Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
Turning up the Heat – A Look at the FTC’s Groundbreaking Fine Against Bankrupt Digital Asset Services Provider Celsius Network LLC - The Crypto Exchange Podcast
CFPB's Section 1071 Final Rule (Part 3): Potential Problem Areas – The Consumer Finance Podcast
Video: Introduction: A Deep Dive into Privacy
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
Insights for this month’s article are provided by ARDA members Gregory Szewczyk, partner at Ballard Spahr Practice Leader of the firm’s Privacy and Data Security Group, and Aaron Tantleff, partner in Foley & Lardner’s...more
On June 25, 2024, the governor of Rhode Island transmitted without signature a comprehensive privacy bill, the Rhode Island Data Transparency and Privacy Protection Act (DTPPA), back to the state legislature, which is still...more
In the absence of a federal privacy bill, nearly 20 states have passed comprehensive privacy laws. On July 1, three of these states — Florida, Oregon, and Texas — have new laws going into effect, with Montana’s effective in...more
On May 24 2024, Senate Bill 4757, a bill for an act relating to commerce containing the Minnesota Consumer Data Privacy Act (the 'Act'), was approved by the Governor of Minnesota. The Act, which becomes effective on July 31...more
For years, the Gramm-Leach-Bliley Act (GLBA) has required financial institutions to maintain reasonable safeguards for consumer data, but has only had limited breach-reporting requirements. To the extent financial...more
The past couple of years have seen a number of states enact comprehensive privacy laws. Thus far, California, Colorado, Connecticut, Utah, and Virginia have enacted state privacy laws. In July, we will see three new privacy...more
On April 4, 2024, Kentucky became the fifteenth state to enact a comprehensive data privacy law, with Governor Andy Beshear signing the Kentucky Consumer Data Protection Act (KCDPA) into law. The Kentucky law will go into...more
As U.S. states continue to pass data privacy legislation, Maryland has gone above and beyond in signing both the Maryland Online Data Privacy Act of 2024 (MODPA) and the Maryland Age Appropriate Design Code (HB 603/SB...more
On March 28, the Federal Trade Commission (FTC) released a Privacy and Data Security Update, highlighting the FTC’s activities in recent years through December 2023. The FTC underscored its work on issues related to...more
New, first-of-their-kind consumer health data privacy laws in Washington and Nevada are designed to provide state-level protections for personal health data not covered by the Health Insurance Portability and Accountability...more
Federal jurisdiction under the Gramm Leach Bliley Act (“GLBA”) is a patchwork, particularly for banks –the Federal Reserve, the Federal Deposit Insurance Corporation, and the Office of the Comptroller of the Currency all...more
On January 16, Gov. Phil Murphy (D) of New Jersey signed Senate Bill No. 332 into law. The New Jersey privacy law generally follows the same framework found in many of the comprehensive privacy laws enacted by other states...more
On May 13, 2024, the FTC’s new rule (the “Rule”) requiring certain financial institutions to report cyber incidents to the Commission will go into effect. The Rule, which is an amendment to the Gramm-Leach-Bliley Act (GLBA)...more
On January 16, 2024, New Jersey Governor Phil Murphy signed Senate Bill (SB) 332, establishing New Jersey’s consumer data privacy law, the New Jersey Data Privacy Act (NJDPA) which will be effective January 15, 2025. This...more
The beneficial ownership information (“BOI”) registry under the Corporate Transparency Act (“CTA”) is now up and running at the Financial Crimes Enforcement Network (“FinCEN”). This post will follow up on a previous blog...more
The expansion of the FTC’s Safeguards Rule will require businesses to notify customers and the FTC of cyber breaches that had previously been excluded from reporting requirements. Previously, only banks had been required to...more
This week, the Financial Crimes Enforcement Network (“FinCEN”) issued the much-anticipated final rule (“Final Rule”) under the Corporate Transparency Act (“CTA”) regarding access to beneficial ownership information (“BOI”)...more
On November 27, 2023, the New York State Department of Financial Services (“DFS”) and First American Title Insurance Company (“First American”) entered into a consent order1 that resolved litigation over First American’s...more
The amended rule requires financial institutions to notify the FTC within 30 days of discovery of a security breach involving information of at least 500 consumers. ...more
On November 1, 2023, New York Department of Financial Services (NYDFS or the “Department”) released the finalized revisions (the “Second Amendment”) to 23 NYCRR Part 500 (Part 500) – the most significant modifications to Part...more
Editor’s Note: The FTC continues to crack down on privacy and cybersecurity, including issuing a new warning to tax preparation companies and entering into a consent decree with 1Health.io. VPPA and BIPA litigation continues...more
On October 27, 2023, the Federal Trade Commission (FTC) unanimously approved an amendment to the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule to require certain covered financial institutions to report a broad range of data...more
On Friday, October 27, the Federal Trade Commission ("FTC") announced new amendments to the Safeguards Rule, requiring covered financial institutions to report certain data breaches to the FTC and reflecting its continuing...more
On October 27, 2023, the FTC approved an amendment to the Safeguards Rule (the “Amendment”) requiring that non-banking financial institutions notify the FTC in the event of a defined “Notification Event” where customer...more
Florida Governor Ron DeSantis recently signed Senate Bill 262 into law, adopting the "Digital Bill of Rights" proposed by his office in February. Florida joins the rapidly increasing group of states, California, Utah,...more