FTC Proposes to Add Detailed Cybersecurity Requirements to the GLBA Safeguards Rule

The Federal Trade Commission has requested comment on proposed amendments to two key rules under the Gramm-Leach-Bliley Act.  Most significantly, the FTC is proposing to add more detailed requirements to the Safeguards Rule, which governs the information security programs financial institutions must implement to protect customer data.

It is also proposing to expand the definition of “financial institution” under the Safeguards Rule and the Privacy Rule to include “finders,” who “charge a fee to connect consumers who are looking for a loan to a lender.” And it is proposing to amend the Privacy Rule to make technical and conforming changes resulting from legislative amendments to GLBA in the Dodd-Frank Act and FAST Act of 2015.

More at Covington & Burling