Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
[Podcast] The FTC Safeguards Rule: A Deep Dive into the Revisions Effective June 9, 2023
On October 27, 2023, the Federal Trade Commission (“FTC”) adopted an amendment to the FTC’s Safeguards Rule that will require non-banking financial institutions to notify the FTC within thirty days of discovering a data...more
In the event of a ransomware attack, there are a host of legal frameworks that could potentially be implicated. Whether those laws apply often depends on the nature of the data that the threat actor accessed and/or acquired....more
The FTC recently announced a final rule updating its GLBA Safeguards Rule to “strengthen the data security safeguards” of consumer financial information. The FTC reported that it was making these changes in response to...more
In this month’s edition of our Privacy & Cybersecurity Update, we examine the FTC’s changes to the Gramm-Leach-Bliley Act’s Safeguards Rule and the CFPB’s order requiring six tech companies to disclose information regarding...more
The U.S. Securities and Exchange Commission (“SEC”) recently identified cyberthreats as an enforcement priority (see 2021 Examination Priorities). Within months of the Commission’s announcement, the Commission brought three...more
There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more
In today’s world, cybersecurity breaches and threats are pervasive concerns for any business entity, without exception. Working from home arrangements due to COVID-19 constraints only magnify the risk and create further...more
SEC Chicago Regional Director David Glockner spoke at a PLI Conference in New York on June 6 regarding the SEC’s data security regulations and enforcement efforts. Mr. Glockner acknowledged frustration with the Division of...more
The SEC charged investment adviser R.T. Jones with willfully violating the Safeguards Rule by failing to adopt written policies and procedures designed to protect customer records and information. The Safeguards Rule requires...more
The Securities and Exchange Commission (“SEC”) recently settled its first cybersecurity-related enforcement action against a Missouri based registered investment adviser, R.T. Jones Capital Equities Management, Inc. (the ...more
Last week, the Securities and Exchange Commission (SEC) settled charges against a registered investment adviser for failing to comply with Rule 30(a) of Regulation S-P (17 C.F.R. § 248.30(a)) (“Safeguards Rule”). The...more