On December 18, 2020, federal financial regulatory agencies announced a proposed rule that would require “banking organizations” to notify their primary federal regulator within 36 hours following any “computer-security incident” that rises to the level of a “notification incident.” The Proposed Rule also would require service providers to notify at least two individuals at the banking organizations they service immediately after experiencing a computer security incident that materially disrupts, degrades or impairs the services they provide.
Continue Reading Financial Regulators Announce Proposed 36-Hour Notification Requirement for Notification Incidents
Gramm Leach Bliley Act
Consumer Financial Protection Bureau Issues Notice of Proposed Rulemaking Regarding Access to Financial Information
On October 22, 2020, the Consumer Financial Protection Bureau issued a notice of proposed rulemaking to implement Section 1033 of the Dodd-Frank Act regarding consumers’ access to their financial information.
Continue Reading Consumer Financial Protection Bureau Issues Notice of Proposed Rulemaking Regarding Access to Financial Information
FTC Postpones Safeguards Rule Workshop until July
As part of its regulatory review of the Gramm-Leach-Bliley Act Safeguards Rule, the Federal Trade Commission will hold a workshop, Information Security and Financial Institutions: An FTC Workshop to Examine the Safeguards Rule. The workshop, originally scheduled for May, has been postponed until July 13, 2020.
Continue Reading FTC Postpones Safeguards Rule Workshop until July
Washington, D.C. Amends Data Breach Notification Law, Adds Data Security Requirements
On March 26, 2020, Washington D.C. enacted bill number B23-0215, amending D.C.’s data breach notification law.
Continue Reading Washington, D.C. Amends Data Breach Notification Law, Adds Data Security Requirements
New York SHIELD Act Requires Safeguards to Protect Private Information
On March 21, 2020, the data security provisions of New York’s Stop Hacks and Improve Electronic Data Security Act went into effect. The SHIELD Act requires any person or business owning or licensing computerized data that includes the private information of a resident of New York to implement and maintain reasonable safeguards to protect the security, confidentiality and integrity of the private information.
Continue Reading New York SHIELD Act Requires Safeguards to Protect Private Information
Mortgage Broker Settles FTC Privacy Charges That It Improperly Disclosed Consumer Information on Review Site
As reported on our Hunton Retail Law Resource blog, on January 7, 2020, the Federal Trade Commission announced a settlement with Mortgage Solutions FCS, Inc., and its sole principal, Ramon Walker, to resolve allegations that the lender violated the FTC Act, the Fair Credit Reporting Act and the Gramm-Leach-Bliley Act, by improperly disseminating consumers’ personal information on Yelp in response to consumers’ negative reviews posted to that site.
Continue Reading Mortgage Broker Settles FTC Privacy Charges That It Improperly Disclosed Consumer Information on Review Site
New York Amends Breach Notification Law
On July 25, 2019, New York Governor Andrew Cuomo signed into law Senate Bill S5575B, an amendment to New York’s breach notification law. This blog entry provides an overview of the changes.
Continue Reading New York Amends Breach Notification Law
Oregon Extends Data Breach Notification Requirements to Include Third-Party Vendors
On May 24, 2019, Oregon Governor Kate Brown signed into law Senate Bill 684, which extends Oregon’s data breach notification requirements to include third-party vendors. This blog entry provides an overview of the bill.
Continue Reading Oregon Extends Data Breach Notification Requirements to Include Third-Party Vendors
Nevada Law Provides Consumers with Limited Right to Opt Out of Sale
On May 29, 2019, Nevada’s governor approved SB 220, which provides amendments to an existing law that requires operators of websites and online services to post a notice on their website regarding their privacy practices. This blog entry provides a summary of the Amendment Bill.
Continue Reading Nevada Law Provides Consumers with Limited Right to Opt Out of Sale
FTC Proposes Changes to GLB Privacy and Safeguards Rules
On March 5, 2019, the Federal Trade Commission announced that it is seeking comment on proposed changes to the FTC’s Safeguards Rule and Privacy Rule under the Gramm-Leach-Bliley Act.
Continue Reading FTC Proposes Changes to GLB Privacy and Safeguards Rules