Tag Archives: Gramm Leach Bliley Act

SEC Announces Settlement Order and Publishes Investor Alert

On September 22, 2015, the Securities and Exchange Commission announced a settlement order with an investment adviser for failing to establish cybersecurity policies and procedures, and published an investor alert entitled Identity Theft, Data Breaches, and Your Investment Accounts.… Continue Reading

Data Security Act Introduced in New York State Assembly

On April 8, 2015, a New York Assemblyman introduced the Data Security Act in the New York State Assembly that would require New York businesses to implement and maintain information security safeguards. The Data Security Act also expands the scope of New York’s breach notification law.… Continue Reading

Delaware Enacts New Data Destruction Law

On July 1, 2014, Delaware Governor Jack Markell signed into law a bill that creates new safe destruction requirements for the disposal of business records containing consumer personal information. The law will take effect on January 1, 2015.… Continue Reading

CFPB Proposes New GLB Privacy Notice Rule

On May 6, 2014, the Consumer Financial Protection Bureau announced a new proposed rule that would permit certain financial institutions to post online privacy notices instead of mailing them annually to customers as required under the Gramm-Leach-Bliley Act.… Continue Reading

FTC Finalizes Settlements Relating to P2P Privacy Violations

On October 26, 2012, the Federal Trade Commission finalized its settlement agreements with two businesses that allegedly exposed thousands of customers’ sensitive personal information by allowing peer-to-peer file-sharing software to be installed on their company computer systems.… Continue Reading

Connecticut Amends State Breach Law Amid Introduction of Federal Breach Notification Legislation

On June 15, 2012, Connecticut Governor Dannel Malloy approved amendments to the state’s breach notification law requiring businesses to notify the state Attorney General in the event of a data security breach. One week later, Senator Pat Toomey (R-PA) introduced the Data Security and Breach Notification Act of 2012 in an effort to create a national breach notification standard.… Continue Reading

FTC Announces Settlements Relating to P2P Data Breaches

On June 7, 2012, the Federal Trade Commission announced settlement agreements with two businesses for allegedly compromising the security of consumer personal information by allowing peer-to-peer file-sharing software to be installed on company computers. One of the companies also was charged with violations of the GLB Safeguards Rule and Privacy Rule.… Continue Reading

Speier Introduces Privacy Legislation Package

On February 11, 2011, California Representative Jackie Speier introduced the Do Not Track Me Online Act of 2011, which would direct the FTC to establish standards for a "Do Not Track" mechanism, and the Financial Information Privacy Act of 2011, which would strengthen regulations related to the disclosure of nonpublic personal information. … Continue Reading

Privacy and Data Security Risks in Cloud Computing

Cloud computing raises complex legal issues related to privacy and information security.  As legislators and regulators around the world grapple with the privacy and data security implications of cloud computing, companies seeking to implement cloud-based solutions should closely monitor this rapidly evolving legal landscape for developments.  In an article published on February 3, 2010, Lisa … Continue Reading

Agencies Issue Final Gramm-Leach-Bliley Act Model Privacy Notice

Today, eight federal financial regulatory agencies issued a final Gramm-Leach-Bliley Act (“GLBA”) model privacy notice.  The final model notice incorporates financial institutions’ required disclosures pursuant to Section 503 of the GLBA.  The GLBA requires, in relevant part, that financial institutions provide consumers with information regarding their collection and sharing of nonpublic personal information.  Financial institutions … Continue Reading

Agencies Expected to Publish Final Gramm-Leach-Bliley Act Model Privacy Notice

The federal financial services agencies are expected to shortly announce a proposed-final Gramm-Leach-Bliley Act (“GLBA”) model form privacy notice.  The model notice incorporates financial institutions’ required disclosures pursuant to Section 503 of the GLBA.  Financial institutions that use the form to provide notice to consumers will be deemed in compliance with the privacy notice provisions … Continue Reading

Obama Proposes New Agency to Regulate Consumer Financial Privacy

On June 30, 2009, the Obama Administration sent legislation to Congress that would create a new Consumer Financial Protection Agency ("CFPA").  Working with state regulators, the new agency would assume authority for the privacy provisions of the Gramm-Leach-Bliley Act, and would have the power to write rules and impose penalties pursuant to a variety of … Continue Reading