Financial institutions collect personal information from customers every day, from names and addresses to bank account and Social Security numbers. The Gramm-Leach-Bliley Act’s Safeguards Rule requires those institutions to develop, implement, and maintain a comprehensive information security program. As part of its regulatory review process, the FTC has proposed changes to the Rule.
Blog Posts Tagged with Gramm-Leach-Bliley Act
As part of its regulatory review, the FTC announced earlier this year Information Security and Financial Institutions: An FTC Workshop to Examine the Safeguards Rule. If the Safeguards Rule is of interest to you or your clients, you’ll want to know about three new developments.
Turning eighteen was a momentous birthday for most of us and the same could be said for the Gramm-Leach-Bliley Act’s Safeguards Rule. Finalized in 2002 and in effect since 2003, the Safeguards Rule requires “financial institutions” to develop, implement, and maintain a comprehensive information security program for handling customer information.
To review everything the FTC did in 2019 dealing with consumer privacy and data security – Enforcement, Advocacy, Rules, Workshops, Consumer Education, Business Guidance, and International Engagement – it could take days to compile all that information. The FTC has an easier way to share those developments with your company, clients, and colleagues.
California-based mortgage broker Mortgage Solutions FCS also does business under the name Mount Diablo Lending. And according to the FTC, the company gave consumers a devil of a time if they posted negative reviews on Yelp. Is your business pondering how to address unfavorable consumer comments?
Patch your software. Segment your network. Monitor for intruders. According to tech experts, those are security basics for businesses of any size. But when you’re industry giant Equifax – a company in possession of staggering amounts of highly confidential information about more than 200 million Americans – it’s almost unthinkable not to implement those fundamental protections.
The domino principle. The ripple effect. The butterfly phenomenon. Apply the analogy of your choice to describe what happens when one software developer’s allegedly lax security practices result in the breach of confidential customer information maintained by multiple businesses that use the software.
Looking to take a deep dive into the breadth and depth of the FTC’s approach to consumer privacy and data security in the past year? The FTC’s website, including the Business Center, has what you need. But what if you or your clients prefer an at-your-fingertips digest of developments in 2018? We’re got that covered, too.
It’s a given that companies shouldn’t charge consumers hidden fees. But it raises a particular concern when an online lender makes “No Hidden Fees” claims a centerpiece of its marketing – and then deducts from those loans hundreds or even thousands of dollars in hidden up-front fees.
Advances in payment methods could end those open-wallet debates about who owes what for the pizza. But as innovative technologies change how people pay for things, established consumer protection principles apply. An FTC complaint against peer-to-peer payment service Venmo – now operated by PayPal – alleges that the company failed to disclose material information about the availability of consumers’ funds.
One Direction had a hit with a song called “18,” but the FTC’s recent law enforcement and policy initiatives suggest that the agency will continue to pursue many directions in its efforts to protect consumers in ‘18. (Sorry. We’re expecting a fresh shipment of pop culture references in January.) In case you missed them – and in no particular order – here are ten FTC consumer protection topics of note from 2017.
If you or your clients are in the tax preparation field, there are three letters you should focus on. OK, I-R-S may be the first thing on your mind. But as the FTC’s proposed settlement with TaxSlayer suggests, don’t forget those other important letters: G-L-B.
There are three letters every auto dealer should know about. GTO? XKE? Good guesses, but not what we had in mind.
We’re talking about GLB.
The Gramm-Leach-Bliley Act requires financial institutions to give their customers initial and annual notices about their privacy policies. If the company shares certain customer information with particular types of third parties, they also have to give customers the opportunity to opt out of sharing. The FTC’s Privacy of Consumer Financial Information Rule – friends call it the GLB Privacy Rule – explains the specifics.
Maybe it’s a suspicious tax document flagged by your HR staff or a customer concern about an unauthorized charge. Identity theft can reveal itself in many ways. Regardless of the tip-off, there’s a new one-stop federal resource – IdentityTheft.gov – to help people report and recover from ID theft.
53 and it’s likely to go up. That’s the number of data security law enforcement actions the FTC has settled so far. The facts of each case are different, but distilled down to the basics, they stand for one central proposition: Your company’s data security measures should be reasonable and appropriate in light of the sensitivity and amount of consumer information you have, the size and complexity of your business, and the availability and cost of tools to improve security and reduce vulnerabilities.
Ahab hunts big fish.
Captain and whaling boat sink.
Sometimes you want to read all 209,117 words of Moby Dick. Other times a haiku will do. Sometimes you want an in-depth analysis of the FTC’s enforcement, rulemaking, research, education, and international efforts related to privacy and data security. Other times a summary will suffice.
Some things you’d expect to find in a trash can: last night’s potato peelings, the casserole that looked so promising in the cookbook photo, and Oscar the Grouch. But if you run a business, the one thing you don’t want in the dumpster behind your office is paperwork containing sensitive information about your customers. Just ask PLS Financial Services, PLS Group, and the Payday Loan Store of Illinois.
In Short: Advertising and Privacy Disclosures in a Digital World — an FTC workshop to discuss guidance on disclosures in the online and mobile world — is set for May 30, 2012. This is the latest development in the ongoing conversation about revising the FTC’s 2000 guidance publication, Dot Com Disclosures.
If you haven’t already, hover up to your toolbar and bookmark the FTC’s Regulatory Review page. It’s your one-stop resource for what's coming up and what’s going down with Commission rules and guides of interest to your business and your clients. Recent announcements about the FTC's regulatory review schedule make it a must-read.
When the FTC conducts an investigation to see if a company has violated the law, it’s important that the process is efficient and not unduly burdensome on those involved. The FTC’s Rules of Practice lay out the procedures the Commission follows.