On February 5, 2015, the Federal Trade Commission sent a letter to the Consumer Financial Protection Bureau (“CFPB”) summarizing the agency’s efforts in the debt collection arena in 2014. The letter is intended to assist the CFPB with preparing its annual report to Congress on the enforcement of the Fair Debt Collection Practices Act, which must be submitted pursuant to the Dodd-Frank Wall Street Reform and Consumer Protection Act. The FTC’s debt collection program involves three initiatives: (1) law enforcement, (2) education and public outreach, and (3) research and policy.

Continue Reading FTC Highlights Debt Collection and Data Protection Issues in Letter to CFPB

On April 10, 2013, the Securities and Exchange Commission (“SEC”) and the Commodity Futures Trading Commission (“CFTC”) jointly adopted rules that require broker-dealers, mutual funds, investment advisers and certain other regulated entities to adopt programs designed to detect “red flags” and prevent identity theft. These rules implement provisions of the Dodd-Frank Wall Street Reform and Consumer Protection Act, that amended the Fair Credit Reporting Act (“FCRA”) to direct the SEC and the CFTC to adopt rules requiring regulated entities to address risks of identity theft. The 2003 amendments to the FCRA required other regulatory authorities to issue identity theft red flags rules, but did not authorize or require the SEC or the CFTC to issue their own rules.

Continue Reading SEC and CFTC Adopt Rules on Red Flags and Identity Theft

Reporting from Washington, D.C., Hunton & Williams partner Frederick Eames writes:

Elections have consequences. What are the consequences of the 2012 election on U.S. federal privacy, data security and breach notice legislation? We outline some key developments in the U.S. House of Representatives and Senate and explain how these developments might affect legislative priorities and prospects for the 113th Congress beginning in 2013.

Continue Reading Election Results: Key Developments for Federal Privacy and Data Security Legislation

Earlier this year, the Consumer Financial Protection Bureau (“CFPB”) published a Bulletin signaling its intent to regulate and exercise enforcement authority over service providers to financial institutions. Pursuant to Title X of the Dodd-Frank Wall Street Reform and Consumer Protection Act and its implementing regulation, Regulation P, the CFPB has authority over certain large banks, credit unions and other consumer financial services companies. The Bulletin notes that the CFPB’s goal is to ensure compliance with “[f]ederal consumer financial law,” which includes the Gramm-Leach-Bliley Act and its implementing regulations, the Privacy Rule and the Safeguards Rule.

Continue Reading CFPB Indicates Intent to Regulate Service Providers to Financial Institutions

On October 27, 2010, the U.S. Commodity Futures Trading Commission (the “CFTC”) issued two notices of proposed rulemaking (“NPRMs”), citing Gramm-Leach-Bliley Act (“GLBA”) privacy rules, and marketing and data disposal rules of the Fair Credit Report Act (“FCRA”).

The proposed rules come in the wake of the Dodd-Frank Wall Street Reform and Consumer Protection Act, which places two new categories of covered entities (i.e., “swap dealers” and “major swap participants”) under the CFTC’s jurisdiction.  Under the proposals, those entities would be subject to certain GLBA privacy rules that regulate the treatment of consumers’ nonpublic personal information, and sections of the FCRA that address affiliate marketing and data disposal.

Continue Reading CTFC Proposes New Rules for Consumer Privacy Protection

As reported in BNA’s Privacy Law Watch on July 29, 2010, three bills were introduced by House Republicans to repeal Section 929I of the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Dodd-Frank Act”).  Section 929I of the Dodd-Frank Act has been a source of controversy because it gives the SEC significant latitude to sidestep FOIA requests by providing that the SEC “shall not be compelled to disclose” certain information it obtains pursuant to the ’34 Act when conducting surveillance, risk assessments or other regulatory and oversight activities.

Continue Reading Three Bills Introduced to Repeal Section 929I of the Dodd-Frank Financial Reform Bill