Search Results: Privacy/Data Security

CFPB and Justice and Consumer Protection of the European Commission Announce Plans for an "Informal Dialogue"

On July 17, 2023, Didier Reynders, Commissioner for Justice and Consumer Protection of the European Commission and Rohit Chopra, Director of the Consumer Financial Protection Bureau, announced the start of an “informal dialogue” between their two agencies. Reynders and Chopra indicated that the dialogue would cover a variety of important…

Read More

California DFPI Issues Guidance to Financial Institutions Regarding Russia Sanctions

On March 4, 2022, the California Department of Financial Protection and Innovation (DFPI) issued a reminder to its financial institution licensees regarding their obligations in light of the Russian invasion of Ukraine:  comply with U.S. sanctions on Russia, and employ safeguards to protect against attempts to use virtual currency transfers…

Read More

NYDFS Cybersecurity Regulation: Focus on Proactive Cybersecurity and Incident Reporting

Goodwin invites you to join us for our upcoming webinar on the NYDFS Cybersecurity Regulation. Now in its fifth year, the NYDFS Cybersecurity Regulation is a standout among state-level information security regulations.  This year, the NYDFS is investing additional resources into cybersecurity, with a new NYDFS Cyber Intelligence Unit formed…

Read More

Massachusetts Case Against Equifax Survives Motion to Dismiss

On April 2, 2018, the Superior Court of Suffolk County, Massachusetts denied Equifax, Inc.’s motion to dismiss the Commonwealth’s case against it related to the company’s widely publicized 2017 data breach.  Although the ruling does not determine who will ultimately prevail in the action, it outlines several key considerations for…

Read More

CFPB Issues Consumer Protection Principles for Sharing Financial Account Information with Third Parties

On October 18, 2017, the Consumer Financial Protection Bureau (CFPB) published guidelines for financial institutions to use when authorizing third-party access to consumers’ financial information.  These guidelines are targeted at protecting consumers who give their consent to allow other companies to access their account information.  Companies—including fintech firms, banks, and…

Read More

FINRA Cracks Down on Financial Firms for Cybersecurity Deficiencies

On December 21, 2016, the Financial Industry Regulatory Authority (FINRA) announced that it was fining 12 firms a total of $14.4 million for failing to comply with FINRA cybersecurity regulations, having identified “significant deficiencies relating to the preservation of broker-dealer and customer records in a format that prevents alteration.” FINRA…

Read More

CFPB Signals Interest in Regulating the Use of Consumer Financial Data

The Consumer Financial Protection Bureau’s (CFPB) recently-released Request for Information Regarding Consumer Access to Financial Records (RFI) suggests that the agency is considering making a new rule to set requirements and protections for the use of consumers’ financial information.  In publishing the RFI, the CFPB notes that the Dodd-Frank Act “provides…

Read More

CFPB Steps Up Scrutiny of Fintech Companies

On March 7, 2016, the Consumer Financial Protection Bureau (CFPB) announced that it will begin collecting complaints from consumers about online marketplace lenders, signaling its intention to increasingly regulate the evolving and growing Financial Technology (Fintech) industry.  The CFPB announcement emphasized that marketplace lending is “a relatively new kind of…

Read More

House Financial Services Committee Reports New Cybersecurity Bill to Congress

On December 9, 2015, the House Financial Services Committee reported a Bill to Congress that would impact the cybersecurity compliance of financial services companies.  The Bill, H.R. 2205, would set standards for development and implementation of cybersecurity protocols; require investigation and notification of breaches; and allow administrative enforcement. One of…

Read More

T-Mobile Invokes California Public Utilities Law to Defeat TCPA Motion to Compel

An Illinois federal district court held on March 20, 2015 that California law protects T-Mobile from having to turn over the names and addresses of thousands of its California customers without their consent in response to a third-party subpoena in a nationwide class action. The case, Birchmeier v. Caribbean Cruise Line,…

Read More

Should Companies Trust New Cyber Security Bill En Route to Passage in Senate?

On March 12, 2015, the Senate Intelligence Committee took an important step in advancing a comprehensive bill titled the Cybersecurity Information Sharing Act of 2015 (“CISA”) aimed at bolstering U.S. companies and the federal government’s cyber security protections.  But some privacy watchdogs and other government officials are openly wondering whether…

Read More

U.S. Woos Businesses With New Cyber Security Intelligence Division

As the cyber security threat to the U.S. economy and national security has grown, U.S. states and businesses have taken increasing steps to prevent potential hacks from invading user privacy and U.S. intelligence activities.  Most recently, New York’s attorney general, proposed new rules to help safeguard consumer privacy and provide businesses with incentives…

Read More

NY Attorney General Aims To Make New York A Leader on Data Security

  On January 15, 2015, New York’s attorney general, Eric Schneiderman, proposed a new law that NY hopes will balance business and consumer interests while establishing New York as a leader in data security.  The main effect of the proposed legislation would be to expand the definition of private information to…

Read More

Financial Services Firms' Projected Cybersecurity Spending Increase Is Money Well Spent

One of the most persistent and insidious threats to companies is cyber attacks.  Whether these attacks involve theft of intellectual property, installation of malware, or denial of service, they pose a significant risk to businesses and their customers.  For many companies, especially financial services companies, the risk is heightened by…

Read More

Is Knowing Enough? The FTC's Concerns Regarding Mobile Banking Practices May Force You to Do ...

On September 10, 2014, the Federal Trade Commission (FTC) posted a comment in response to the Consumer Financial Protection Bureau’s (CFPB) request for information regarding the use of mobile banking services and products specifically utilized by economically vulnerable or underserved consumers.  After briefly articulating some of the benefits of mobile…

Read More

Retailers Beware: Shopping Apps Can Cost You, Too

Online shopping is widespread, and by now, most retailers have tailored their websites to ensure consumers are fully aware of their privacy, security, and dispute resolution rights and liabilities in buying products online.  However, as retailers and other companies increasingly launch mobile applications to allow their customers to purchase items…

Read More

Committee of Banking Regulators Begins Cyber-Security Assessments of 500 Financial Institutions

On June 24, 2014, in response to the “increasing volume and sophistication of cyber threats,” the Federal Financial Institutions Examination Council (“FFIEC”) began a month-long cyber-security assessment of 500 community financial institutions and credit unions.  Announcing what it dubbed a “pilot program,” the FFIEC—a formal, interagency body made up of…

Read More

12