In October, at the Privacy & Security Forum at George Washington University, Federal Trade Commissioner Terrell McSweeny emphasized that companies that outsource data security to third parties can still be liable in an FTC enforcement action.  This position follows what we have heard previously from the Office of Civil Rights, the agency charged with enforcement

On October 27, two law firms accused by the Consumer Financial Protection Bureau of violating the Consumer Financial Protection Act responded to the CFPB’s allegations that they failed to provide consumers with promised legal representation by accusing the CFPB of “improperly [attempting] to create a new federal common law definition of the practice of law.”  

On October 27, the U.S. District Court for the Northern District of Illinois awarded the Consumer Financial Protection Bureau $531.2 million against for-profit college chain Corinthian Colleges, Inc. for what the Bureau described as a “predatory” student lending program that the company administered.  Prior to its liquidation through bankruptcy earlier this year, Corinthian was one

LifeLock, an identity theft and data protection company, has reached a tentative proposed settlement with the FTC regarding deceptive marketing claims.

Privacy and security attorney Ron Raether, a partner at the law firm Troutman Sanders LLP, says that it appears, based on what LifeLock disclosed so far, that the FTC may not be demanding additional

Even high-tech companies with substantial in-house technical expertise may not be dealing with the most common type of cyber vulnerability. As technology geeks, we find it more interesting to talk about firewalls, proxy servers, router security, mobile device management, anonymization of data, encryption and the like. But technical security is not enough. Companies need to

On October 29, the Consumer Financial Protection Bureau filed a complaint in the Southern District of California against Global Financial Support, Inc. and its owner and CEO, Armond Aria, for allegedly engaging in a nationwide student financial aid scam.   

The Bureau claims that Defendants violated the UDAAP provisions of the Consumer Financial Protection Act when

On October 22, Consumer Financial Protection Bureau Director Richard Cordray delivered prepared remarks to the Consumer Advisory Board.  At the meeting, Cordray discussed arbitration and issues relating to non-English or limited Englishspeaking consumers.   

The issue of arbitration, however, was at the forefront of the discussion.  As we previously reported, the CFPB intends

Effective October 27, under the New York City Fair Chance Act, employers can inquire about a potential employee’s criminal record only after a conditional offer of employment is made.  The Act further requires that employers provide a written copy of the inquiry, the employer’s analysis, and any supporting documentation to applicants once such a

In July 2015, several companies that were the targets of non-public Consumer Financial Protection Bureau investigations sued the Bureau after it refused to allow their current counsel to attend the Bureau’s investigative testimony of one of the companies’ former attorneys.  The companies wanted one of their current attorneys to attend the testimony and assert the

On Monday, the European Union said it had reached an agreement in principle with the United States on a revised safe harbor program for trans-Atlantic data flow, following the recent Schrems decision before the Court of Justice of the European Union. Although the specifics remain to be worked out, organizations should brace themselves for likely