPB) 1033 proposed rule, also known as the...more
In the latest episode of Regulatory Oversight, Ashley Taylor is joined by his colleagues Kim Phan and Kristen Eastman to discuss the Consumer Financial Protection Bureau's (CFPB) 1033 proposed rule, also known as the Personal...more
Please join us for a special cross-over episode of FCRA Focus and The Consumer Finance Podcast, where Troutman Pepper Partners Chris Willis, Dave Gettings, Kim Phan, and Ron Raether look at the latest developments in the...more
In a case of first impression, the U.S. Court of Appeals for the Ninth Circuit was tasked with determining whether the alleged extracting and retaining of consumer data and tracking of customers using an online payment...more
12/6/2023
/ California ,
Credit Cards ,
Due Process ,
E-Commerce ,
Financial Services Industry ,
Online Platforms ,
Payment Systems ,
Personal Jurisdiction ,
Personally Identifiable Information ,
Putative Class Actions ,
Supreme Court of Appeal ,
Web Tracking ,
Websites
Editor’s Note: The FTC continues to crack down on privacy and cybersecurity, including issuing a new warning to tax preparation companies and entering into a consent decree with 1Health.io. VPPA and BIPA litigation continues...more
11/28/2023
/ Artificial Intelligence ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consent Order ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Final Rules ,
Financial Institutions ,
Gramm-Leach-Blilely Act ,
Motion to Dismiss ,
NIST ,
Personal Information ,
Popular ,
Privacy Policy ,
Putative Class Actions ,
Safeguards Rule ,
State Attorneys General
Join Troutman Pepper Partner Chris Willis as he discusses the New York Department of Financial Services’ (NYDFS) latest updates to its cybersecurity regulations with Troutman Pepper Privacy + Cyber Partner Kim Phan. With data...more
On November 1, New York Governor Kathy Hochul announced that the state’s Department of Financial Services (NY DFS) has amended its Cybersecurity Regulations to “enhance cyber governance, mitigate risks, and protect New York...more
11/6/2023
/ Chief Information Security Officer (CISO) ,
Cryptocurrency ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Financial Services Industry ,
New York ,
NYDFS ,
Regulatory Reform ,
Risk Assessment ,
State and Local Government
On October 30, President Biden issued a sweeping Executive Order calling on Congress to enact privacy laws and directing federal agencies to review existing rules and potentially explore new rulemakings governing the use of...more
11/2/2023
/ Algorithms ,
Artificial Intelligence ,
Bias ,
Biden Administration ,
Consumer Financial Protection Bureau (CFPB) ,
Cybersecurity ,
Data Protection ,
Department of Justice (DOJ) ,
Discrimination ,
Executive Orders ,
Financial Services Industry ,
Machine Learning ,
Popular ,
Risk Assessment ,
Rulemaking Process
On October 27, the Federal Trade Commission (FTC) announced a final rule amending the Standards for Safeguarding Customer Information (Safeguards Rule) under the Gramm-Leach-Bliley Act. The Safeguards Rule requires nonbanking...more
On October 19, the Consumer Financial Protection Bureau (CFPB) issued its highly anticipated notice of proposed rulemaking under Section 1033 of the Consumer Financial Protection Act of 2010 (CFPA). The proposed Personal...more
10/26/2023
/ Comment Period ,
Consumer Financial Products ,
Consumer Financial Protection Act (CFPA) ,
Consumer Financial Protection Bureau (CFPB) ,
Data Privacy ,
Financial Institutions ,
Financial Regulatory Reform ,
Financial Services Industry ,
Notice of Proposed Rulemaking (NOPR) ,
Open Banking ,
Personal Data ,
Proposed Rules ,
Regulation E ,
Regulation Z
As discussed here, on September 21 the Consumer Financial Protection Bureau (CFPB) released an outline of its plans for rulemaking under the Fair Credit Reporting Act (FCRA). The outline was supplied for initial comment to a...more
Please join Troutman Pepper Partners Kim Phan and Stefanie Jackman for a special podcast episode showcasing our firm's state and federal legislative and regulatory tracking products. These powerful tools were designed to...more
The Consumer Financial Protection Bureau (CFPB) has started the process of issuing rules on several topics affecting the entire ecosystem that collects, sells, and uses data about consumers, according to an Outline of the...more
9/22/2023
/ Consumer Financial Products ,
Consumer Financial Protection Bureau (CFPB) ,
Consumer Reporting Agencies ,
Data Brokers ,
Data Privacy ,
Fair Credit Reporting Act (FCRA) ,
Financial Services Industry ,
Proposed Rules ,
Regulatory Agenda ,
Rulemaking Process ,
SBREFA