Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Category Archives: Financial Privacy

Subscribe to Financial Privacy RSS Feed
Posted on By Timothy Tobin and Mark Brennan Posted in Consumer Privacy, Financial Privacy

FTC Issues Report on Emerging Mobile Payments Services

There has been an explosion in the number and variety of mobile payment services available to consumers in the last couple of years, with new innovations and players growing exponentially. The release of the Federal Trade Commission’s (FTC) March 8, 2013 staff report, “Paper, Plastic… or Mobile? An FTC Workshop on Mobile Payments,” indicates the potential… Continue Reading

Posted on By Michael Epshteyn Posted in Consumer Privacy, Financial Privacy, Social Media

Bank Regulators Propose Social Media Guidance; Comments Due March 25, 2013

The Federal Financial Institutions Examination Council (FFIEC) has released proposed guidance on the use of social media by financial institutions, including banks, credit unions, and non-bank entities supervised by the Consumer Financial Protection Bureau.  The proposed “Social Media:  Consumer Compliance Risk Management Guidance” (“Proposed Guidance”) defines “social media” broadly to including micro-blogging sites (like Google… Continue Reading

Posted on By Michael Epshteyn Posted in Consumer Privacy, Cybersecurity & Data Breaches, Financial Privacy

FTC Amends Red Flags Rule to Adopt Narrower Definition of “Creditor”

The FTC has issued an interim final rule to amend the Identity Theft “Red Flags Rule,” which requires certain “financial institutions” and “creditors” to develop and implement a written identity theft prevention program to identity, detect, and respond to possible incidents of identity theft.  The interim rule amendment conforms the Red Flag’s Rule’s definition of… Continue Reading

Posted on By Christopher Wolf Posted in Cybersecurity & Data Breaches, Financial Privacy

SEC Issues First-Ever Guidance on Disclosure to Investors of Cybersecurity Risks

On October 13 the Division of Corporate Finance at the US Securities and Exchange Commission issued a Disclosure Guidance that for the first time advises registrants — public companies — to evaluate their cybersecurity risks and, if deemed material, to disclose such risks to investors. This Guidance is likely to lead to public companies performing formal and detailed assessments of the cybersecurity risks, and may lead to shareholder litigation following data security breaches with claims that a company failed to perform the assessment and disclose the risks recommended in the Guidance for complaince with securities disclosure laws.

Posted on By Joshua Lynch Posted in Financial Privacy

Financial Services Industry Group Issues Social Media Guidance

A financial services industry group recently released guidance on managing the risks associated with using social media such as Facebook and Twitter. The guidance, titled “Social Media Risks and Mitigation,” was released this week by BITS, a division of the Financial Services Roundtable, which represents 100 of the largest financial services companies. The guidance includes tips on managing numerous concerns specific to financial institutions, which are increasingly using social media in their marketing and customer relationship activities.

Posted on By Michael Epshteyn Posted in Financial Privacy

For First Time, SEC Imposes Fines Based Solely on Privacy Violations

The Securities and Exchange Commission (SEC) announced yesterday that three former executives of GunnAllen Financial, Inc., a Tampa-based broker-dealer, agreed to settle charges that they had violated Regulation S-P by failing to protect confidential information about their customers. This action marked the first time that the SEC had assessed financial penalties against individuals charged solely with violations of Regulation S-P, which requires broker-dealers, investment advisers, and other financial institutions under the SEC’s jurisdiction to protect their customers’ nonpublic personal information and to provide their customers the right to opt out of having their information shared with unaffiliated third parties.

Posted on By Michael Epshteyn Posted in Consumer Privacy, Financial Privacy, News & Events

ABA’s Lawsuit Challenging Applicability of “Red Flags Rule” to Attorneys is Dismissed as Moot

The D.C. Circuit Court of Appeals has dismissed as moot a lawsuit challenging the applicability to lawyers of the “Red Flags Rule,” which requires financial institutions and creditors to implement identity theft prevention programs. The organized Bar had challenged the applicability of the Rule to lawyers and had won in the lower court. Since the Red Flag Clarification Act recently passed by Congress would exempt most lawyers from coverage under the Rule, the Court found that litigation no longer is necessary or appropriate.

Posted on By Joshua Lynch Posted in Financial Privacy, International/EU Privacy

FinCEN Considers Proposed Rule to Require Reporting of Cross-Border Electronic Fund Transfers

Comments are due December 29th on a proposal that would require banks and money transmitters to report information to the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) regarding international fund transfers, including the Social Security numbers of individuals that send or receive such funds.

Posted on By Bret Cohen Posted in Financial Privacy

Ninth Circuit Holds that Courts May Not Impose Limits on FACTA Class Certification Based on Disproportionality or the Potential for Huge Statutory Damages

The Ninth Circuit recently reversed and remanded a district court denial of class certification in a FACTA case, making it easier for class certification even where there was disproportionality between the potential liability and the actual harm suffered, where the potential damages were huge and where defendant engaged in good faith compliance.

Posted on By Bret Cohen Posted in Financial Privacy

Regulations Imposing New Obligations on Entities Furnishing Information to Consumer Reporting Agencies Go into Effect on July 1

On July 1, 2010, final regulations will go into effect that impose new obligations on entities that furnish information about individuals (“data furnishers”) to consumer reporting agencies (“CRAs”) for use in reports about those individuals. These regulations require data furnishers to institute reasonable policies and procedures that (1) ensure the accuracy and integrity of furnished information and (2) allow individuals to formally dispute the correctness of certain information that is furnished about them to CRAs directly with the data furnisher.

Posted on By Bret Cohen Posted in Financial Privacy

FINRA Issues Guidance on Social Networking Sites

The Hogan & Hartson privacy lawyers are counseling clients on the use of social media, as the legal risks are significant — especially if employees use the shield of anonymity to protect their privacy but make representations on behalf of their employers without disclosing their affiliation. The FTC and FDA recently have focused on social media. And on January 25, the Financial Industry Regulatory Authority (FINRA), an industry self-regulatory organization, issued Regulatory Notice 10-6, which gives guidance to member companies on the use of blogs and social networking sites to engage in company-sponsored communications with the public.

Posted on By Christopher Wolf Posted in Financial Privacy

Agencies Issue Model GLBA Form That Provides Safe Harbor

Yesterday the financial regulatory agencies issued a model notification form for Gramm Leach Bliley Act consumer notices, Use of the new model form provides a “Safe Harbor” for covered entities required to provide consumer notices of data sharing practices. A link to the new form is contained within this blog entry.