On April 10, the Securities and Exchange Commission (“SEC”) and Commodity Futures Trading Commission (“CFTC”) approved a final rule requiring broker-dealers, registered investment companies, investment advisors, and other “financial institutions” and “creditors” regulated by the SEC or CFTC to set up programs to flag and deter i… Read the rest
First Data Corp. announced on November 14, 2011 that the UK Information Commissioner’s Office (“ICO”) approved its Binding Corporate Rules (“BCRs”) for data-sharing outside the EU. First Data went through a rigorous four-year process to obtain approval, but BCR reforms may streamline the procedure for other applicants going forward. … Read the rest
The ability to provide offers or ads targeted to the right person at the right place and at the right time may get a little easier. Not content with simply being a brand behind payments, MasterCard and Visa are pushing into the targeted ads and offers business. Such marketing tactics require careful structuring in order to comply with consumer privacy pr… Read the rest
This presentation covers basic issues under the Fair Credit Reporting Act and Gramm-Leach-Bliley Act privacy rule for non-financial services entities.
- Definitions of “consumer report,” “consumer reporting agency,” and major exceptions
- “Permissible purposes” to obtain consumer reports
The Payment Card Industry (PCI) Council issued new guidelines on tokenization. Tokenization is a process that conceals the financial account number from a merchant by replacing it with a surrogate number referred to as a “token.” The token is then matched with the financial account number that remains protected in a secure vault. The PCI’… Read the rest