Less than three months after California passed the California Consumer Privacy Act of 2018 (CCPA), Governor Jerry Brown signed SB 1121 this week, making a number of technical and substantive changes to the law.

Of particular note: SB 1121 modifies the financial institution carve-out language in CCPA section 1798.145(e). While the change is a welcome

A new bill introduced by House Financial Services subcommittee Chairman Rep. Blaine Luetkemeyer would significantly change data security and breach notification standards for the financial services and insurance industries. Most notably, the proposed legislation would create a national standard for data security and breach notification and preempt all current state law on the matter.

Breach

The CFPB has issued a final rule amending the provisions of Regulation P that implement the Gramm-Leach-Bliley Act (GLBA) annual privacy notice requirement.  The final rule is intended to reflect the GLBA amendments made by the Fixing America’s Surface Transportation Act that exempted financial institutions meeting certain conditions from the annual notice requirement.  The statutory

On July 1st, the CFPB proposed to amend Regulation P under the Gramm-Leach-Bliley Act (GLBA) to implement the statutory changes made by the Fixing America’s Surface Transportation Act (see prior post) that provided financial institutions that meet certain conditions with an exemption from the GLBA requirement to deliver annual privacy notices to customers.  The

An amendment creating an exception to the annual privacy notice delivery requirement for financial institutions has been signed into law by President Obama as part of the “Fixing America’s Surface Transportation Act” (FAST Act).

Section 75001 of the FAST Act, signed into law on December 4, 2015, amends Section 503 of the Gramm-Leach-Bliley Act (GLBA)

The FTC recently proposed amendments to its Gramm-Leach-Bliley Act (GLBA) rules requiring motor vehicle dealers to send their customers an annual privacy notice.  The amendments would allow motor vehicle dealers to notify their customers that a privacy policy is available on their website, subject to certain conditions.  Comments on the proposal are due on or