In this episode of The Consumer Finance Podcast, Chris Willis is joined by privacy Partner Kim Phan and Rami Haddad, deputy general counsel at PRA Group. This episode delves into a range of emerging privacy issues impacting the financial services industry. The discussion covers the evolving landscape of state privacy laws, the implications of the new Colorado AI law, and the challenges posed by online tracking technologies. The episode also highlights recent updates to the FTC’s Gramm-Leach-Bliley Act Safeguards Rule and explores the ramifications of a recent SEC enforcement case related to cybersecurity. Tune in for an insightful conversation on how these developments are shaping the regulatory environment for financial institutions.

Transcript: Navigating Emerging Privacy Issues in Financial Services (PDF)

Photo of Chris Willis Chris Willis

Chris is the co-leader of the Consumer Financial Services Regulatory practice at the firm. He advises financial services institutions facing state and federal government investigations and examinations, counseling them on compliance issues including UDAP/UDAAP, credit reporting, debt collection, and fair lending, and defending…

Chris is the co-leader of the Consumer Financial Services Regulatory practice at the firm. He advises financial services institutions facing state and federal government investigations and examinations, counseling them on compliance issues including UDAP/UDAAP, credit reporting, debt collection, and fair lending, and defending them in individual and class action lawsuits brought by consumers and enforcement actions brought by government agencies.

Photo of Kim Phan Kim Phan

Kim is a partner in the firm’s Privacy + Cyber Practice Group, where she is a privacy and data security attorney, who also assists companies with data breach prevention and response, including establishing effective security programs prior to a data breach and the

Kim is a partner in the firm’s Privacy + Cyber Practice Group, where she is a privacy and data security attorney, who also assists companies with data breach prevention and response, including establishing effective security programs prior to a data breach and the assessment of breach response obligations following a breach.