Archives: Financial Privacy

Subscribe to Financial Privacy RSS Feed

SEC Announces Settlement Order and Publishes Investor Alert

On September 22, 2015, the Securities and Exchange Commission announced a settlement order with an investment adviser for failing to establish cybersecurity policies and procedures, and published an investor alert entitled Identity Theft, Data Breaches, and Your Investment Accounts.… Continue Reading

Indonesia Publishes Proposed Data Protection Rule

On July 14, 2015, pursuant to an implementation requirement of Government Regulation 82 of 2012, the Indonesian government published the Draft Regulation of the Minister of Communication and Information (RPM) of the Protection of Personal Data in Electronic Systems. The government provided a 10-day comment period for the proposal.… Continue Reading

FinCEN Assesses Penalty Against Former MoneyGram Compliance Officer

On December 18, 2014, the Financial Crimes Enforcement Network issued a 1 million USD civil penalty against the former Chief Compliance Officer of MoneyGram International, Inc. based on allegations that the company inadequately responded to consumer fraud complaints and failed to meet its legal obligations under the Bank Secrecy Act.… Continue Reading

FTC Issues Report on Data Broker Industry, Recommends Legislation

On May 27, 2014, the Federal Trade Commission announced the release of a new report recommending that Congress consider enacting legislation that would increase transparency in the data broker industry and give consumers more control over how data brokers collect and share their personal information. … Continue Reading

CFPB Proposes New GLB Privacy Notice Rule

On May 6, 2014, the Consumer Financial Protection Bureau announced a new proposed rule that would permit certain financial institutions to post online privacy notices instead of mailing them annually to customers as required under the Gramm-Leach-Bliley Act.… Continue Reading

People’s Bank of China Issues Administrative Measures for Credit Reference Agencies

On November 15, 2013, the People's Bank of China issued Administrative Measures for Credit Reference Agencies. The measures, which will take effect on December 20, 2013, are intended to enhance the supervision and regulation of credit reference agencies and serve as yet another example of the Chinese government’s increased attention to personal information protection issues.… Continue Reading

Senate Commerce Committee Broadens Data Broker Investigation

On September 25, 2013, Senator Jay Rockefeller expanded his investigation of the data broker industry by sending letters to twelve popular health and personal finance websites requesting information about their data collection and sharing practices. Responses are due by October 11, 2013.… Continue Reading

FTC Issues a Guide for Businesses and Organizations on the Red Flags Rule

In May 2013, the Federal Trade Commission released a new guide entitled Fighting Identity Theft with the Red Flags Rule: A How-To Guide for Business to help businesses and organizations determine whether they are subject to the FTC’s Red Flags Rule and how to fulfill the Rule’s requirements. The Guide includes information regarding what types of entities must comply with the Red Flags Rule, a set of FAQs and a four-step process to achieve compliance.… Continue Reading

OpUSA: Criminal Hackers Planning Cyber Attacks Against Bank Websites

On May 7, 2013, the hacker group Anonymous announced that it, in concert with Middle East- and North Africa-based criminal hackers and cyber actors, will conduct a coordinated online attack labeled “OpUSA” against banking and government websites today. This blog entry provides information on the impact of these types of attacks on banks and recommendations should an attack occur.… Continue Reading

SEC and CFTC Adopt Rules on Red Flags and Identity Theft

On April 10, 2013, the Securities and Exchange Commission and the Commodity Futures Trading Commission jointly adopted rules that require broker-dealers, mutual funds, investment advisers and certain other regulated entities to adopt programs designed to detect red flags and prevent identity theft.… Continue Reading

U.S. Court Finds National Security Letter Nondisclosure Provisions Unconstitutional

On March 14, 2013, a federal district court in California granted a motion to prohibit the government from issuing National Security Letters pursuant to the statutory provision that prohibits recipients of such letters from disclosing that they received a National Security Letter requesting subscriber information. The court held that the nondisclosure provisions of two federal statutes relating to National Security Letters are unconstitutional because they violate the First Amendment as well as the separation of powers principles.… Continue Reading

Disclosure of Cybersecurity Risks in SEC Filings on the Rise

Perhaps partly in response to the Obama Administration’s Executive Order concerning cybersecurity risks, an increasing number of large financial institutions disclosed cyber attacks and related vulnerabilities in the 2012 annual reports they recently filed with the Securities and Exchange Commission. … Continue Reading