Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
Will Resiliency Carry the Digital Asset Sector Through 2024: State-Level Developments — The Crypto Exchange Podcast
Climate Risk, the emerging risk
The NYDFS Updates Its Stringent Cybersecurity Regulations. Is This a Bellwether of Coming Industry Change? - The Consumer Finance Podcast
How the New York Department of Financial Services (DFS) Regulates Virtual Currency, a Close Look with Special Guest Kaitlin Asrow, Executive Deputy Superintendent of Research and Innovation, DFS
Compliance Into The Weeds - DFS Fines Carnival Cruise Lines for Cyber Failures
Compliance into the Weeds: DFS First Cyber Case-First American Title
Videocast: Asset management regulation in 2020 videocast series – Regulators step up pressure to implement LIBOR transition plans
Your Cyber Minute: State influences bring a new dawn of cyber regulations
Your Cyber Minute: Compliance with the Proposed NYDFS Cybersecurity Regulation
Your Cyber Minute: Harriet Pearson and Greg Lisa on the Proposed NYDFS Cyber Security Regulation
Welcome to the “Data Privacy and Cybersecurity” chapter of our annual report, Consumer Financial Services: 2024 Year in Review. Consumer financial services regulators are taking a keen interest in artificial intelligence...more
The New York State Department of Financial Services recently announced that it has entered into a consent order with PayPal, Inc. for violations of the NYDFS Cybersecurity Regulation. The consent order, under which PayPal has...more
On January 23, 2025, PayPal settled an enforcement action brought by the New York State Department of Financial Services (NY DFS) for failing to comply with cybersecurity regulations required for financial services businesses...more
On January 23, 2025, the New York Department of Financial Services (DFS) announced that it reached a $2,000,000 settlement as part of a broader consent order with a peer-to-peer payment platform (“P2P”) about its...more
The New York State Department of Financial Services (NYDFS) and the Attorney General’s office have recently imposed significant fines totalling $11.3 million on Geico and Travelers for data breaches that compromised the...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
This year has seen some substantial new data breach settlements including a $500,000 Federal Trade Commission (FTC) fine against CafePress, a $1.25 million multi-state class action settlement and $5 million New York...more
On June 24, 2022, the New York Department of Financial Services (“DFS”) announced a cybersecurity settlement with Carnival Corporation d/b/a Carnival Cruise Line, Princess Cruise Lines, Holland America Line, Seabourn Cruise...more
We have written here previously about the dramatic increase in cyberattacks on companies of all types since the start of the COVID-19 pandemic. Indeed, by some estimates, ransomware attacks have increased over 90% during the...more
Earlier this month, the New York State Department of Financial Services (NYDFS) announced a settlement and consent order with National Securities Corporation (National Securities) for $3 million in connection with National...more
State Notifications Deemed to Trigger DFS Reporting of Non-material Breaches - Two successive Consent Orders have demonstrated the seriousness of non-compliance with New York’s Department of Financial Services financial...more
The New York Department of Financial Services (NYDFS) has settled alleged violations of the Department’s strict cybersecurity regulations with National Securities Corp. (NSC) for $3 million, over four separate cybersecurity...more
Consistent with its increasing activity in the cybersecurity enforcement space, in March 2021, the NYDFS issued its first penalty under the Cybersecurity Regulation. This client alert explores the settlement and offers...more
The New York Department of Financial Services (NYDFS) has announced its second regulatory enforcement action against a regulated entity (a New York licensed mortgage banker and loan servicer) for violating NYDFS’s...more
The New York State Department of Financial Services (DFS) announced its second enforcement action and first settlement under its cybersecurity regulations (23 NYCRR Part 500). At issue was a licensed mortgage lender's failure...more
New York’s Department of Financial Services (“DFS”) announced on Wednesday, March 3, 2021, that an independent mortgage lender, Residential Mortgage Services Inc. (“RMS”), has agreed to pay a $1.5 million fine to the agency...more
On March 3rd, the New York Department of Financial Services (“NYDFS”) announced a settlement with Residential Mortgage Services, Inc. (“RMS”) to resolve allegations that RMS violated the NYDFS Cybersecurity Regulation...more
On November 25, 2020, a shareholder of First American Financial Corporation (“First American”) filed suit against the company and its officers and directors over a massive data security breach that exposed hundreds of...more
October marks the seventeenth annual National Cybersecurity Awareness month in the United States and provides an opportune moment to take stock of an extraordinary year. The past year has seen a rise in high-profile data...more
Late this summer the New York Department of Financial Services (NYDFS) announced its first enforcement action since the cybersecurity rules went into effect in March 2017. The action was brought against First American Title...more
The New York State Department of Financial Services (“NYDFS”) has announced its first enforcement action of NYDFS’ Cybersecurity Regulation, Part 500 of Title 23 (“Cybersecurity Regulation”) against First American Title...more
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
Following promises of increased enforcement, on July 22, 2020, the New York Department of Financial Services (NYDFS) announced the first cybersecurity enforcement action pursuant to its Cybersecurity Regulation, which...more
After several years of anticipation, the New York State Department of Financial Services (DFS) has filed its first enforcement action under the agency's groundbreaking and first-in-the-nation 2017 cybersecurity regulation...more
New York recently amended its existing data breach notification law to expand the data breach notification obligations of persons and businesses (and state agencies) and impose specific data security requirements on persons...more