CFPB to Step Up Enforcement of Fair Credit Reporting Act
The Consumer Financial Protection Bureau (CFPB) has issued new regulations around how companies can use and share credit and background reports. CFPB Director Rohit Chopra said in the Bureau’s release that, “While Congress and regulators must do more to protect our privacy, the CFPB will be taking steps to use the Fair Credit Reporting Act to combat misuse and abuse of personal data on background screening and credit reports.” The Fair Credit Reporting Act of 1970 regulates data brokers and other companies that compile reports about consumers. Under the Act, buyers of such reports must have a legitimate purpose for doing so.
China Experiences Large Cyber Attack
Last week China experienced what might be the biggest data leak in the nation’s history. According to Bloomberg, “earlier this week, unknown hackers claimed to have stolen data on as many as a billion Chinese residents after breaching a Shanghai police database. The purported theft of more than 23 terabytes of information has exposed potential data and security lapses and set the technology industry abuzz.” The Chinese government hasn’t publicly addressed the attack, though a State Council meeting led by Premier Li Keqiang referenced the need for improved security provisions.
Several US Agencies Look to Regulate AI
According to JD Supra, currently several U.S. agencies are considering AI regulations, including the Food and Drug Administration, the Equal Employment Opportunity Commission, the Department of Housing and Urban Development, and the Department of Transportation, which “is considering regulations to ‘curb lax security practices, limit privacy abuses, and ensure that algorithmic decision-making does not result in unlawful discrimination.’”
* * * * * * *
To read our coverage on the forecast and regulatory priorities for cybersecurity for the end of the year, click here.
To browse through our previously published articles and news alerts, please visit our website, and don’t forget to subscribe to receive free weekly Data and Cyber Governance news and Breach Reports directly to your email.
Keith Cheresko, Principal of Privacy Associates International LLC, joins Jody Westby on our Privacy and Cybersecurity podcast this week to discuss the burden placed on many companies due to the increase in contractual obligations associated with privacy laws and regulations. Our Podcasts are released every Thursday, here. They can also be enjoyed on Spotify and Apple Podcasts. Don’t forget to subscribe!