CFPB – The Newest Cop On The Data Privacy Beat

    View Authors March 2016

    A recent US$100,000 penalty against online payment processing company Dwolla was the Consumer Financial Protection Bureau’s (CFPB) first data security enforcement action and it became the latest federal agency to take action against a company for inadequate safeguarding of sensitive personal information gathered online. The CFPB action sent a clear message that a company’s claims about its data security measures must be accurate, and that any company handling personal consumer data needs to have reasonable and adequate data security measures.

    This article, published on Law360, analyzes the CFPB’s consent order and its implications and takeaways for service providers and online platforms, as well as traditional financial companies.