E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
Throughout 2024, financial sector regulators sharpened their focus on data protection and cybersecurity issues impacting financial institutions and the public. Key federal agencies like the Securities and Exchange Commission...more
For years, the Gramm-Leach-Bliley Act (GLBA) has required financial institutions to maintain reasonable safeguards for consumer data, but has only had limited breach-reporting requirements. To the extent financial...more
Beginning May 11, 2024, non-banking financial institutions regulated by the Federal Trade Commission (FTC) will be required to submit notifications of data breaches or other security events that impact 500+ consumers. The FTC...more
The Federal Trade Commission (FTC or Commission) has amended its Standards for Safeguarding Customer Information, commonly known as the "Safeguards Rule," to require non-bank financial institutions to report certain data...more
On October 27, 2023, the Federal Trade Commission (FTC) further tightened requirements to safeguard customers’ financial information in the hands of financial institutions, with their release of a new amendment (Amendment) to...more
The FTC’s Safeguards Rule compliance deadline is right around the corner – June 9. The Safeguards Rule requires non-banking financial institutions to develop, implement, and maintain a comprehensive security program to keep...more
The compliance deadline for implementation of certain requirements of the Federal Trade Commission’s (FTC) Standards for Safeguarding Customer Information, better known as the “Safeguards Rule,” is June 9, 2023. Here is what...more
The INFORM ACT represents a legislative effort to protect consumers from unknowingly purchasing stolen, counterfeit, or unsafe consumer products from online sellers. With a June 27, 2023 compliance deadline, operators of...more
Think only financial institutions have obligations to safeguard customer data? Think again. The FTC has taken several actions against non-financial institutions for data security practices in the last year. We’ll discuss FTC...more
On August 22, 2022, the Federal Trade Commission (“FTC”) indicated through the Advanced Notice of Proposed Rulemaking its intent to limit commercial surveillance – the common corporate practice of collecting, analyzing, and...more
The FTC recently issued a proposed order that would settle an enforcement action against Drizly, LLC and its co-founder and CEO, James Rellas, arising from data breaches in 2018 and 2020 that affected over 2.5 million...more
On August 24, 2022, California Attorney General (AG) Rob Bonta announced a settlement with beauty products retailer, Sephora USA, Inc. (“Sephora”), resolving claims that Sephora violated the California Consumer Privacy Act...more
Auto dealerships that provide financing are subject to the Gramm Leach Bliley Act (GLBA). That’s the old news. What’s new is that GLBA-covered businesses have until December 9 to implement significant changes to their...more
As of January 10, 2022, the FTC’s amendments to the Safeguards Rule (“Amendments”) went into effect, 16 CFR Part 314; RIN 3084-AB35, Standards for Safeguarding Customer Information. The Amendments apply to financial...more
On October 27, 2021 the FTC issued a final rule (the “Final Rule”) amending 16 CFR Part 134, Standards for Safeguarding Customer Information (“Safeguards Rule”), after a period of notice and comment. While the existing...more
The updated rule also includes new exemptions, expands the definition of “financial institution,” and creates new accountability requirements. On October 27th the Federal Trade Commission (“FTC”) adopted and published...more
The FTC recently announced a final rule updating its GLBA Safeguards Rule to “strengthen the data security safeguards” of consumer financial information. The FTC reported that it was making these changes in response to...more
On October 27, 2021, the Federal Trade Commission (“FTC”) issued a Final Rule amending the Standards for Safeguarding Customer Information (also known as the “Safeguards Rule”), 16 C.F.R. Part 314. The Safeguards Rule sets...more
I'm frequently asked by dealer clients to speculate about whether they have their compliance house in order simply based on what DMS provider, underwriting or scoring system provider, or forms provider they use. "I'm using...more
Life under a rock has its benefits - you probably don't get many houseguests, and you're never sunburned. But there are some drawbacks, too. The main one is that you definitely don't know what's been going on out here in the...more
On January 28, the US Federal Trade Commission (FTC) announced that it had accepted a proposed settlement with office supply distributors Staples and Essendant in connection with Staples’ proposed $482.7 million acquisition...more
Identity Theft in the Digital and Physical Worlds - Common sense is the best defense against identity theft – creating strong passwords for online accounts and monitoring personal credit reports and credit card statements...more
The FTC has approved the first-ever petition to reopen and modify a privacy-related consent order. The petition, filed by Sears Holdings Management Corporation, sought to amend the terms of Sears’ 2009 consent order (the...more
Developing an information security program is good business, and for auto dealers that are considered “financial institutions” under the Gramm-Leach-Bliley Act (GLB) it is the law. As part of the GLB, the Federal Trade...more
The Risks of Overpromising and Underperforming - Demonstrating its authority over all things cybersecurity, the Federal Trade Commission (FTC) announced that it has entered into a proposed consent order with Uber for the...more