On November 15, 2022, the Federal Trade Commission announced a six-month extension for companies to comply with certain updated requirements of the Gramm-Leach-Bliley Act’s Safeguards Rule, a set of data security provisions covered financial institutions must implement to protect their customers’ personal information.
Continue Reading FTC Announces Six-Month Extension for Compliance with Some Changes to Gramm-Leach-Bliley Safeguards Rule
Financial Privacy
CFPB Re-Opens Public Comment on Prior Orders Seeking Information on Big Tech Payment Platforms
On October 31, 2022, the Consumer Financial Protection Bureau announced that it will re-open the public comment period on their October 2021 Orders for six large technology companies operating payments platforms to provide information about their business practices.
Continue Reading CFPB Re-Opens Public Comment on Prior Orders Seeking Information on Big Tech Payment Platforms
European Commission Publishes Report on Decentralized Finance
On October 18, 2022, the European Commission published a report, titled Information Frictions and Public Policies: Approaching the Regulation and Supervision of Decentralized Finance. This blog entry provides a summary of the report. …
Continue Reading European Commission Publishes Report on Decentralized Finance
NYDFS Fines EyeMed $4.5 Million for Cybersecurity Violations
On October 18, 2022, the New York State Department of Financial Services announced that EyeMed Vision Care LLC agreed to a $4.5 million settlement for violations of the Cybersecurity Regulation that contributed to the exposure of hundreds of thousands of consumers’ health data in connection with a cybersecurity event in 2020.
Continue Reading NYDFS Fines EyeMed $4.5 Million for Cybersecurity Violations
SEC Fines Morgan Stanley $35 Million for Alleged Failure to Protect Customer Data
On September 20, 2022, the U.S. Securities and Exchange Commission announced that Morgan Stanley Smith Barney agreed to pay a $35 million fine for the firm’s alleged failure to adequately protect the personal information of approximately 15 million customers.
Continue Reading SEC Fines Morgan Stanley $35 Million for Alleged Failure to Protect Customer Data
The SEC Charged Several Individuals and Entities in a Fraudulent Hacking Scheme
On August 16, 2022, the Securities and Exchange Commission charged 18 individuals and entities in relation to their involvement in a fraudulent hacking scheme. …
Continue Reading The SEC Charged Several Individuals and Entities in a Fraudulent Hacking Scheme
New CFPB Interpretive Rule Targets Digital Marketing Providers
On August 10, 2022, the Consumer Financial Protection Bureau issued a new interpretive rule clarifying when digital marketing providers must comply with federal consumer financial protection law. Under the new rule, Big Tech companies that use behavioral advertising techniques to market financial products will be subject to the Consumer Financial Protection Act of 2010. …
Continue Reading New CFPB Interpretive Rule Targets Digital Marketing Providers
Proposed Amendments to NY Financial Services Cybersecurity Regulations Impose New Obligations on Large Entities, Boards of Directors and CISOs
On July 29, 2022, the New York Department of Financial Services posted proposed amendments to its Cybersecurity Requirements for Financial Services Companies. This blog entry provides highlights of the amendments.
Continue Reading Proposed Amendments to NY Financial Services Cybersecurity Regulations Impose New Obligations on Large Entities, Boards of Directors and CISOs
NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches
On June 24, 2022, the New York State Department of Financial Services announced it had entered into a $5 million settlement with Carnival Corp., the world’s largest cruise-ship operator, for violations of the Cybersecurity Regulation in connection with four cybersecurity events between 2019 and 2021, including two ransomware events. …
Continue Reading NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches
President Biden Issues Executive Order on Digital Assets
On March 9, 2022, the Biden Administration released its much-anticipated “Executive Order on Ensuring Responsible Development of Digital Assets”. …
Continue Reading President Biden Issues Executive Order on Digital Assets