Photo of Ronald I. Raether, Jr.

Ron leads the firm’s Privacy + Cyber team. Drawing from nearly 30 years of experience, he provides comprehensive services to companies in all aspects of privacy, security, data use, and risk mitigation. Clients rely on his in-depth understanding of technology and its application to their business to solve their most important challenges — from implementation and strategy to litigation and incident response. Ron and his team have redefined the boundaries of typical law firm privacy and cyber services in offering a 360 degree approach to tackling information governance issues. Their holistic services include drafting and implementing bespoke privacy programs, program implementation, licensing, financing and M&A transactions, incident response, privacy and cyber litigation, regulatory investigations, and enforcement experience.

On November 10, the Consumer Financial Protection Bureau (CFPB) published a circular, stating that both consumer reporting agencies (CRAs) and furnishers may be held liable under the Fair Credit Reporting Act (FCRA) for failing to investigate disputes, including when they impose what the CFPB views as barriers to the submission of disputes. Specifically, the

Please join Consumer Financial Services Partner Chris Willis and his colleagues Ron Raether and Kim Phan, partners in our Privacy + Cyber Practice Group, as they discuss recent privacy and data security updates in the consumer financial services industry. Topics include:

  • The CFPB’s and FTC’s regulatory stance on privacy and data security issues;
  • The current landscape of privacy legislation; and
  • Emerging trends in privacy and data security litigation, including the status of litigation under the California Consumer Privacy Act, and how businesses can protect themselves going forward.

Your business was hit with a ransomware attack over the weekend, and the critical systems are locked up (i.e., encrypted). To unlock those valuable systems and continue operating the business, the threat actor demands financial payment. After much debate, you and your team decide the business needs to meet the threat actor’s demands

Exemption Extensions Failed. On August 31, California’s legislature ended its 2022 session without adopting legislation to extend the California Consumer Privacy Act (CCPA) employee and business-to-business (B2B) personal information exemptions. In the absence of a special legislative session, these exemptions will expire on January 1, 2023.

History of the Exemptions. Under the current exemptions, covered

Recently, the Ninth Circuit joined its sister circuit, the Eleventh, in vacating class settlements on standing grounds. In Harvey v. Morgan Stanley Smith Barney LLC, the court vacated the district court’s approval of the settlement agreement and remanded with instructions that the district court assess each individual class member for sufficient injury.

The litigation

On August 11, the Consumer Financial Protection Bureau (CFPB) published a circular, answering the question “Can entities violate the prohibition on unfair acts or practices in the Consumer Financial Protection Act (CFPA) when they have insufficient data protection or information security?” with a resounding “yes.” Specifically, the CFPB pointed to three practices — inadequate authorization,

On July 29, New York State’s Department of Financial Services (NYDFS) released draft amendments (Draft Amendments) to its Part 500 Cybersecurity Regulation for financial service companies that, among others things: (1) contain significant changes regarding ransomware; (2) propose a new class comprising larger entities, which will be subject to increased obligations for their cybersecurity programs;

What standard should courts use to determine whether information contained in a consumer’s credit report is inaccurate or misleading? According to the Third Circuit in a recent precedential decision, the standard should be that of the “reasonable reader,” not a “reasonable creditor,” i.e., not an individual or entity sophisticated in the art of reading

To help you keep abreast of relevant activities, below find a breakdown of some of the biggest events at the federal and state levels to impact the Consumer Finance Services industry this past week:

Federal Activities

State Activities

Federal Activities:

  • On August 7, the U.S. Senate passed the Inflation Reduction Act, which is supported by