E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
A bipartisan group of federal lawmakers just unveiled a sweeping proposal to pass the nation’s first data privacy law and hand a significant amount of power to consumers, one that would bring about a massive change in the way...more
Think only financial institutions have obligations to safeguard customer data? Think again. The FTC has taken several actions against non-financial institutions for data security practices in the last year. We’ll discuss FTC...more
For American companies doing business in Europe and European businesses relying on U.S. vendors and service providers, 2023 may be the year when Europe and the United States finally come together to implement a viable and...more
The FTC recently issued a proposed order that would settle an enforcement action against Drizly, LLC and its co-founder and CEO, James Rellas, arising from data breaches in 2018 and 2020 that affected over 2.5 million...more
Auto dealerships that provide financing are subject to the Gramm Leach Bliley Act (GLBA). That’s the old news. What’s new is that GLBA-covered businesses have until December 9 to implement significant changes to their...more
Since its enactment at the beginning of 2020, the California Consumer Privacy Act (CCPA) has garnered a significant amount of attention. The watershed legislation, which is intended to strengthen privacy rights in the state...more
Personal data (PD) protection is becoming the main topic of the recent days, so the Russian legislation in this sphere changes rapidly. The article represents an overview of updates on personal data regulation for the 3rd...more
Businesses are facing this system hack with ever-increasing frequency: An accounts payable employee receives new or updated payment instructions from a vendor via email. The email appears to be from a familiar counterpart at...more
It should not be surprising to anyone that cybersecurity and data protection remain top priorities for regulators of the financial services industry. Indeed, cybersecurity has been regularly identified as a key priority by...more
Earlier this month, the Securities and Exchange Commission (“SEC”) took a break from its recent focus on digital assets and the Best Interest fiduciary standard to publish a Risk Alert encouraging investment advisers and...more
The Securities and Exchange Commission is warning investment firms to step up their game when it comes to following the agency’s privacy rules. In a Risk Alert issued by the Office of Compliance Inspections and Examinations...more
The SEC has again signaled that now is the time for investment advisers and broker-dealers to get serious about compliance with Reg. S-P. For years, the SEC’s examination priorities have included a focus on cybersecurity...more
I am hardly saying that SEC Regulation S-P is the sexiest of regulations. I mean, has any customer is history actually read one of those exciting statement stuffers that discloses in some dense font a BD’s privacy policy?...more
For the fourth year running, the Securities and Exchange Commission’s Office continues to list cybersecurity as one of the top enforcement priorities for 2019. As it relates to cybersecurity, the SEC will be focusing on...more
On Friday, February 22, the Wall Street Journal ran a story titled “You Give Apps Sensitive Personal Information. Then They Tell Facebook” (subscription required). The report gained further traction over the weekend, and by...more
In a recent case involving hackers that stole "payment card data" from Chipotle, Judge William J. Martinez in the United States District Court for the District of Colorado found on an issue of first impression that payment...more
The Securities and Exchange Commission recently settled with Voya Financial Advisors, Inc. for alleged violation of Regulation S-ID (otherwise known as the Identity Theft Red Flags Rule) and Regulation S-P (otherwise known as...more
Identity Theft in the Digital and Physical Worlds - Common sense is the best defense against identity theft – creating strong passwords for online accounts and monitoring personal credit reports and credit card statements...more
On Thursday, June 28, 2018, the California Consumer Privacy Act of 2018 (the Act) passed with resounding support from both Republicans and Democrats, who voted in favor of the bill 73-0-7 in the Assembly and 38-0-3 in the...more
Anyone working in the healthcare industry knows the saying: “an ounce of prevention is worth a pound of cure.” It’s one of the most common adages used when discussing the benefits of a healthy lifestyle or the importance of...more
In the modern age of relatively cheap and ever-evolving technology, corporate espionage is a real threat that could be perpetrated by any employee or other insider at any time. The term “corporate espionage” covers many...more
A bi-partisan privacy and data security bill, which will significantly impact companies with North Carolina employees, is in the works. North Carolina State Representative Jason Saine (R), Appropriations Chairman of...more