Under an amendment to the Safeguards Rule under the Gramm-Leach-Bliley Act announced on October 27, 2023, the Federal Trade Commission will require a broad range of nonbank financial institutions to notify the FTC of instances of the unauthorized acquisition of unencrypted, personally identifiable, nonpublic financial information of more than 500 customers.

The new notification obligation will be a significant change for financial institutions covered by the FTC’s Safeguards Rule, as the universe of reportable incidents is vastly broader than is currently covered by other state or federal requirements, notification must be made quickly, and such reports will generally be made public by the FTC.

Read the full Update here.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Rebecca Engrav Rebecca Engrav

Rebecca Engrav helps companies that use data solve their highest-stakes privacy, data security, and artificial intelligence/machine learning (AI/ML) challenges before government regulators and in litigation.

Read more about Rebecca Engrav
Photo of Amelia M. Gerlicher Amelia M. Gerlicher

Amelia Gerlicher focuses her practice in the areas of privacy and data security, counseling clients on preparing for and reacting to data breaches and network intrusions, as well as helping clients assess and address the privacy and data security risks that arise from…

Amelia Gerlicher focuses her practice in the areas of privacy and data security, counseling clients on preparing for and reacting to data breaches and network intrusions, as well as helping clients assess and address the privacy and data security risks that arise from a wide range of commercial activities.

Read more about Amelia M. Gerlicher
Show more Show less
Photo of Janis Kestenbaum Janis Kestenbaum

Janis Kestenbaum is a partner in the Privacy & Security practice and Advertising, Marketing & Promotions industry group. Janis represents companies under investigation by the Federal Trade Commission (FTC), state attorneys general, congressional committees, and foreign data protection authorities regarding privacy, data security…

Janis Kestenbaum is a partner in the Privacy & Security practice and Advertising, Marketing & Promotions industry group. Janis represents companies under investigation by the Federal Trade Commission (FTC), state attorneys general, congressional committees, and foreign data protection authorities regarding privacy, data security, and consumer protection issues.

Read more about Janis Kestenbaum
Show more Show less
Photo of Aaron Haberman Aaron Haberman

Aaron Haberman is experienced in defending companies in government investigations and advising them regarding compliance with state and federal laws including the Federal Trade Commission (FTC) Act, the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, the Health Insurance Portability and…

Aaron Haberman is experienced in defending companies in government investigations and advising them regarding compliance with state and federal laws including the Federal Trade Commission (FTC) Act, the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, the Health Insurance Portability and Accountability Act (HIPAA), the Children’s Online Privacy Protection Act (COPPA), and the California Consumer Privacy Act (CCPA).

Read more about Aaron Haberman
Show more Show less