On August 29, 2016, the Federal Trade Commission announced that it is seeking public comment regarding the Gramm Leach Bliley Act Safeguards Rule.… Continue Reading
On April 6, 2016, the Federal Trade Commission endorsed the Organization for Economic Cooperation and Development’s updated guidelines on consumer protection in e-commerce. This blog entry provides highlights on the OECD’s new recommendations. … Continue Reading
On February 27, 2016, the Consumer Financial Protection Bureau reached a settlement with Dwolla, Inc., an online payment system company, to resolve claims that the company made false representations regarding its data security practices in violation of the Consumer Financial Protection Act. Among other things, the consent order imposes a 100,000 dollar fine on Dwolla. This marks the first data security-related fine imposed by the CFPB. … Continue Reading
In a recent article published by Corporate Counsel, Hunton & Williams partner Lisa Sotto and associate Ryan Logan discuss the privacy and data security-related legal issues that arise in corporate transactions, and provide a how-to guide on addressing those issues during the various stages of a transaction.… Continue Reading
Recently, the People's Bank of China published Administrative Measures for Online Payment Business of Non-bank Payment Institutions. These measures were enacted to provide further details on the regulation of the online payment business in supplement to earlier measures published on June 14, 2010.… Continue Reading
On December 4, 2015, President Obama signed the Fixing America’s Surface Transportation Act into law, which modifies the annual privacy notice requirement under the Gramm-Leach-Bliley Act.… Continue Reading
In the near future, blockchain technology may become the new architecture of a reinvented global financial services infrastructure. What is it, and what role will cybersecurity play in its development?… Continue Reading
On September 22, 2015, the Securities and Exchange Commission announced a settlement order with an investment adviser for failing to establish cybersecurity policies and procedures, and published an investor alert entitled Identity Theft, Data Breaches, and Your Investment Accounts.… Continue Reading
On July 14, 2015, pursuant to an implementation requirement of Government Regulation 82 of 2012, the Indonesian government published the Draft Regulation of the Minister of Communication and Information (RPM) of the Protection of Personal Data in Electronic Systems. The government provided a 10-day comment period for the proposal.… Continue Reading
On May 5, 2015, the Financial Crimes Enforcement Network of the U.S. Treasury Department, in coordination with the U.S. Attorney’s Office for the Northern District of California, announced a civil monetary penalty of $700,000 against Ripple Labs, Inc. and its subsidiary XRP II, LLC for violations of the Bank Secrecy Act.… Continue Reading
On April 13, 2015, the Federal Trade Commission announced that it has settled charges with two debt brokers who posted consumers' unencrypted personal information on a public website.… Continue Reading
On February 5, 2015, the FTC sent a letter to the Consumer Financial Protection Bureau describing the agency's efforts in the debt collection arena during the previous year, and highlighting that the security of consumer data in the buying and selling of debts was one of the FTC's main focuses.… Continue Reading
On December 18, 2014, the Financial Crimes Enforcement Network issued a 1 million USD civil penalty against the former Chief Compliance Officer of MoneyGram International, Inc. based on allegations that the company inadequately responded to consumer fraud complaints and failed to meet its legal obligations under the Bank Secrecy Act.… Continue Reading
On December 10, 2014, the New York State Department of Financial Services announced that it issued an industry guidance letter to all Department-regulated banking institutions announcing the Department’s plans to expand its information technology examination procedures to increase focus on cybersecurity. … Continue Reading
On November 3, 2014, the Federal Financial Institutions Examination Council released a report that summarizes observations from recent cybersecurity assessments conducted at over 500 community financial institutions as part of the FFIEC cybersecurity examination work program.… Continue Reading
On October 20, 2014, the Consumer Financial Protection Bureau announced that it has finalized a rule that enables financial institutions to publish their financial privacy notices online instead of mailing them to their customers.… Continue Reading
On August 1, 2014, the Federal Trade Commission released a new staff report examining the consumer protection implications of popular mobile device applications that provide shopping and in-store purchase services.… Continue Reading
On May 27, 2014, the Federal Trade Commission announced the release of a new report recommending that Congress consider enacting legislation that would increase transparency in the data broker industry and give consumers more control over how data brokers collect and share their personal information. … Continue Reading
On May 6, 2014, the Consumer Financial Protection Bureau announced a new proposed rule that would permit certain financial institutions to post online privacy notices instead of mailing them annually to customers as required under the Gramm-Leach-Bliley Act.… Continue Reading
On November 15, 2013, the People's Bank of China issued Administrative Measures for Credit Reference Agencies. The measures, which will take effect on December 20, 2013, are intended to enhance the supervision and regulation of credit reference agencies and serve as yet another example of the Chinese government’s increased attention to personal information protection issues.… Continue Reading
On December 2, 2013, the FTC announced that it will host a series of seminars to examine the privacy implications of three new areas of technology used to track, market to and analyze consumers: mobile device tracking, predictive scoring and consumer-generated health data.… Continue Reading
On September 25, 2013, Senator Jay Rockefeller expanded his investigation of the data broker industry by sending letters to twelve popular health and personal finance websites requesting information about their data collection and sharing practices. Responses are due by October 11, 2013.… Continue Reading
The People's Republic of China continues to focus on strengthening the protection of personal financial information with China Banking Regulatory Commission's issuance of new guidance for the banking sector on consumer protection.… Continue Reading
In May 2013, the Federal Trade Commission released a new guide entitled Fighting Identity Theft with the Red Flags Rule: A How-To Guide for Business to help businesses and organizations determine whether they are subject to the FTC’s Red Flags Rule and how to fulfill the Rule’s requirements. The Guide includes information regarding what types of entities must comply with the Red Flags Rule, a set of FAQs and a four-step process to achieve compliance.… Continue Reading
