Privacy & Security Law Blog

Privacy & Security Law Blog

Legal Commentary and Resources for the Payment Industry

Insight & Commentary on Information Management and Protection
FCC Letter Brief to Second Circuit Narrowly Construes Recent TCPA Guidance
Posted 14 days ago

We reported last spring on two FCC declaratory rulings, GroupMe and Cargo Airline, that included some broad, business-friendly interpretations of rules implementing the Telephone Consumer Protection Act (TCPA), under which plaintiff class actions are thriving.  The rulings also reinvigorated an FCC statement from when it first adopted TCPA rules in…

Federal Financial Institutions Examination Council Launches Cybersecurity Webpage and Begins Cybersecurity Assessments
Posted 21 days ago

“For cyber criminals, banks are especially tempting targets – not…

Federal Financial Institutions Examination Council Launches Cybersecurity Webpage and Begins Cyberse…
FTC Releases 2014 Privacy and Data Security Update, Touting Its Efforts and Achievements in Protecting Consumer Privacy
Posted 21 days ago

Last week, the Federal Trade Commission (FTC) released its 2014…

FTC Releases 2014 Privacy and Data Security Update, Touting Its Efforts and Achievements in Protecti…
“…Because That’s Where the Money Is.” OCC Head Highlights Oversight of Cybersecurity for Financial Industry—Will All Vendors Cooperate?
Posted 22 days ago

Why are banks often tempting targets for criminals and terrorists…

“…Because That’s Where the Money Is.” OCC Head Highlights Oversight of Cybersecurity for Financial I…
U.S. Steps Up Efforts to Make “Safe Harbor Safe Again” – FTC, Justice Department Work to Keep EU Happy and Avoid Pull Back from Safe Harbor
Posted 25 days ago

Within the span of two days, both the Federal Trade…

U.S. Steps Up Efforts to Make “Safe Harbor Safe Again” – FTC, Justice Department Work to Keep EU Hap…
PreviousNext

Developments & Commentary

FCC Letter Brief to Second Circuit Narrowly Construes Recent TCPA Guidance

We reported last spring on two FCC declaratory rulings, GroupMe and Cargo Airline, that included some broad, business-friendly interpretations of rules implementing the Telephone Consumer Protection Act (TCPA), under which plaintiff class actions are thriving.  The rulings also reinvigorated an FCC statement from when it first adopted TCPA rules in ...

DWT Advisory: New HIPAA Reports to Congress Shed Light on OCR Enforcement

The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued two reports to Congress, as required by the HITECH Act. The compliance report details OCR’s enforcement activities for 2011 and 2012 and sheds light on what covered entities and business associates can expect from OCR going forward. This ...

Federal Financial Institutions Examination Council Launches Cybersecurity Webpage and Begins Cybersecurity Assessments

“For cyber criminals, banks are especially tempting targets – not only because banks are where the money is, but also because of the vast amount of proprietary information banks have about their customers.” Thomas J. Curry, Comptroller of the Currency In comments before the Risk Management Association’s Governance, Compliance, and Operational ...

“…Because That’s Where the Money Is.” OCC Head Highlights Oversight of Cybersecurity for Financial Industry—Will All Vendors Cooperate?

Why are banks often tempting targets for criminals and terrorists alike? Thomas Curry, the head of the Office of the Comptroller of the Currency (OCC), recently reminded us: “…because that’s where the money is.” But what most worries the Comptroller is not a modern-day Bonnie & Clyde or John Dillinger ...

U.S. Steps Up Efforts to Make “Safe Harbor Safe Again” – FTC, Justice Department Work to Keep EU Happy and Avoid Pull Back from Safe Harbor

Within the span of two days, both the Federal Trade Commission (FTC) and the U.S. Department of Justice announced initiatives meant to assuage the European Union’s concerns over trans-Atlantic data flows and to secure Europe’s future commitment to the U.S.-EU Safe Harbor initiative. On June 25, 2014, the FTC approved final ...

Resources & Updates

FTC Releases 2014 Privacy and Data Security Update, Touting Its Efforts and Achievements in Protecting Consumer Privacy

Last week, the Federal Trade Commission (FTC) released its 2014 Privacy and Data Security Update, summarizing the FTC’s major enforcement actions, policy initiatives, rules, reports, workshops, and outreach efforts in the privacy and data security arenas from approximately January 2013 until March 2014. In the 2014 Update, the FTC underscores ...

Department of Energy Invites Cybersecurity Comments

In a Federal Register notice to be officially published Friday, June 20, 2014, the Department of Energy (DOE) is inviting public participation in its efforts to develop a guidance document entitled “Energy Sector Framework Implementation Guidance.” The term “Framework” references the Framework for Improving Critical Infrastructure Cybersecurity which was released ...

Government Officials Continue to Reference NIST Framework

On Thursday, June 12, 2014, while delivering remarks on cybersecurity at the American Enterprise Institute in Washington, D.C., Federal Communications Commission Chairman Tom Wheeler challenged businesses to be more proactive in addressing increasingly prevalent threats to their cybersecurity, urging them to embrace a “new paradigm” in which the private sector ...

UPDATE on Breslow v. Wells Fargo – Same as the Old Boss: Eleventh Circuit Withdraws Opinion Just Four Days Later, But to Little Practical Effect

Just a few days ago, we reported on the Eleventh Circuit’s decision in Breslow v. Wells Fargo, which reaffirmed precedent that strict liability can arise in autodialer, prerecorded-message and texting suits under the Telephone Consumer Protection Act (TCPA), if a caller or texter obtained consent from the intended recipient, but ...

Only 4 Weeks Until Canada’s New Anti-Spam Rules Come into Force

Provisions Have Implications for US, Global Businesses Starting on July 1, 2014, key provisions of Canada’s Anti-Spam Law (CASL) governing commercial electronic messages (CEMs) will go into effect, per our advisory thoroughly analyzing CASL.  The statute and its implementing rules generally prohibit sending CEMs without the recipient’s express consent, and as ...