Skip to main content
Menu Icon Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations


Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.

  • Creditor collateral protection insurance disclosures required in New Jersey

    State Issues

    On January 13, the New Jersey governor signed S 2998, which amends the state’s collateral protection insurance (CPI) disclosure requirements. The amendments provide that when CPI is required and provided by the creditor, the creditor must disclose to the consumer debtors that they will be responsible for interest on the CPI cost “at the same rate that is applied pursuant to [the debtor’s] credit agreement.” The creditor must also provide a “good faith estimate” of what the CPI coverage will cost the debtor. Additionally, the creditor must instruct the debtors how to provide evidence of the required insurance, so that in those instances where the debtor obtains CPI, the creditor-purchased CPI can be cancelled and the costs and interest fees can be recovered. The amendments take effect on April 12.

    State Issues State Regulation State Legislation Disclosures Debt Collection Insurance

    Share page with AddThis
  • California outlines new data privacy rights

    State Issues

    On January 6, the California attorney general issued an advisory explaining consumers’ rights under the California Consumer Privacy Act (CCPA), which took effect January 1. (See previous InfoBytes coverage on the CCPA here.) These rights include (i) the right to request from businesses what personal information they collect, use, share, or sell; (ii) the right to request that businesses and their service providers delete one’s personal information; (iii) the right to opt out of businesses’ disclosure of one’s personal information via “Do Not Sell” links on businesses’ websites and mobile apps; (iv) the right of children younger than 16 to have businesses disclose their personal information only after receiving the child’s opt-in consent (though parents or guardians may consent for children under 13); and (v) the right to non-discrimination should a consumer exercise his or her privacy rights under the CCPA.

    In addition to enumerating these consumer rights, the advisory specifies the types of businesses subject to the CCPA, provides information on the state’s data broker registry, and describes consumers’ private right of action in the event of a data breach.

    State Issues State Attorney General Privacy/Cyber Risk & Data Security CCPA State Regulation

    Share page with AddThis
  • New York extends consumer protections for vehicle leases

    State Issues

    On December 23, the New York governor signed S 3631, which amends the state’s insurance law to increase protections for New York consumers from unplanned charges at the end of a motor vehicle lease. The definition of “service contracts” is broadened to cover more comprehensive service contracts on motor vehicles leased for personal use. Service contracts covered by the law will now include agreements that apply to accidental damage and excess use and wear and tear, including missing parts of the vehicle, and items not covered by a warranty or other service agreement, as long as such services do not exceed the purchase price of the automobile. The law became effective when signed.

    State Issues Auto Finance Auto Leases State Regulation Consumer Protection Service Contracts

    Share page with AddThis
  • Hospitality company's bid to dismiss data breach suit rejected


    On December 13, the U.S. District Court for the District of Maryland denied an international hospitality company’s motion to dismiss a data breach suit brought by the City of Chicago. According to the city’s complaint, the company violated the Illinois Consumer Fraud and Deceptive Business Practices Act by, among other things, allegedly failing to (i) “protect Chicago residents’ personal information”; (ii) implement and maintain reasonable security measures; (iii) disclose that it did not maintain reasonable security measures; and (iv) provide “prompt notice” of the breach to Chicago residents. According to the opinion, the city had established standing to sue the company because it adequately alleged injury to its municipal interests. Additionally, the court rejected the company’s assertion that the suit is unconstitutional under the Illinois Constitution, stating that the consumer protection ordinance the company was alleged to have violated “addresses a local problem, making it a legitimate exercise of the City’s home rule authority” under the state’s constitution. The company had released a statement in November 2018, which is at the center of the city’s action, stating that the breach was discovered in September 2018, had exposed personal information from 500 million guests, and been ongoing since 2014.


    Courts Privacy/Cyber Risk & Data Security State Issues State Regulation Consumer Protection Data Breach

    Share page with AddThis
  • California governor signs CCPA amendments

    State Issues

    On October 11, the California governor signed several amendments to the California Consumer Privacy Act (CCPA) and other privacy-related bills. As previously covered by a Buckley Special Alert, AB 874, AB 1355, AB 1146, AB 25, and AB 1564 leave the majority of the consumer’s rights intact in the CCPA and clarify certain provisions—including the definition of “personal information.” Other exemptions were added or clarified regarding the collection of certain data that have a bearing on financial services companies. Notable revisions to the CCPA include the (i) “personal information” definition; (ii) FCRA exemption; (iii) employee exemption; (iv) business individual exemption; (v) verification and delivery requirements; (vi) privacy policy and training requirements; (vii) collection of information; and (viii) vehicle/ownership information exemption. The various amendments are effective on January 1, 2020, the same day the CCPA becomes effective.

    Additionally, on October 10, the California attorney general released the highly anticipated proposed regulations implementing the CCPA. See the Buckley Special Alert for details of the proposed regulations.

    State Issues Privacy/Cyber Risk & Data Security State Legislation State Attorney General FCRA State Regulation CCPA

    Share page with AddThis

Upcoming Events