Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
Turning up the Heat – A Look at the FTC’s Groundbreaking Fine Against Bankrupt Digital Asset Services Provider Celsius Network LLC - The Crypto Exchange Podcast
CFPB's Section 1071 Final Rule (Part 3): Potential Problem Areas – The Consumer Finance Podcast
Video: Introduction: A Deep Dive into Privacy
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
In March, 2025, the California Privacy Protection Agency announced a consent order with an auto manufacturer alleging multiple violations of the California Consumer Privacy Act and imposing a $632,500 fine for alleged failure...more
Know What Laws Apply - Privacy and security laws, particularly in the U.S., have changed dramatically in the last few years. It’s not surprising many leaders are unsure which new laws or updated regulations apply to their...more
On November 12, 2024, the Consumer Financial Protection Bureau (CFPB) released a report examining the carve outs and limitations contained in comprehensive state privacy laws relating to financial institutions. In an...more
Earlier this month New Jersey became the thirteenth state to pass a comprehensive privacy law aimed at protecting residents’ personal information and starting a new round of comprehensive state privacy laws providing such...more
On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill 322 ("the Act"), making New Jersey the fourteenth state to enact a comprehensive consumer data privacy law, joining California, Virginia,...more
On May 11, 2023, Governor Bill Lee signed the Tennessee Information Protection Act (TIPA) into law. Tennessee now joins the rapidly increasing group of states, California, Utah, Colorado, Connecticut, Virginia, Iowa and...more
The Tennessee Information Protection Act (TIPA) passed unanimously through both houses of the Tennessee legislature and was signed by Governor Bill Lee on May 11, 2023. Tennessee joins seven states in enacting a comprehensive...more
Keypoint: With a private right of action, broad applicability to businesses of all sizes and types, a scope that is broader than its name suggests, and strong consent-based requirements and privacy rights, the Washington My...more
On February 27, 2023, the Chairman of the House Financial Services Committee Patrick McHenry (NC-10) introduced the Data Privacy Act of 2023 (the Bill), which would amend the Gramm-Leach-Bliley Act (GLBA) to “modernize[]...more
With only four months left before most changes to the federal Standards for Safeguarding Customer Information (“Safeguards Rule”) – a component of the Gramm-Leach Bliley Act (“GLBA”) that provides for the protection of...more
On July 7, 2021, Colorado enacted a new privacy law, titled the Colorado Privacy Act (CPA). The CPA is the third state-level omnibus data privacy law, similar in scope to the California Consumer Privacy Act (CCPA) and the...more
On March 2, the Virginia Consumer Data Protection Act (VCDPA) was signed into law, becoming the second comprehensive state privacy law in the United States. The VCDPA reflects core principles from the California Consumer...more
Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the...more
As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages between $100-$750 per incident, even in the absence of any actual...more
On January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) went into effect. The CCPA applies to a wide range of companies and broadly governs the collection, use and sale of personal information of California...more
Given Broad Definitions, the Law Could Apply to Businesses That Do Not Consider Themselves Data Brokers - While amending the California Consumer Privacy Act of 2018 (CCPA) last term, the California legislature also passed...more
With The California Consumer Privacy Act (CCPA) set to take effect on January 1, 2020, many firms that collect personal information will need to carefully consider whether the CCPA applies to them, whether they handle...more
The California Consumer Privacy Act of 2018 (CCPA) will take effect on January 1, 2020, and hedge fund firms may be subject to the CCPA even if they are already compliant with the Gramm-Leach-Bliley Act (GLBA), do not have a...more
The CCPA broadly defines the term “sale” as “disclosing” or “making available” personal information “for monetary or other valuable consideration” from one business to another. The CCPA implies that two (or more) entities are...more