Photo of Tessa Cierny

Tessa Cierny advises companies on financial technology and data privacy issues. She has experience counseling companies on state and federal regulatory compliance, including existing and emerging privacy laws, such as the E.U.’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), as well as financial and banking regulations, such as the CFPB’s Section 1071 Small Business Lending Rule (Regulation B). In addition, she assists clients in defending business disputes and data breach litigation.

Prior to joining Greenberg Traurig, she served as global records manager for WestRock, where she developed and implemented email and data retention policies for global data privacy regulation compliance. In this role, she also advised on data privacy concerns related to data retention, data loss prevention, and data governance.

On Nov. 12, 2024, the Consumer Financial Protection Bureau (CFPB) released a report examining federal and state privacy protections for consumers’ financial data. In the report, the CFPB “critiques” the privacy protections available under the Gramm-Leach-Bliley Act (GLBA) and the Fair Credit Reporting Act (FCRA), asserting that the federal framework has “limitations.” The CFPB then

On Oct. 22, 2024, the CFPB issued a final rule that will require covered financial institutions to provide consumers and authorized third parties with access and portability options for their financial data. The CFPB’s final rule, called the “Personal Financial Data Rights Rule,” implements Section 1033 of Title X of the Dodd-Frank Act, a to-date

On Oct. 16, 2024, the Federal Trade Commission announced its final “Click-to-Cancel” Rule for subscription services and other negative option offers. The rule requires sellers to make it as easy for consumers to cancel subscriptions as it was to sign up for them. The rule also changes businesses’ marketing, disclosure, consent, and recordkeeping requirements and

On April 4, 2024, the CFPB issued a report titled “Banking in Video Games and Virtual Worlds” that examines the financial and privacy risks to consumers in online video gaming marketplaces.

The CFPB’s report explains that gaming platforms facilitate the storage and exchange of valuable assets while collecting large amounts of data from their users.

On Oct. 19, 2023, the CFPB released a proposed rule that, if finalized in its present form, would require covered financial institutions to provide consumers and authorized third parties with access and portability options for their financial data. The CFPB’s proposed rule, called the “Personal Financial Data Rights” rule, would implement Section 1033 of Title