Blog Posts Tagged with Gramm-Leach-Bliley Act

Pages

Venmo settlement addresses availability of funds, privacy practices, and GLB

Advances in payment methods could end those open-wallet debates about who owes what for the pizza. But as innovative technologies change how people pay for things, established consumer protection principles apply. An FTC complaint against peer-to-peer payment service Venmo – now operated by PayPal – alleges that the company failed to disclose material information about the availability of consumers’ funds.

So You Received a CID: FAQs for Small Businesses

So you’ve received a Civil Investigative Demand (CID) from the Federal Trade Commission related to a consumer protection matter. Now what? We appreciate that it can be daunting for any company – especially a small business – and we want to be as transparent as possible about the process.

2017: The consumer protection year in review

One Direction had a hit with a song called “18,” but the FTC’s recent law enforcement and policy initiatives suggest that the agency will continue to pursue many directions in its efforts to protect consumers in ‘18. (Sorry. We’re expecting a fresh shipment of pop culture references in January.) In case you missed them – and in no particular order – here are ten FTC consumer protection topics of note from 2017.

A new model for auto dealers?

There are three letters every auto dealer should know about. GTO? XKE? Good guesses, but not what we had in mind.

We’re talking about GLB.

The Gramm-Leach-Bliley Act requires financial institutions to give their customers initial and annual notices about their privacy policies. If the company shares certain customer information with particular types of third parties, they also have to give customers the opportunity to opt out of sharing. The FTC’s Privacy of Consumer Financial Information Rule – friends call it the GLB Privacy Rule – explains the specifics.

Time 2 txt about data security basics?

53 and it’s likely to go up. That’s the number of data security law enforcement actions the FTC has settled so far. The facts of each case are different, but distilled down to the basics, they stand for one central proposition: Your company’s data security measures should be reasonable and appropriate in light of the sensitivity and amount of consumer information you have, the size and complexity of your business, and the availability and cost of tools to improve security and reduce vulnerabilities.

The long and short of it

Ahab hunts big fish.
Captain and whaling boat sink.

Ishmael prevails.

Sometimes you want to read all 209,117 words of Moby Dick.  Other times a haiku will do.  Sometimes you want an in-depth analysis of the FTC’s enforcement, rulemaking, research, education, and international efforts related to privacy and data security.  Other times a summary will suffice.

Trash Talking

Some things you’d expect to find in a trash can:  last night’s potato peelings, the casserole that looked so promising in the cookbook photo, and Oscar the Grouch.  But if you run a business, the one thing you don’t want in the dumpster behind your office is paperwork containing sensitive information about your customers.  Just ask PLS Financial Services, PLS Group, and the Payday Loan Store of Illinois.

Room with review

Is your briefcase feeling lighter? That’s because your dog-eared copy of Volume 16 of the Code of Federal Regulations (where most FTC rules and guides live) is decidedly thinner these days. For the past two decades, the agency has undertaken a systematic review of its rules and guides to make sure they’re up to date, effective, and not overly burdensome. As each rule comes up for review, we ask ourselves — and you — four questions:

NCP Double-YOU

Break out the bubbly and raise a toast:  It's National Consumer Protection Week.  NCPW is an annual campaign sponsored by the FTC and nearly 30 other federal agencies, consumer groups, and advocacy organizations, in conjunction with state, county, and local government offices that are sponsoring events nationwide.  The goal?  To encourage consumers to take full advantage of their rights and make better-informed decisions.

Data Resellers Liable for Downstream Security Failures

Of course, no legitimate business would put out a welcome mat for crooks.  But as the FTC’s data security cases make clear, that’s the effect when companies fail to take reasonable steps to secure sensitive information in their possession — or data they allow others to access.  Three recent settlements with companies that resell credit reports illustrate that point.

Data Security: Copi-er That!

If your company keeps sensitive data like Social Security numbers, credit reports, account numbers, health records, or business secrets, you’ve probably instituted safeguards to protect that information, whether it’s stored in computers or on paper. That’s great.  But it’s time to take those safeguards a step further.

Pages