A Look at Recent Federal Trade Commission and Consumer Financial Protection Bureau Initiatives Concerning Privacy and Data Security
2BInformed: Engaging with EPA, OSHA’s New Regulation, and Asbestos
As of January 23, 2025, the regulation discussed below has not been withdrawn by the Trump administration and is not subject to automatic withdrawal under President Trump’s Executive Order freezing regulations. It currently...more
The rule imposes substantial new diligence, reporting, cybersecurity, and auditing obligations on companies. On December 27, 2024, the U.S. Department of Justice (“DOJ”) issued a final rule implementing Executive Order...more
On October 29, 2024, the U.S. Department of Justice (DOJ) published a proposed rule (Proposed Rule) that would restrict or prohibit certain transactions with China, Russia and other countries of concern involving U.S....more
On August 1, 2023, Earthjustice filed a petition under Section 21 of the Toxic Substances Control Act (TSCA) asking the U.S. Environmental Protection Agency (EPA) to establish regulations prohibiting the manufacturing,...more
The Final Rule formalizes a new governmental system to monitor through a notification process and, when necessary, restrict investments in China that may be viewed as a national security risk. The regulations have broad...more
The Department of Justice ("DOJ") is wasting no time in implementing the new cyber-security Executive Order (the EO), signed on February 28, 2024. As explained in our April 2024 blog post, the EO aims to portect Americans’...more
In a post-FTX environment, several financial regulators are taking action to emphasize a policy of sound custody and disclosure practices and to better understand certain risks to protect customers in the event of an...more
The Commodity Futures Trading Commission (the “Commission” or the ”CFTC”), on May 31, 2023 published an Advance Notice of Proposed Rulemaking (“ANPRM”), seeking public comment in connection with potential amendments to the...more
Last week we wrote about the Federal Trade Commission’s (FTC) seventh annual PrivacyCon—discussing overall takeaways from the conference and summarizing key takeaways the Children’s Privacy panel. This post—the last in our...more
The swearing-in of Michael Regan as EPA Administrator means that open questions on policy, agenda-setting, and prioritization for the Agency will soon be answered. Issues that have risen to the top of the new EPA...more
On April 29, 2019, the Office of the Comptroller of the Currency (OCC) issued an Advance Notice of Proposed Rulemaking (ANPR) to solicit comment on whether it should issue a formal proposal to expand the reach of its...more
Last year’s proposed comprehensive framework for cybersecurity rules for large financial institutions is suddenly facing an uncertain future. With the comment period having closed as of February 2017, the framework was facing...more
The Federal Reserve, the OCC and the FDIC extended the comment period on an advance notice of proposed rulemaking on enhanced cyber risk management standards...more
Financial Industry Developments - Federal Reserve Board Announces Finalized Rule Adjusting the Board's Maximum Civil Money Penalties - On January 18, 2017, the Federal Reserve Board announced that it was adjusting...more
On January 13, 2017, the Federal Reserve Board, the Office of the Comptroller of the Currency and the Federal Deposit Insurance Corporation changed, from January 17, 2017 to February 17, 2017, the deadline for comments “for...more
In December 2016, Thomas Curry, the Comptroller of the Currency, stated that cybersecurity was the single greatest systemic threat to our financial system. He was not being hyperbolic. Cybersecurity should be on...more
On October 19, 2016, the three major federal banking regulators announced a joint advance notice of proposed rulemaking (ANPR) for enhanced cyber risk management standards (Enhanced Standards) for large and interconnected...more
To address the increasing risk of technology failures and cyber-attacks affecting the largest banking organizations, an advance notice of proposed rulemaking titled Enhanced Cyber Risk Management Standards (the ANPR) was...more
The fourth quarter of 2016 has seen an uptick in regulatory activity respecting the financial services sector in the cybersecurity space, both at the state level as previously discussed (here) and on the federal level....more
On October 19, 2016, federal regulators issued an Advance Notice of Proposed Rulemaking titled “Enhanced Cyber Risk Management Standards.” The draft standards, jointly released by the Federal Reserve, the Federal Deposit...more
Financial institutions must meet standards for safeguarding customer data given the particularly sensitive information they hold, and regulators have been stepping up their efforts to provide guidance on just how they must do...more
On October 19, US banking agencies released an advanced notice of proposed rulemaking (ANPR) seeking comments on enhanced cybersecurity standards. These standards potentially would apply to ..US bank holding companies...more
Financial Industry Developments - Agencies Issue Advanced Notice of Proposed Rulemaking on Enhanced Cyber Risk Management Standards - On October 19, 2016, the Federal Reserve Board, the Federal Deposit Insurance...more
Editor's Note - Another Cybersecurity Proposal. On the heels of the New York State Department of Financial Services (NYDFS) issuing its proposed regulation that would require banks and insurance companies to institute...more
On Thursday, October 20, the Federal Reserve, the Office of the Comptroller of the Currency, and the Federal Deposit Insurance Corporation jointly issued an advance notice of proposed rulemaking, requesting comments on...more