On April 10, the Securities and Exchange Commission (“SEC”) and Commodity Futures Trading Commission (“CFTC”) approved a final rule requiring broker-dealers, registered investment companies, investment advisors, and other “financial institutions” and “creditors” regulated by the SEC or CFTC to set up programs to flag and deter identity theft. The new SEC and CFTC rules are… Continue Reading
Micah J. Ratner
Waive the Red Flag – SEC and CFTC Issue Identity Theft Red Flag Rules
Posted in Regulatory and ComplianceFirst Data Corp. Becomes the First Payment Processor to Have “Binding Corporate Rules” for Data Transfer Approved by EU Regulators
Posted in Privacy and Data SecurityFirst Data Corp. announced on November 14, 2011 that the UK Information Commissioner’s Office (“ICO”) approved its Binding Corporate Rules (“BCRs”) for data-sharing outside the EU. First Data went through a rigorous four-year process to obtain approval, but BCR reforms may streamline the procedure for other applicants going forward. First Data is the first payment… Continue Reading
MasterCard and Visa Initiatives to Target Advertising Demand Close Attention to Financial Privacy Rules
Posted in Privacy and Data SecurityThe ability to provide offers or ads targeted to the right person at the right place and at the right time may get a little easier. Not content with simply being a brand behind payments, MasterCard and Visa are pushing into the targeted ads and offers business. Such marketing tactics require careful structuring in order… Continue Reading
Introduction to Financial Privacy Presentation
Posted in Privacy and Data SecurityThis presentation covers basic issues under the Fair Credit Reporting Act and Gramm-Leach-Bliley Act privacy rule for non-financial services entities. Topics include: Definitions of “consumer report,” “consumer reporting agency,” and major exceptions “Permissible purposes” to obtain consumer reports Selected duties of “users” and “furnishers” of consumer reports Is your company covered by the Gramm-Leach-Bliley Act… Continue Reading
Payment Card Industry Council Releases Guidance on Protecting Card Information through Tokenization
Posted in Deals and Technology, Privacy and Data SecurityThe Payment Card Industry (PCI) Council issued new guidelines on tokenization. Tokenization is a process that conceals the financial account number from a merchant by replacing it with a surrogate number referred to as a “token.” The token is then matched with the financial account number that remains protected in a secure vault. The PCI’s… Continue Reading
Subscribe to this blog via RSS
Join the Discussion on Facebook
Follow Us on Twitter