E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
Throughout 2024, financial sector regulators sharpened their focus on data protection and cybersecurity issues impacting financial institutions and the public. Key federal agencies like the Securities and Exchange Commission...more
The Federal Trade Commission (FTC or Commission) has amended its Standards for Safeguarding Customer Information, commonly known as the "Safeguards Rule," to require non-bank financial institutions to report certain data...more
On October 27, 2023, the Federal Trade Commission (FTC) further tightened requirements to safeguard customers’ financial information in the hands of financial institutions, with their release of a new amendment (Amendment) to...more
The FTC’s Safeguards Rule compliance deadline is right around the corner – June 9. The Safeguards Rule requires non-banking financial institutions to develop, implement, and maintain a comprehensive security program to keep...more
The compliance deadline for implementation of certain requirements of the Federal Trade Commission’s (FTC) Standards for Safeguarding Customer Information, better known as the “Safeguards Rule,” is June 9, 2023. Here is what...more
Think only financial institutions have obligations to safeguard customer data? Think again. The FTC has taken several actions against non-financial institutions for data security practices in the last year. We’ll discuss FTC...more
Auto dealerships that provide financing are subject to the Gramm Leach Bliley Act (GLBA). That’s the old news. What’s new is that GLBA-covered businesses have until December 9 to implement significant changes to their...more
As of January 10, 2022, the FTC’s amendments to the Safeguards Rule (“Amendments”) went into effect, 16 CFR Part 314; RIN 3084-AB35, Standards for Safeguarding Customer Information. The Amendments apply to financial...more
The updated rule also includes new exemptions, expands the definition of “financial institution,” and creates new accountability requirements. On October 27th the Federal Trade Commission (“FTC”) adopted and published...more
The FTC recently announced a final rule updating its GLBA Safeguards Rule to “strengthen the data security safeguards” of consumer financial information. The FTC reported that it was making these changes in response to...more
Purpose and Background of the GLBA - The Gramm-Leach-Bliley Act (“GLBA”), also known as the Financial Services Modernization Act of 1999, is a federal statute enacted by Congress in 1999 that requires financial...more
I'm frequently asked by dealer clients to speculate about whether they have their compliance house in order simply based on what DMS provider, underwriting or scoring system provider, or forms provider they use. "I'm using...more
Life under a rock has its benefits - you probably don't get many houseguests, and you're never sunburned. But there are some drawbacks, too. The main one is that you definitely don't know what's been going on out here in the...more
• On May 23, 2019, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert describing its observations in past examinations of weaknesses and best practices...more
On May 23, 2019, the United States Securities and Exchange Commission (“SEC”)’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert entitled “Safeguarding Customer Records and Information in Network...more
When it comes to information security, the Safeguards Rule of Regulation S-P (Safeguards Rule) requires SEC-registered investment advisers and brokers and dealers (Registrants) to adopt written policies and procedures that...more
• The SEC released a Risk Alert summarizing key areas in which it continues to see compliance deficiencies related to Regulation S-P, the primary SEC rule regarding privacy notices and safeguard policies of investment...more
On April 16, the SEC's Office of Compliance Inspections and Examinations (OCIE) published a Risk Alert outlining issues related to compliance with Regulation S-P that it identified in its inspections of SEC-registered...more
The Securities and Exchange Commission recently settled with Voya Financial Advisors, Inc. for alleged violation of Regulation S-ID (otherwise known as the Identity Theft Red Flags Rule) and Regulation S-P (otherwise known as...more
Developing an information security program is good business, and for auto dealers that are considered “financial institutions” under the Gramm-Leach-Bliley Act (GLB) it is the law. As part of the GLB, the Federal Trade...more
In this edition of our Privacy & Cybersecurity Update, we examine a district court ruling against Wendy's that continues a shift toward an increase in merchants' data protection responsibilities and the Article 29 Working...more