On March 15, 2023, the Securities and Exchange Commission proposed three rules related to cybersecurity and the protection of consumers’ information.
Continue Reading SEC Advances Three New Cybersecurity Rule Proposals
Financial Privacy
SEC Brings Cyber Disclosure Enforcement Action
On March 9, 2023, the U.S. Securities and Exchange Commission announced settled administrative charges against Blackbaud Inc.
Continue Reading SEC Brings Cyber Disclosure Enforcement Action
NCUA Board Approves Cyber Incident Reporting Requirement for Credit Unions
On February 16, 2023, the National Credit Union Administration Board unanimously approved a final rule requiring federally insured credit unions to notify the NCUA as soon as possible, within 72 hours, after the FCIU “reasonably believes” that a reportable cyber incident has occurred.
Continue Reading NCUA Board Approves Cyber Incident Reporting Requirement for Credit Unions
Bill to Amend the Gramm-Leach-Bliley Act Introduced to Congress
On February 24, 2023, Representative Patrick T. McHenry of North Carolina introduced a bill proposing the creation of the Data Privacy Act of 2023. …
Continue Reading Bill to Amend the Gramm-Leach-Bliley Act Introduced to Congress
CIPL Responds to UK Digital Regulation Cooperation Forum (DRCF) Workplan 2023 to 2024 Call for Input
On January 26, 2023, the Centre for Information Policy Leadership at Hunton Andrews Kurth responded to a call for input from the UK’s Digital Regulation Cooperation Forum on its workplan for 2023 – 2024. …
Continue Reading CIPL Responds to UK Digital Regulation Cooperation Forum (DRCF) Workplan 2023 to 2024 Call for Input
CIPL Publishes Discussion Paper on Digital Assets and Privacy
On January 20, 2023, The Centre for Information Policy Leadership at Hunton Andrews Kurth published “Digital Assets and Privacy,” a discussion paper compiling insights from workshops with CIPL member companies that explored the intersection of privacy and digital assets, with a particular focus on blockchain technology. …
Continue Reading CIPL Publishes Discussion Paper on Digital Assets and Privacy
UK Government and the Dubai International Financial Centre Issue Joint Statement on Data Bridge
On December 15, 2022, the UK government and the Dubai International Financial Centre Authority issued a joint statement on the shared commitment to deepening the UK-DIFC data partnership. …
Continue Reading UK Government and the Dubai International Financial Centre Issue Joint Statement on Data Bridge
NYDFS Amends Cybersecurity Rules for Financial Services Companies
On November 9, 2022, the New York Department of Financial Services released their second amendments to their Part 500 Cybersecurity Rules.
Continue Reading NYDFS Amends Cybersecurity Rules for Financial Services Companies
FTC Announces Six-Month Extension for Compliance with Some Changes to Gramm-Leach-Bliley Safeguards Rule
On November 15, 2022, the Federal Trade Commission announced a six-month extension for companies to comply with certain updated requirements of the Gramm-Leach-Bliley Act’s Safeguards Rule, a set of data security provisions covered financial institutions must implement to protect their customers’ personal information.
Continue Reading FTC Announces Six-Month Extension for Compliance with Some Changes to Gramm-Leach-Bliley Safeguards Rule
CFPB Re-Opens Public Comment on Prior Orders Seeking Information on Big Tech Payment Platforms
On October 31, 2022, the Consumer Financial Protection Bureau announced that it will re-open the public comment period on their October 2021 Orders for six large technology companies operating payments platforms to provide information about their business practices.
Continue Reading CFPB Re-Opens Public Comment on Prior Orders Seeking Information on Big Tech Payment Platforms