On September 2, 2022, new requirements for “live checks” became effective in New York.  The new requirements were created by SB 4894 which New York Governor Hochul signed into law on May 5, 2022.

The new requirements apply to “mail-loan checks” issued by “lending institutions.”  A “mail-loan check” is defined as “a check, made out to and mailed to a person by a lending institution, which, when cashed or deposited by such person, obligates such person to repay to such lending institution the amount of the proceeds of such check according to terms mailed to such recipient with such check.” … Continue Reading

The August 31 closing of the California legislative session likely marked the end of hopes for an extension of the limited exemptions for employee and business-to-business (B2B) data that have existed for the California Consumer Privacy Act (“CCPA”) since its inception.  As a result, when the the California Privacy Rights Act (CPRA) goes into effect on January 1, 2023, employee and B2B data will be treated the same as consumer data. … Continue Reading

On July 29, 2022, the New York Department of Financial Services (“NYDFS”) released Draft Amendments to its Cyber Security Regulations.  The Amendments, if adopted, would further regulatory trends and impose important new requirements on covered entities.

The Amendments contain three significant changes relating to ransomware.  First, the Amendment specifically adds “the deployment of ransomware within a material part of the covered entity’s information system” as a cybersecurity event requiring notice to the superintendent within 72 hours. … Continue Reading

Private education lenders doing business in Illinois now have access to official informational guides and templates for meeting the November 1, 2022, reporting requirements under the state’s new Know Before You Owe Private Education Loan Act (“KBYO”). 

Promoted as a means to make borrowers aware of federal student loan options before they turn to private loans, KBYO also seeks to collect and publicize data on private educational lending through an annual reporting obligation imposed on lenders. … Continue Reading

On June 18, 2022, Louisiana’s Governor signed into law two new bills that impose new requirements for student loans.  Both bills are effective on August 1, 2022.

HB 610.  HB 610 creates the following new duties for student loan servicers:

  • Response to Inquiries/Complaints.  A student loan servicer must acknowledge receipt of a written inquiry or complaint from a student loan borrower or the authorized representative of a student loan borrower within 10 days after receiving the inquiry or complaint. 
Continue Reading

In a surprising development, the California Privacy Protection Agency (CPPA) published proposed amendments to the CCPA regulations recently.  The proposed amendments were initially made public in a package of materials to be considered by the CPPA at its upcoming June 8 meeting.  The proposed amendments—which in effect are the draft CPRA regulations—were issued without advance notice, ahead of the schedule previously announced by the CPPA. … Continue Reading

The California Privacy Protection Agency (“CPPA”) scheduled a Board Meeting for June 8th, in which it will be discussing and possibly taking action with regard to the much anticipated CPRA enforcing regulations.  To facilitate this discussion, the CPPA included a draft of the proposed regulations as part of the meeting records. … Continue Reading

On May 20, Oklahoma Governor Kevin Stitt signed into law House Bill No. 3168 which imposes new limits on the use of automated dialing systems.  The new law, titled the “Telephone Solicitation Act of 2022” (Act), takes effect on November 1, 2022.

The Act prohibits the use of an “automated system” to make a “commercial telephonic sales call” without the “prior express written consent” of the “called party.” … Continue Reading

Connecticut is the next in a growing list of states to pass comprehensive data privacy legislation.  Last Friday, the Connecticut legislature passed, by large margins, Senate Bill 6 — which we are referring to as the Connecticut Data Privacy Act (CTDPA).  The law now awaits the Governor’s signature.

The CTDPA follows the form and content of other privacy laws passed in the prior year, including the Colorado Privacy Act (CPA), Virginia Consumer Data Protection Act (VCDPA), and Utah Privacy Act (UPA). … Continue Reading

On April 28, 2022 the New York Department of Financial Services (“NYDFS”) issued its Guidance on Use of Blockchain Analytics, a document directed to all virtual currency business entities that either have a NYDFS Bitlicense or are chartered as a limited purpose trust company under the New York Banking Law. … Continue Reading