Press "Enter" to skip to content

Posts published in “Compliance Management”

New Hampshire Enacts Comprehensive Consumer Data Privacy Law

New Hampshire Gov. Chris Sununu on March 6 signed into law Senate Bill 255, making New Hampshire the 14th state to enact a comprehensive consumer data privacy law, following California, Virginia, Colorado, Utah, Connecticut,  Iowa, Indiana, Tennessee, Montana, Texas, Oregon,  Delaware, and New Jersey.  The law will go into effect Jan. 1, 2025.

FTC Amends Safeguards Rule; Nonbank Financial Institutions Must Report Data Breaches to the FTC

The Federal Trade Commission recently announced approval of an amendment to the Gramm-Leach-Bliley Act Safeguards Rule to require nonbank financial institutions to report to the FTC the unauthorized acquisition of unencrypted customer information involving at least 500 consumers (a “notification event”).

7th Cir. Rules Dispute Sent Through Wrong Channel Gave Rise to Valid FDCPA ‘Bona Fide’ Error Defense

The U.S. Court of Appeals for the Seventh Circuit recently affirmed a trial court’s summary judgment ruling in favor of a debt collector asserting a bona fide error defense to an action under the federal Fair Debt Collection Practices Act.

Illinois App. Court (2d Dist) Upholds Dismissal of FDCPA Claims as Demand Letter Indicated Debt Was Commercial

The Appellate Court of Illinois, Second District, recently affirmed the dismissal of a claim for supposed violations of the federal Fair Debt Collections Practices Act where the consumer plaintiff failed to allege facts that the money sought to be collected was a “debt” as defined by section 1692a(5) of the FDCPA, and the demand letter from the defendant law firm indicated that the debt was commercial in nature.

Illinois Supreme Court Rules Separate Claims Accrue Under BIPA for Each Alleged Violation

The Illinois Supreme Court, after receiving a certified question from the U.S. Court of Appeals for the Seventh Circuit, recently held that a separate claim accrues under the Illinois Biometric Information Privacy Act each time a private entity improperly scans or transmits an individual’s biometric identifier or information.