On February 13, the Federal Trade Commission (FTC) released a blog post warning companies that it could be deemed an unfair or deceptive practice for a company to adopt more permissive data practices and to only inform consumers of such changes through retroactive amendments to its terms of service or privacy policy.
Kim Phan
Kim is a partner in the firm’s Privacy + Cyber Practice Group, where she is a privacy and data security attorney, who also assists companies with data breach prevention and response, including establishing effective security programs prior to a data breach and the assessment of breach response obligations following a breach.
Year in Review and a Look Ahead: The Evolving Landscape of Background Screening and Credit Reporting
Join hosts Dave Gettings, Kim Phan, and Chris Willis in this special crossover episode of FCRA Focus and The Consumer Finance Podcast in the first installment of our Year in Review and a Look Ahead series. They are joined by guests Cindy Hanson and Alan Wingfield, partners at Troutman Pepper, who share their insights on the most impactful developments in background screening and credit reporting in 2023. Listen in as they discuss industry challenges and opportunities, the implications of proposed regulatory changes, and what to expect in the future. Stay tuned for the next episode of our Year in Review and a Look Ahead series on The Consumer Finance Podcast, providing valuable insights for anyone involved in consumer finance.
Year in Review and a Look Ahead: The Evolving Landscape of Background Screening and Credit Reporting
Join hosts Dave Gettings, Kim Phan, and Chris Willis in this special crossover episode of FCRA Focus and The Consumer Finance Podcast in the first installment of our Year in Review and a Look Ahead series. They are joined by guests Cindy Hanson and Alan Wingfield, partners at Troutman Pepper, who share their insights on the most impactful developments in background screening and credit reporting in 2023. Listen in as they discuss industry challenges and opportunities, the implications of proposed regulatory changes, and what to expect in the future. Stay tuned for the next episode of our Year in Review and a Look Ahead series on The Consumer Finance Podcast, providing valuable insights for anyone involved in consumer finance.
Troutman Pepper Publishes 2023 Consumer Financial Services Year in Review and A Look Ahead
We are pleased to share our annual review of regulatory and legal developments in the consumer financial services industry. With active federal and state legislatures, consumer financial services providers faced a challenging 2023. Courts across the country issued rulings that will have immediate and lasting impacts on the industry. Our team of more than 140 professionals has prepared this concise, yet thorough analysis of the most important issues and trends throughout our industry. We not only examined what happened in 2023, but also what to expect — and how to prepare — for the months ahead.
ADA Website Accessibility: Insights and Updates
In this episode of The Consumer Finance Podcast, host, Chris Willis, is joined by Partners Kim Phan and Lori Sommerfield, to discuss recent developments related to website accessibility under the Americans with Disabilities Act (ADA). In this episode, they explore the Department of Justice’s proposed rule under Title II of the ADA, which seeks to improve state and local government website and mobile app access for individuals with disabilities, and the potential significance to the private sector. They also discuss the international World Wide Web Consortium’s latest version of its Web Content Accessibility Guidelines (WCAG), 2.2, and the first working draft of WCAG 3.0. Tune in to learn more about these important updates and how they may impact your organization.
State Laws on Screening and Federal Preemption – Where Are We Now and Where Are We Heading?
Please join Troutman Pepper Partner Dave Gettings and colleagues Tim St. George and Cindy Hanson for a highly informative discussion on federal preemption as it relates to state laws and the Fair Credit Reporting Act (FCRA). This episode provides listeners with an overview of important state and local legislation governing background screening, along with discussions about how federal preemption might affect required compliance with these state and local laws. Topics include:
FinCEN Highlights Identity Theft in Latest Threats and Trends Report
The U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) recently issued a report entitled Identity-Related Suspicious Activity: 2021 Threats and Trends highlighting threat patterns and trend information derived from financial institutions’ Bank Secrecy Act (BSA) filings for the calendar year 2021. Financial institutions are required to file suspicious activity reports no later than 30 calendar days after the initial detection of facts that could constitute suspicious activity.
CFPB and FTC File Amicus Brief Urging Fourth Circuit to Find FCRA Requires Investigation Regardless of Whether Dispute Is Factual or Legal
On December 8, the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC) (collectively, the agencies) filed an amici curiae brief urging the U.S. Court of Appeals for the Fourth Circuit to reverse a district court’s decision finding that furnishers need not investigate indirect disputes involving purely legal questions under the Fair Credit Reporting Act (FCRA).
SEC’s New Cyber Rules for Publicly Traded Companies
In this episode of The Consumer Finance Podcast, Chris Willis is joined by Kim Phan, a partner in our firm’s Privacy + Cyber practice, to discuss the Securities and Exchange Commission’s new cyber risk management and incident disclosure rules for publicly traded companies. The rules, already in effect, detail the information a public company must report following a cybersecurity incident and the timeline for reporting. Chris and Kim also discuss the ongoing reporting obligations for a public company related to a cyber incident after the initial reporting phase, how the rules apply when cyber incidents involve a third party’s system, and if the SEC has struck the right balance between informing investors versus the possibility of educating hackers on a company’s cybersecurity defenses. They also address the rule’s new requirement for annual disclosures about a company’s cybersecurity risk management, strategy, and governance.
New York Bans Reporting of Medical Debt Effective Immediately
On December 13, New York Governor Kathy Hochul signed into law S4907A, which prohibits hospitals, medical providers, or ambulance services from providing negative information about medical debt to consumer reporting agencies (CRAs). The law also requires that these entities include a provision in their contracts with collection agencies prohibiting the reporting of any portion of a medical debt to a CRA. Any debt that is reported to a CRA will be deemed void. The law became effective immediately after it was signed.