Back to School: 3 Essential Employee Trainings
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
Safeguard your Business: Dinsmore's Craig Horbus on Combatting the Rising Threat of ACH Fraud
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
It's Time to Think About Data Mapping Differently
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
In 2024, the landscape of state attorneys general (AGs) is poised for significant change, with numerous elections and regulatory actions reshaping priorities and enforcement strategies. This dynamic environment reflects the...more
Editor’s Note: In recent regulatory and enforcement developments, the White House announced a new executive order aimed at strengthening cybersecurity at U.S. ports, and another executive order was issued to protect sensitive...more
Selected U.S. Privacy and Cyber Updates - NYDFS Releases Circular Letter on Use of AI in Insurance Underwriting and Pricing - On January 17, 2024, the New York State Department of Financial Services (NYDFS) issued a proposed...more
President Biden’s recent Executive Order on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence: Establishes a federal government-wide effort to mitigate risks of improper AI development and use. ...more
On October 17, 2023, the Consumer Financial Protection Bureau (CFPB) published a long-awaited notice of proposed rulemaking for its Proposed Financial Data Rights Rule, implementing Section 1033 of the Dodd-Frank Act....more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) issued an advance notice of proposed rulemaking (ANPR) with respect to a new consumer financial data portability rule mandated by Section 1033 of the...more
The fourth quarter of 2023 has seen significant proposed rulemaking from regulators. Just over a week after the Federal Trade Commission issued its Notice of Proposed Rulemaking on its “junk fees” rule, the Consumer Financial...more
On Thursday, October 19, 2023, the Consumer Financial Protection Bureau (“CFPB”) released a proposed rule addressing “personal data financial rights”, as we reported last week that they would be doing later in October. The...more
On October 19, the Consumer Financial Protection Bureau (CFPB) issued its highly anticipated notice of proposed rulemaking under Section 1033 of the Consumer Financial Protection Act of 2010 (CFPA). The proposed Personal...more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) announced its long-awaited proposed rule regulating “Personal Financial Data Rights” (the proposed rule). The proposed rule implements Section 1033 of the...more
On Oct. 19, 2023, the Consumer Financial Protection Bureau (CFPB) released a Notice of Proposed Rulemaking (NPRM) on Personal Financial Data Rights, which would change the way financial institutions hold and distribute...more
On August 15, 2023, the Consumer Financial Protection Bureau ("CFPB") announced it was launching a rulemaking aimed at subjecting any company or entity that collects and sells consumer data to the Fair Credit Reporting Act...more
On July 18, the Oregon governor signed SB 619 (the Act) to establish a framework for controlling and processing consumer personal data in the state. Oregon follows California, Colorado, Connecticut, Virginia, Utah, Iowa,...more
Editor’s Note: Texas, Oregon, and Delaware became the latest states to pass a comprehensive privacy bill, while the CPRA, Connecticut, and Colorado’s privacy laws came into force. In the litigation world, the FTC filed an...more
On June 28, 2023, the European Commission (EC) published a Proposal for a Regulation on Financial Data Access (FIDA). FIDA aims to create a framework through which data holders (e.g., banks, credit institutions) share the...more
On December 21, the Colorado attorney general released a second set of draft rules for the Colorado Privacy Act (CPA). As previously covered by a Buckley Special Alert, the CPA was enacted in July 2021 to establish a...more
The Gramm-Leach-Bliley Act (GLBA) is a federal law that establishes various legal requirements for companies that qualify as “financial institutions” under the Act. The GLBA’s definition of a “financial institution” is...more
Many individuals already use facial recognition technology to authenticate and authorize payment through their smartphone. According to Jupiter Research, by 2025 (only four years away), 95 percent of smartphones will have...more
CYBERSECURITY - NYDFS - Cybersecurity Certificate of Compliance Due April 15, 2021 The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial...more
Consumers are more aware than ever of data privacy and security issues. As technology develops, vast quantities of data are collected on individuals every minute of every day. Customers trust their institutions to keep the...more
CYBERSECURITY - Maze Continues to Strike Companies - It is being reported by ZDNet that the Maze ransomware group has attacked two companies that, apparently, refused to pay the requested ransom, so Maze, as it...more
In This Issue. The Office of the Comptroller of the Currency (OCC) proposed a rule that would establish that a national bank or federal savings association is the “true lender” of a loan if, as of the date of origination, the...more
Last week, Democratic Senators Ron Wyden and Sherrod Brown and Congresswoman Anna Eshoo sent a letter to FTC Chairman Joseph J. Simons urging the agency to investigate whether analytics firm Envestnet, Inc. (which operates...more
The Cayman Islands recently implemented data protection legislation similar to that adopted elsewhere in the world, including the EU’s General Data Protection Regulation (GDPR). The GDPR forced many businesses outside its...more
The rush for California to get all of the “rules of the road” ready for next year has seemed to cause a bit of confusion with California’s privacy law. Draft regulations were published the same day the Governor signed into...more