Privacy and data security are critically important in the financial services industry. The types of information held by financial institutions are among the most sensitive and highly regulated. Sidley advises clients on the full range of federal and state privacy and information practices matters affecting financial institutions.
In this rapidly changing environment, our lawyers represent and advise clients with respect to:
- The Gramm-Leach-Bliley Act and its implementing regulations, including financial institutions’ privacy policies, information sharing practices and data safeguarding.
- The Fair Credit Reporting Act, and its FACT Act amendments, which regulates the use of credit reports, identity theft prevention and other privacy-related practices.
- The CAN-SPAM Act and federal and state telemarketing laws.
- The Right to Financial Privacy Act.
- Federal and state data security and data breach laws.
- New legislative proposals, including proposals that would significantly expand privacy regulation at the federal level.
- Regulatory and administrative developments, particularly given the divided jurisdiction among the FTC, CFPB and other agencies.
- Cross-border issues relating to conflicting requirements of different domestic privacy regimes.
Because information is easily moved and because financial institutions increasingly operate across national borders—or use service providers who do—it is important to consider cross-border issues. This is particularly true because privacy laws, and even the basic understanding of privacy issues, vary tremendously among jurisdictions, most notably between the U.S. and the EU. Working with lawyers in our London and Brussels offices, we advise on transborder data transfers and other international privacy issues.