The Federal Trade Commission yesterday announced settlements with two companies over security breaches caused by peer-to-peer (P2P) file sharing software. The settlements require the companies to establish and maintain comprehensive information security programs and to undergo data security audits by independent auditors every other year for 20 years.
On October 27, the Commodity Futures Trading Commission (CFTC) issued proposed privacy and data security rules under the Gramm-Leach-Bliley Act (GLBA) and Fair Credit Reporting Act (FCRA), pursuant to the Dodd-Frank Act.
April 15 marked the release of the long-awaited customizable version of the Model Privacy Notice, a form that provides a safe harbor for compliance with the notice requirements of the Gramm-Leach-Bliley Act (GLBA). Read more about in this entry.