See 26 U.S.C. §§ 871, 881, 882. RFIA § 204(a) (adding 26 U.S.C. § 7701(a)(51)).Id. § 204(a).Id. § 301 (adding 15 U.S.C. § 41(b)(4)).Id. § 301 (adding 15 U.S.C. § 41(a)).Id.Id. §§ 401-403.Id. § 404 (adding 7 U.S.C. 5i). For these purposes, a “digital asset exchange” would mean “a trading facility that lists for trading at least 1 digital asset.”

Counsel representing financial institutions in a bankruptcy case and debtor's counsel should understand the GLBA requirements when working together on providing notices, plan solicitations, and negotiations.FTC ActThe Federal Trade Commission Act of 1914 (FTC Act), 15 U.S.C. §§ 41–58, established the FTC in order to regulate questionable business practices. Pursuant to the FTC Act, the FTC is empowered to (1) prescribe rules that set forth in particular detail the acts that the FTC considers unfair or deceptive, along with establishing requirements in order to prevent such acts from transpiring in the first instance, (2) fine violators, as well as prescribe other forms of relief (such as issuing cease and desist orders) for conduct considered deleterious to consumers, (3) conduct investigations in order to enforce the FTC Act, and (4) provide recommendations and reports to Congress in connection with its findings.

I.Legal Exposure to Federal and State Privacy LawsA.Federal Statutes and Enforcement1. Federal Trade Commission Act, 15 U.S.C. §§ 41-58 The Federal Trade Commission (FTC) has emerged as the leading federal regulator for privacy and data security. The FTC enforces a number of statutes that relate to, or provide the basis for, enforcement proceedings related to privacy and data security.

ed.ConclusionIn addition to the new wave of data privacy statutes, several states have recently passed laws creating obligations for private sector actors that handle personal information. For instance, statutes in several states require companies to implement and maintain reasonable security measures with respect to collection and storage of consumer information. As a consequence of this wave of state data privacy laws, companies now face an additional layer of exposure to data privacy lawsuits. Accordingly, companies should evaluate and update their privacy policies and data collection and retention practices. Thorin Klosowski, The State of Consumer Data Privacy Laws in the US (And Why It Matters), N.Y. Times, September 6, 2021, https://www.nytimes.com/wirecutter/blog/state-of-privacy-laws-in-us/.Id. See, e.g., the Federal Trade Commission’s description of sectors and subjects subject to privacy laws at the following website: Privacy and Security | Federal Trade Commission (ftc.gov) 15 U.S. Code § 41 et seq.Supra, note 1. See, e.g., the settlement described in the following article: Natalie Hanson, Judge approves settlement ordering Plaid to pay $58 million for selling consumer data, Courthouse News Service, July 20, 2022, https://www.courthousenews.com/judge-approves-settlement-ordering-plaid-to-pay-58-million-for-selling-consumer-data/.See Cal. Civ. Code, § 1798.140(i) for the definition of “consumer,” available here: California Privacy Rights Act Cal Civ. Code, § 1798.100, et seq. See response to FAQ, No. 1, here: .[View source.]

other digital content." Section 3(p). "Dual-use foundation model is defined in the EO as "an AI model that is trained on broad data; generally uses self-supervision; contains at least tens of billions of parameters; is applicable across a wide range of contexts; and that exhibits, or could be easily modified to exhibit, high levels of performance at tasks that pose a serious risk to security, national economic security, national public health or safety, or any combination of those matters…". Section 3(k). "AI red-teaming" is defined in the EO as "structured testing effort to find flaws and vulnerabilities in an AI system, often in a controlled environment and in collaboration with developers of AI." Section 3(d). 50 U.S.C. 4501 et seq. Section 4.2.Id. Section 4.2(c). Section 4.8. Section 51. Section 5.2(b). Section 6. Section 7.3. Section 5.2(c).Id.Alice Corp. v. CLS Bank Int’l., 573 U.S. 208 (2014). Section 5.2(e). Section 5.2(f). Section 8(b). Section 8(b)(v). Section 5.2(g).Id.Id. 15 U.S.C. 41 et seq. Section 5.3(a). Public Law 117-167. Section 5.3(b).Id.Id. "Crime forecasting" is defined in the EO as "the use of analytical techniques to attempt to predict future crimes or crime-related information. It can include machine-generated predictions that use algorithms to analyze large volumes of data, as well as other forecasts that are generated without machines and based on statistics, such as historical crime statistics." Section 3(g). Section 7.1(b). Section 7.2(b)(i). Section 7.2(b)(ii). Section 7.3(b).Id. Section 8(c).Id. Section 8(d).Id. Section 8(e). Section 9(a).Id. Section 9(b). Section 10(a). Section 10(b).Id. Section 10(d). Section 10(f)(2).Id. Section 11(a)(ii). Section 11(b). Section 11(c)-(d).

.Note that the DFS letter does not discuss all situations in which a creditor or servicer may owe a consumer a refund or rebate for the unused portion of an ancillary product. The letter focuses on contracts that end due to repossession or total loss of the vehicle. However, a creditor or servicer may also owe a refund if a debtor cancels an ancillary product voluntarily or prepays the debt in full before the end of the ancillary product's term. Note also that the contract and state law will dictate the calculation of any required rebate. The DFS letter indicates that consumers are entitled to prorated rebates, but that may not be exactly right; some contracts or state laws may require or allow other formulas for rebates.The DFS letter does not specify under which law it considers the cited practices unfair or deceptive. However, the explanations of how the practices are unfair and deceptive suggest that the DFS based its arguments on the standards in the Federal Trade Commission Act, 15 U.S.C. §§ 41 et seq., as the FTC has interpreted those standards, or the Dodd-Frank Act, 12 U.S.C. §§ 5491 et seq., as the Consumer Financial Protection Bureau has interpreted those standards. Additionally, New York's Consumer Protection from Deceptive Acts and Practices Law, N.Y. Gen. Bus. Law §§ 349 et seq., prohibits deceptive acts and practices in business, trade, commerce, and the furnishing of any service in New York.What can you take away from this DFS letter? The most obvious lesson is that the DFS is on the lookout for companies that claim larger deficiency balances than they should because of missing or miscalculated rebates or credits. When a credit contract ends for any reason, whether on schedule or not, you need to address all remaining items, both what the consumer owes you and what you may owe the consumer. Sometimes, this process is simple. Maybe the consumer paid on time every month and the only remaining item is a lien release fee. Other times, it's more complex. If you reposses

e or more unified opt-out mechanisms, including global privacy signals, to allow individuals to exercise their rights to object to data transfer and opt-out of targeted advertising.Requires large data holders to annually certify their maintenance of internal controls and reporting structures designed to ensure compliance with the Act.Requires covered entities with more than 15 employees to appoint at least one privacy officer and one data security officer responsible for implementation of the entity’s privacy and data security programs. Large data holders are further required to appoint a privacy protection officer who reports directly to the company’s highest official and oversees the development and/or implementation of policy reviews, audits, and employee training.Grants the Division of Consumer Protection authority to enforce the Act.Violations of the Act constitute unfair or deceptive acts or practices and are subject to the penalties outlined in the Federal Trade Commission Act (15 U.S.C. § 41 et seq.)Authorizes the state AG to bring civil actions to enforce the Act. State AG may seek civil penalties, damages, injunctive relief, and reasonable attorneys’ fees.Creates a private right of action (effective two years after the Act’s effective date) for specific violations of the Act. Plaintiffs may seek compensatory damages, injunctive and declaratory relief, and reasonable attorneys’ fees. For suits brought pursuant to this private right of action, Act establishes a 45-day cure period for small businesses.Entities compliant with the data privacy requirements of GLBA, FCRA, FERPA, and HIPAA are deemed compliant with related requirements of the Act, except for Section 1527 of the Act (the Act’s data security requirements). Compliance with GLBA and HIPAA’s information security requirements establishes compliance with Section 1527.Establishes a Privacy and Security Victims Relief Fund, into which civil penalties collected pursuant to the Act are to be deposited.Grants the Division

ncy’s attempt to litigate its enforcement action in an administrative proceeding presided over by an Administrative Law Judge (ALJ), removable only for good cause as determined by the Merit Systems Protection Board (MSPB) rather than by the President. Respondents each argued “that [this] fundamental aspect of the Commission’s structure violates the Constitution; that the violation made the entire proceeding unlawful; and that being subjected to such an illegitimate proceeding causes legal injury (independent of any rulings that the ALJ might make).” Respondents premised jurisdiction on a district court’s ordinary federal-question authority under 28 U.S.C. § 1331 to resolve “civil actions arising under the Constitution, laws and treaties of the United States.”Respondents filed their collateral Constitutional actions to enjoin the FTC’s and SEC’s administrative actions despite the fact that both the Securities Exchange Act of 1934 (Exchange Act, 15 U.S.C. § 78a et seq.) and the FTC Act (15 U.S.C. § 41 et seq.), provide that the SEC and FTC can bring enforcement actions by instituting administrative proceedings adjudicated by an ALJ, and each set forth the procedures which must be followed to appeal an ALJ’s ruling. Under these statutes, a losing party in the administrative forum can appeal an ALJ’s ruling to the respective agency, either the SEC or FTC. Only after a final commission decision is a respondent permitted to seek review by a federal court of appeals of the commission decision. See 15 U.S.C. § 78y(a)(1); 15 U.S.C. § 45(c). Prior to this decision by the Supreme Court, lower courts were routinely rejecting similar collateral attacks on SEC and FTC administrative proceedings.In both Axon and Cochran, the respondents sought to enjoin the administrative proceedings in federal district court prior to an ALJ decision. Specifically, in Cochran, the SEC brought an administrative action against a certified public accountant, Michelle Cochran, for allegedly failing to comply with a

In her resignation statement, Commissioner Wilson pulled no punches against Chair Khan, leading her op-ed with the following statement:“Much ink has been spilled about Lina Khan’s attempts to remake federal antitrust law as chairman of the Federal Trade Commission. Less has been said about her disregard for the rule of law and due process and the way senior FTC officials enable her. I have failed repeatedly to persuade Ms. Khan and her enablers to do the right thing, and I refuse to give their endeavor any further hint of legitimacy by remaining.” The FTC is designed by statute to be bipartisan, as no more “than three of the Commissioners shall be members of the same political party.” 15 U.S.C. § 41. Under the Biden administration, three of the five Commissioners have been Democrats, with a strong focus on activist appointees. The two Republican Commissioners have dissented from many FTC decisions, but the majority, led by Chair Khan, has been able to pursue its agenda over those dissents. According to Commissioner Wilson’s statement, Chair Khan has “consolidated power within the Office of the Chairman, breaking decades of bipartisan precedent and undermining the commission structure that Congress wrote into law.”Republican Noah Phillips resigned as a Commissioner in October 2022, before his term expired. Although he did not issue a negative public resignation statement, he often joined Commissioner Wilson in challenging Chair Khan’s agenda, arguing that the FTC’s activities exceeded the agency’s legal authority. Commissioner Wilson’s resignation will leave the FTC with just three commissioners—all from the same political party. Her departure is not likely to change the outcome o

e Workforce Mobility Act (the “Act”). This bill has been introduced previously, but never made it out of committee.If enacted, the Act would prohibit the use, enforcement, and attempted enforcement of most post-employment noncompetes. The only enumerated exceptions are in the sale of a business or dissolution of a partnership context, including for senior executives who enter into severance agreements in connection with the sale of a business, provided that any provision in a senior executive’s severance agreement is limited to one year. The Act would also require employers to post and maintain notice of the provisions of the Act in a conspicuous place. And it prohibits mandatory arbitration provisions and class action waivers.In addition, the Act would empower the Federal Trade Commission (FTC) to enforce the Act “in the same manner, by the same means, and with the same jurisdiction, powers, and duties as though all applicable terms and provisions of the Federal Trade Commission Act (15 U.S.C. 41 et seq.) were incorporated into and made a part of this Act.”Likewise, the Act would empower the Department of Labor (DOL) to investigate violations of the Act and enforce it in court. The Act provides that “[n]ot later than 18 months after the date of enactment of this Act, the Secretary of Labor, in consultation with the Chair of the Federal Trade Commission, shall issue regulations as necessary to carry out this Act, including with respect to the authority of the Secretary of Labor to enforce violations” of the Act.The Act also provides for a private right of action to any “individual who is aggrieved by a violation of this Act.” Any such person “may bring a civil action in any appropriate district court of the United States,” and may seek to recover actual damages and attorneys’ fees.Finally, the Act permits state Attorneys General to enforce the Act if they have “reason to believe that an interest of the residents of the State has been or is threatened or adversely affected by an