On June 13, the Federal Trade Commission held a virtual workshop on proposed changes to the Gramm-Leach-Bliley Act safeguards rule.

Unchanged since it was issued in 2002, the safeguards rule imposes data security requirements on nonbank financial institutions, such as many fintech companies, universities, auto dealers, and mortgage brokers or other nondepository lenders.

The FTC used the original rule as a blueprint for data security requirements and consent orders under Section 5 of the Federal Trade Commission Act, and the agency may take a similar approach with the modified rule.

Click here to read the full article published by Law360.