The recent Federal Trade Commission (FTC) amendment adds a new security breach reporting requirement to the Gramm–Leach–Bliley Act (GLBA) Safeguards Rule. The Safeguards Rule is a regulatory framework that mandates financial...more
On May 14, the FTC published a business blog post announcing the Safeguards Rule, an amendment to the GLBA, is in effect as of May 13. The Safeguards Rule applies to financial institutions subject to the FTC’s jurisdiction...more
Orrick Partner Beth McGinn joins RegFi co-hosts Jerry Buckley and Sasha Leonhardt for our second episode focused on the proposed American Privacy Rights Act and its potential impact on the financial services industry. Beth...more
Welcome to Wiley’s update on recent developments and what’s next in consumer protection at the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC). In this newsletter, we analyze recent regulatory...more
Under an amendment to the Safeguards Rule under the Gramm-Leach-Bliley Act (GLBA) announced on October 27, 2023, the Federal Trade Commission (FTC) will require a broad range of nonbank financial institutions to notify the...more
On October 27, 2023, the Federal Trade Commission (FTC) finalized an amendment to the Safeguards Rule that will impose data breach reporting requirements on nonbanking financial entities subject to the Gramm-Leach-Bliley Act...more
Key Point: The Federal Trade Commission (FTC) has amended the Safeguards Rule to require non-banking financial institutions to inform the FTC within 30 days of discovering any unauthorized acquisition of unencrypted customer...more
A reminder to non-bank financial institutions subject to the Gramm-Leach-Bliley Act (GLBA): the deadline to comply with the Federal Trade Commission's (FTC) revised Standards for Safeguarding Customer Information, commonly...more
Keypoint: In the aftermath of the Supreme Court’s Dobbs decision, Washington legislators introduced legislation to enhance privacy protections for consumer health data. In early March, lawmakers in Washington state’s House...more
For years, federal cyber policy has been based on successful public-private partnerships, collaboration, and the promotion of voluntary standards that can be tailored to sector and organization-specific risk and needs....more
On August 11, 2022, the Federal Trade Commission (FTC) issued an Advance Notice of Proposed Rulemaking (ANPR), titled “Trade Regulation Rule on Commercial Surveillance and Data Security”. The wide-ranging ANPR seeks feedback...more
In public comments during the Federal Trade Commission’s (FTC) data privacy rulemaking open forum, a senior U.S. Chamber of Commerce came out against the agency making broad rules on data privacy....more
Now that the pandemic’s “social distancing” is lessening, we hope you are all able to gather with friends and family this Thanksgiving. As we do the same, we wanted to count our blessings as we review the year. This year, we...more
Bank Regulator Outlines Vision for Bank-Like Supervisory Regime for Crypto and Fintech Firms - On November 3, 2021, Acting Comptroller of the Currency Michael J. Hsu discussed clarifying and modernizing the bank...more
Following a 3-2 vote, the Federal Trade Commission (FTC) recently announced amendments to the Safeguards Rule under the Gramm-Leach-Bliley Act. The Safeguards Rule was first promulgated in 2002. The revisions are meant to...more
Until now, companies primarily regulated by the Federal Trade Commission (FTC) were given only vague directives to implement systems sufficient to safeguard customer data, coupled with FTC “recommendations” as to best...more
The Gramm-Leach-Bliley Act (GLBA) is a federal law that establishes various legal requirements for companies that qualify as “financial institutions” under the Act. The GLBA’s definition of a “financial institution” is...more
First we take Sacramento, then we take Berlin: How do US data protection laws affect how you do business. The webinar is aimed at in-house or outside counsel, as well as data protection and compliance officers. In this...more
An oft-used business management concept is to “hire people smarter than you.” The concept also applies to hiring vendors – hire vendors that are better than you (especially when it comes to information security). ...more
The FTC recently settled with Ascension Data & Analytics for failure to oversee service providers. Ascension provides services to mortgage companies within its corporate family of entities. According to the complaint,...more
In today’s world, cybersecurity breaches and threats are pervasive concerns for any business entity, without exception. Working from home arrangements due to COVID-19 constraints only magnify the risk and create further...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Director Discusses Future Development of Cybersecurity Framework - On March 4, the director of the National Institute of Standards and Technology...more
In a major development for nonbank providers of financial products and services, the Federal Trade Commission (FTC) issued a notice of proposed rulemaking that would amend its Safeguards Rule and its Privacy Rule, each...more