Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Know What Laws Apply - Privacy and security laws, particularly in the U.S., have changed dramatically in the last few years. It’s not surprising many leaders are unsure which new laws or updated regulations apply to their...more
On April 17, 2024, Nebraska’s governor signed Legislative Bill 1074, which establishes a consumer data privacy law for the state. Nebraska’s law takes effect January 1, 2025. To Whom does the law apply? The law applies to...more
Keypoint: While the act does not include many provisions found in the more recent consumer data privacy laws, it would expand privacy notice obligations in one significant way although the applicability and scope of that...more
On April 4, Governor Andy Beshear signed the Kentucky Consumer Data Protection Act (KCDPA), making Kentucky the fifteenth state to enact a comprehensive data privacy law. Set to go into effect on January 1, 2026, the KCDPA...more
Keypoint: The Minnesota bill contains several unique requirements and provisions, including a novel right to question the result of a profiling decision, privacy policy provisions that increase interoperability with existing...more
Orrick Partner Beth McGinn joins RegFi co-hosts Jerry Buckley and Sasha Leonhardt for our second episode focused on the proposed American Privacy Rights Act and its potential impact on the financial services industry. Beth...more
Under an amendment to the Safeguards Rule under the Gramm-Leach-Bliley Act (GLBA) announced on October 27, 2023, the Federal Trade Commission (FTC) will require a broad range of nonbank financial institutions to notify the...more
From long-standing laws to incoming legislation, global nonprofits must understand the requirements and prepare for scrutiny in their handling of personal data. U.S. privacy regulations are currently a complex framework of...more
A reminder to non-bank financial institutions subject to the Gramm-Leach-Bliley Act (GLBA): the deadline to comply with the Federal Trade Commission's (FTC) revised Standards for Safeguarding Customer Information, commonly...more
As artificial intelligence (“AI”) technology continues to advance, more and more people are logging on and experimenting with the technology. ChatGPT, one free and popular AI, is reportedly the fastest-growing consumer...more
For years, federal cyber policy has been based on successful public-private partnerships, collaboration, and the promotion of voluntary standards that can be tailored to sector and organization-specific risk and needs....more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
The financial technology (“Fintech”) industry has boomed over the last decade, from the rise of mobile payment apps, robo-advisers, lending platforms, consumer-friendly brokerages to cryptocurrency trading platforms. By their...more
Keypoint: As it did last year, the Oklahoma House passed a consumer data privacy bill. On March 23, 2022, the Oklahoma House voted 74-15 (with 11 excused) to pass Representative Collin Walke’s HB2969 – the Oklahoma...more
In Connecticut, if you adopt and maintain and comply with written cybersecurity program that contains administrative, technical and physical safeguards for the protection of personal or restricted information and that...more
Introduction - The Connecticut legislature recently enacted a pair of new data breach and cybersecurity statutes — Public Act 21-59 and Public Act 21-119 — on June 16 and July 6, respectively. Both laws will take effect on...more
We are now seeing a potential trend where states are incentivizing companies through the creation of safe harbors to improve their cybersecurity posture, instead of penalizing them after a breach of personal information. Utah...more
Keypoint: New Utah law creates incentive for businesses to develop and implement a written cybersecurity program to protect themselves against data breach lawsuits. On March 11, 2021, Utah governor Spencer Cox signed the...more
Keypoint: Although weakened from its original version, the Oklahoma bill would (if enacted) provide substantial privacy rights to Oklahoma residents and, in some respects, provide more privacy protections than found in the...more
On December 17, 2020, the Office of the Comptroller of the Currency, Treasury (OCC); the Federal Reserve; and the Federal Deposit Insurance Corporation (FDIC) issued a Notice of Proposed Rulemaking that would require...more
New York recently enacted important changes to its data breach notification requirements (Breach Requirements) and created a statutory obligation to maintain reasonable data security (Security Requirements). Under the new...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - NIST Director Discusses Future Development of Cybersecurity Framework - On March 4, the director of the National Institute of Standards and Technology...more
Looking Back - the California Consumer Privacy Act, and How We Got Here - As companies were getting up-to-speed on the effects of the European Union’s General Data Protection Regulation (GDPR) last year, California quickly...more
With one eye on the New York Department of Financial Services (“NYDFS”) cybersecurity rules and the other on two of its own Commissioners who dissented, the Federal Trade Commission (“FTC”) has proposed a sweeping overhaul to...more
The Consumer Financial Protection Bureau (CFPB) has issued its final rule adopting changes to Regulation P, which governs the requirements for financial institutions to issue privacy notices to its customers....more