Consumer Financial Services Law Monitor

Consumer Financial Services Law Monitor

monitoring the financial services industry to help companies navigate through regulatory compliance, enforcement, and litigation issues

Cyber Security, Information Governance & Privacy

Subscribe to Cyber Security, Information Governance & Privacy RSS Feed

House Financial Services Committee Chairman Urges National Data Breach and Data Security Standards

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, State Attorneys General, CFPB, & FTC
On October 5, House Financial Services Committee Chairman Jeb Hensarling (R-Texas) called for national standards for data breach notification and data security. While voicing concerns about a “Washington-forced technology solution,” Hensarling said, “We do need a consistent national standard for both data security and breach notification in order to better protect our consumers, hold companies… Continue Reading

Join Us on October 2 for a PLUS Webinar: Underwriting Emerging Connective Technologies

Posted in ALL CFS Blog Entries, CFS Events, Cyber Security, Information Governance & Privacy
We are pleased to announce that Troutman Sanders partner Mark Mao will be a featured speaker for a Professional Liability Underwriters Society (PLUS) webinar on Monday, October 2, 2017 from 2:00 – 3:00 p.m. ET. This webinar will explore how to best conduct due diligence in underwriting emerging connective technologies (e.g., PIs/SDKs, hubs+endpoints, vehicle-to-vehicle communications,… Continue Reading

Massachusetts AG Announces Data Breach Bill

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, State Attorneys General, CFPB, & FTC
Massachusetts Attorney General Maura Healey announced updated legislation that will remove fees for security freezes and consumer credit reports.  The new legislation (SB 130/HB 134) includes several pro-consumer changes: Consent – Any company seeking to obtain or use a consumer’s credit report or credit score will need the written consent of the consumer and must… Continue Reading

Join Us at the 2017 ISSA International Conference in San Diego

Posted in ALL CFS Blog Entries, CFS Events, Cyber Security, Information Governance & Privacy
We are pleased to announce that Troutman Sanders partner Ron Raether will be a featured speaker at the upcoming 2017 ISSA International Conference taking place on October 9-11, 2017 at the Sheraton Hotel & Marina in San Diego, California.  Ron will speak on “Governing without Clear Standards: Lessons from the Trenches,” on October 11, 2017,… Continue Reading

Join Us at the 8th Annual ABA Consumer Financial Services Institute

Posted in ALL CFS Blog Entries, CFS Events, Cyber Security, Information Governance & Privacy
We are pleased to announce that Troutman Sanders partner Ron Raether will be a featured speaker at the upcoming American Bar Association Consumer Financial Services Institute taking place October 19-20, 2017 at the Waterview Conference Center in Arlington, Virginia.  Ron will co-panel a discussion entitled, “Financial Privacy, Data Security and Cybersecurity,” on Thursday, October 19,… Continue Reading

Join Us for the NetDiligence Cyber Liability Conference

Posted in ALL CFS Blog Entries, CFS Events, Cyber Security, Information Governance & Privacy
We are pleased to announce that Troutman Sanders partner Mark Mao will be a featured speaker at the NetDiligence Cyber Liability Conference taking place in Santa Monica, California, October 10-12, 2017. Mark will speak on a panel entitled, “PCI Compliance and the Security of Payments” on Thursday, October 12 from 10:30-11:30 a.m. The panelists will discuss mobile… Continue Reading

West Virginia Federal Court Preliminarily Approves Nearly $30M TCPA Class Action Settlement

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
In re Monitronics International, Inc., pending in the Northern District of West Virginia, is a consolidated class action lawsuit brought under the Telephone Consumer Protection Act.  After years of contentious litigation, this past week the Court preliminarily approved a class action settlement of $28 million.  This significant settlement serves as another example of the high… Continue Reading

FTC Says Its Focus Must Be on Instances of Real Harm to Consumers

Posted in ALL CFS Blog Entries, Background Screening, Credit Reporting & Data Brokers, Cyber Security, Information Governance & Privacy, Mortgage Lenders & Servicers, State Attorneys General, CFPB, & FTC
In a September 19 speech at the Federal Communications Bar Association in Washington, FTC Acting Chairman Maureen K. Ohlhausen stated that the Commission should focus on addressing instances of “substantial consumer injury” in deciding which cases to pursue.  Echoing (intentionally or not) the language of the Supreme Court’s foundational decision in Spokeo, Inc. v. Robins,… Continue Reading

Eleventh Circuit Weighs In on DPPA Remedies Provision

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
In Ela v. Kathleen Destefano, the Eleventh Circuit recently commented on the remedies provision of the Driver’s Privacy Protection Act (“DPPA”), holding that the liquidated damages provision does not apply to individual violations of the statute in instances where multiple violations are alleged. As background, plaintiff Theresa Ann Ela sued Kathleen Destefano, an Orange County,… Continue Reading

Second Circuit Affirms Dismissal of FACTA Class Action Against Donna Karan for Lack of Standing

Posted in ALL CFS Blog Entries, Credit Reporting & Data Brokers, Cyber Security, Information Governance & Privacy
On September 20, the Second Circuit Court of Appeals in Katz v. The Donna Karan Company, LLC, affirmed the lower court’s dismissal of a Fair and Accurate Credit Transactions Act putative class action for failure to establish a concrete injury sufficient to maintain Article III standing to bring suit. As we previously reported, plaintiff Yehuda… Continue Reading

Join Us for a Webinar on October 18: Privacy and GDPR – What It Means for Your Company

Posted in ALL CFS Blog Entries, CFS Events, Cyber Security, Information Governance & Privacy, Featured Posts
Join Troutman Sanders for a webinar on October 18, 2017 from 3:00 – 4:00 p.m. ET. During the webinar, the presenters will discuss the European Union’s upcoming General Data Protection Regulation (GDPR) and what it means for your company. The speakers will cover the basics of the GDPR and its impact on key departments and… Continue Reading

Federal Appellate Court Rejects Attorneys’ Fees-Only Class Action Settlement

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
In January 2013, a teenager in Australia posted a photo online showing that his “footlong” Subway sandwich was in fact only 11 inches, setting off a viral storm of consumers discovering their “footlong” sandwiches were similarly not as large as advertised.  That spawned a number of class action lawsuits in America accusing Subway’s franchisor, Doctor’s… Continue Reading

New TCPA Class Action: Expansion into Service Calls

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
On August 29, yet another Telephone Consumer Protection Act class action was filed in the Middle District of Florida. This suit, however, is a bit different than others that we have seen. In Gillmore v. Lokey Automotive Group, Inc., the complaint alleges that text messages sent to the plaintiff April Gillmore by an automobile dealership… Continue Reading

Join Us for a NAPBS Webinar on September 27: Compliance Management Systems – The Next Generation

Posted in ALL CFS Blog Entries, Background Screening, CFS Events, Credit Reporting & Data Brokers, Cyber Security, Information Governance & Privacy
We are pleased to announce that Troutman Sanders attorneys Ron Raether and Megan Nicholls will be featured speakers for a webinar hosted by the National Association of Professional Background Screeners on September 27, 2017 from 3:00 – 4:00 p.m. ET. In this session, they will discuss the basic elements of a compliance management system, how to maintain… Continue Reading

Join Us at the ASIS International 63rd Annual Seminar and Exhibits in Dallas

Posted in ALL CFS Blog Entries, CFS Events, Cyber Security, Information Governance & Privacy
We are pleased to announce that Troutman Sanders partner Ronald Raether will be a featured speaker at the ASIS International 63rd Annual Seminar and Exhibits event in Dallas September 25-28, 2017. Ron will speak on Tuesday, September 26 from 2:00 – 3:00 p.m. on “Governing Without Clear Standards: Lessons Learned.” The term “standard” is used… Continue Reading

Join Us for a Webinar on September 21 – How to Engage Your Legal Department in Data Incident Response

Posted in ALL CFS Blog Entries, CFS Events, Cyber Security, Information Governance & Privacy
Join Troutman Sanders attorneys Melanie Witte and Megan Nicholls for a webinar on September 21. During the webinar, the presenters will: Present the landscape of incident response laws and generally discuss how to determine what laws apply to your organization – state laws present a myriad of reporting requirements and, depending on your industry, federal… Continue Reading

Illinois Federal Court Refuses to Certify TCPA Robocall Class Action Based in Part on Article III Standing

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
On August 15, the United States District Court for the Northern District of Illinois denied a motion for class certification in Legg v. PTZ Insurance Agency, Ltd., a putative class action under the Telephone Consumer Protection Act.  The plaintiffs in the lawsuit, Christopher Legg and Page Lozano, sued PTZ and affiliated companies alleging violations of… Continue Reading

Ninth Circuit Holds TCPA Claims Are Invasion of Privacy Claims

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, Featured Posts
The Ninth Circuit in L.A. Lakers v. Federal Ins. Co., No. 15-55777 (9th Cir. August 23, 2017), ruled that a D&O policy’s invasion of privacy exclusion barred coverage for a claim alleging that the insured violated the Telephone Consumer Protection Act (“TCPA”). The plaintiff in the TCPA case alleged that he had responded via text… Continue Reading

New Jersey Bill Limits Use of Driver’s License Information by Retailers

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
The New Jersey legislature recently passed a bill that places restrictions on retailers’ ability to collect and use personal information gleaned from driver’s licenses.  The bill, known as the Personal Information and Privacy Protection Act, is intended to give consumers more control and security over their personal information.  A copy of the bill can be… Continue Reading

Join Us on August 10 for a Webinar on A Review of the New York Cybersecurity Framework

Posted in ALL CFS Blog Entries, CFS Events, Cyber Security, Information Governance & Privacy
Join Troutman Sanders attorneys Shannon VanVleet Patterson and Sheila M. Pham for a complimentary webinar on August 10, 2017 from 3:00 – 4:00 p.m. ET. On March 1, 2017, the revised Cybersecurity Requirements for Financial Services Companies adopted by the New York Department of Financial Services (“NY DFS”) became effective.  This regulation requires banks, insurance companies, and other financial… Continue Reading

TCPA Class Decertified in Missouri Federal Court

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy
In a long-running Telephone Consumer Protection Act class action, Missouri District Judge Catherine Perry recently granted defendant Vein Centers for Excellence Inc.’s motion to decertify the class.  As background, Vein Centers is a marketing firm that provides graphic design and other services to doctors.  The named plaintiff, St. Louis Heart Center, Inc., filed this putative… Continue Reading

Cheesecake Factory Tries to Dismiss Putative FACTA Class Action on Spokeo Grounds

Posted in ALL CFS Blog Entries, Credit Reporting & Data Brokers, Cyber Security, Information Governance & Privacy
The Cheesecake Factory Restaurants, Inc. recently asked a New York federal district judge to dismiss a putative Fair and Accurate Transactions Act putative class action that accuses the restaurant chain of printing too many credit card numbers on consumers’ receipts.  Relying on the Supreme Court’s decision in Spokeo, Cheesecake Factory argues that the class action… Continue Reading

Second Circuit Affirms Dismissal of Putative Data Breach Class Action Against Michaels

Posted in ALL CFS Blog Entries, Credit Reporting & Data Brokers, Cyber Security, Information Governance & Privacy
On May 23, 2017, in Whalen v. Michaels Stores, Inc., the United States Court of Appeals for the Second Circuit issued a summary order affirming the district court’s dismissal of a putative data breach class action based on lack of Article III standing. As background, the named plaintiff Mary Jane Whalen made credit card purchases at… Continue Reading

NY AG Settles with IoT Company over Security Practices

Posted in ALL CFS Blog Entries, Cyber Security, Information Governance & Privacy, Featured Posts, State Attorneys General, CFPB, & FTC
On May 22, 2017, New York Attorney General Eric Schneiderman announced a settlement with Safetech Products LLC (“Safetech”) over allegations that the Internet of Things (IoT) company sold insecure wireless door and padlocks.  According to the Attorney General, the settlement marks the first time a state Attorneys General has taken legal action against a wireless… Continue Reading