Photo of Ronald I. Raether, Jr.

Ronald I. Raether, Jr.

Subscribe to Ronald I. Raether, Jr.'s Posts

Ron leads the firm’s Privacy + Cyber team. Drawing from nearly 30 years of experience, he provides comprehensive services to companies in all aspects of privacy, security, data use, and risk mitigation. Clients rely on his in-depth understanding of technology and its application to their business to solve their most important challenges — from implementation and strategy to litigation and incident response. Ron and his team have redefined the boundaries of typical law firm privacy and cyber services in offering a 360 degree approach to tackling information governance issues. Their holistic services include drafting and implementing bespoke privacy programs, program implementation, licensing, financing and M&A transactions, incident response, privacy and cyber litigation, regulatory investigations, and enforcement experience.

Follow:Read more about Ronald I. Raether, Jr.Ronald I.'s Linkedin Profile

On October 28, the Consumer Financial Protection Bureau (CFPB or Bureau) issued a new interpretive rule replacing its 2022 interpretive rule (withdrawn in May 2025) concerning the scope of preemption under the Fair Credit Reporting Act (FCRA). This new interpretive rule clarifies that the FCRA broadly preempts state laws related to consumer reporting, reinforcing Congress’s intent to establish national standards when information is used to determine a consumer’s eligibility for credit, insurance, employment and the like. This move replaces the previous rule, which was criticized for its potential to create regulatory confusion.

Today, the Consumer Financial Protection Bureau (CFPB or Bureau) filed its decision to withdraw the proposed rule titled “Protecting Americans from Harmful Data Broker Practices (Regulation V)” in the Federal Register. The rescission is scheduled to be published tomorrow. This withdrawal marks a significant shift in the Bureau’s approach to regulating data brokers and other updates to Regulation V under the Fair Credit Reporting Act (FCRA).

On March 18, President Donald Trump dismissed the two Democratic commissioners from the Federal Trade Commission (FTC). The removal of Commissioners Alvaro Bedoya and Rebecca Kelly Slaughter has sparked significant controversy and legal challenges.

On December 3, the Consumer Financial Protection Bureau (CFPB or Bureau) issued a proposed rule for public comment aimed at amending Regulation V, which implements the Fair Credit Reporting Act (FCRA). The proposed rule seeks to redefine (and, in some cases, rewrite) key terms and provisions within the FCRA, particularly focusing on the activities of purported “data brokers.”

In this episode of The Consumer Finance Podcast, Chris Willis is joined by Partners Ron Raether and Tim St. George to discuss a landmark victory in a major data breach class action multidistrict litigation. The team delves into the details of the successful defense of an attempt at class certification involving a ransomware attack on software provider Blackbaud. This episode highlights the strategic legal maneuvers, team approach, extensive discovery, and expert practices that led to this important industry win. Don’t miss this in-depth case study and learn how the Troutman Pepper team navigated one of the largest and most complex data breach cases in history.

On July 5, the California Privacy Protection Agency (CPPA) published a Notice of Proposed Rulemaking regarding Data Broker Registration pursuant to Senate Bill 362 (the Delete Act). The Delete Act requires the CPPA to establish an accessible deletion mechanism. This mechanism allows a consumer, through a single verifiable consumer request, to request that every data broker delete any personal information related to that consumer held by the data broker or associated service provider or contractor. The stated aim of the proposed rulemaking is to clarify and enhance the registration process for data brokers.

Last week, the U.S. Department of Housing and Urban Development (HUD) issued a Notice of Proposed Rulemaking, seeking public comment on its proposal to amend existing regulations that govern admission to public housing and housing programs for applicants with criminal records and eviction or termination of assistance of persons on the basis of illegal drug use, drug-related criminal activity, or other criminal activity. The proposed rule would require that, prior to any discretionary denial or termination for criminal activity, public housing agencies (PHAs) and assisted housing owners take into consideration multiple sources of information, including but not limited to the recency and relevance of prior criminal activity. The proposed rule also seeks to clarify existing PHA and owner obligations and reduce the risk of violation of nondiscrimination laws.

In this episode of FCRA Focus, hosts Kim Phan and Dave Gettings are joined by Partners Cindy Hanson and Ron Raether to discuss recent CFPB advisory opinions on accuracy in background check reports and the inclusion of data sources in response to consumer file disclosure requests. They delve into the challenges companies face in obtaining accurate information from public record sources and the implications of the CFPB’s guidance for the industry. The conversation also highlights the importance of effective dispute processes and vendor relationships in ensuring compliance. Tune in for insightful commentary on these critical issues in the FCRA compliance environment.

On February 8, the U.S. Supreme Court issued a unanimous decision in Department of Agriculture Rural Development Rural Housing Service (USDA) v. Kirtz, holding that the Fair Credit Reporting Act’s (FCRA) clear statutory text indicates a government agency can be sued for a FCRA violation. The decision resolved a circuit split. The D.C., Third, and Seventh Circuits have allowed FCRA litigation against government agencies, but the Fourth and Ninth Circuits have found governmental immunity prevents such suits.

In Career Counseling, Inc. v. Amerifactors Financial Group, LLC, the U.S. Court of Appeals for the Fourth Circuit upheld a district court’s decision denying class certification in a Telephone Consumer Protection Act (TCPA) case on the basis that the plaintiff failed to satisfy Rule 23’s “implicit further requirement of ascertainability.” The Fourth Circuit also upheld summary judgment against the defendant as to the individual claim finding the defendant was indeed the “sender” of the fax at issue. Each finding is discussed more fully below.