Photo of Jessica D. Pedersen

Jessica Pedersen advises businesses on complex data privacy and cybersecurity issues. Jessica has experience counseling a diverse range of companies on compliance with both existing and emerging privacy and security laws, including the E.U.’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). In addition, she assists clients in preparing for and responding to cybersecurity threats, including designing data breach tabletop exercises, managing data breach response, and defending privacy and data breach litigation. Jessica also represents clients in related regulatory investigations. She is a certified privacy professional through the International Association of Privacy Professionals (CIPP/US).

On Aug. 11, 2022, the U.S. Consumer Financial Protection Bureau issued guidance indicating that financial institutions and service providers that fail to adopt sufficient data security measures to protect consumer financial data may violate the Consumer Financial Protection Act provision prohibiting unfair acts and practices.

Click here to continue reading the full GT Alert.

On Oct. 27, 2021, the Federal Trade Commission (FTC) amended its Standards for Safeguarding Customer Information (the “Safeguards Rule”), promulgated under the Gramm-Leach-Bliley Act (GLBA).

This GT Alert covers the following:

  • The FTC has expanded the definition of “Financial Institutions” to include more types of companies, although smaller companies remain exempt from more onerous requirements.