Wiley Consumer Protection Download (January 10, 2022) | Wiley Rein LLPJanuary 11, 2022
Welcome to Wiley’s update on recent developments and what’s next in consumer protection at the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC). In this newsletter, we analyze recent regulatory announcements, recap key enforcement actions, and preview upcoming deadlines and events. We also include links to our articles, blogs, and webinars with more analysis in these areas. We understand that keeping on top of the rapidly evolving regulatory landscape is more important than ever for businesses seeking to offer new and ground-breaking technologies. Please reach out if there are other topics you’d like to see us cover or for any additional information.
Check out Wiley’s Biden Administration Resource Center for insights on the shifting legal and policy landscape under the 46th President.
President Biden Renominates Alvaro Bedoya to FTC. On January 4, President Joe Biden renominated Alvaro Bedoya as FTC Commissioner. President Biden had originally nominated Bedoya on September 13 to fill the FTC Commissioner seat vacated by Former Commissioner Rohit Chopra upon his confirmation to Director of the CFPB on September 30. Bedoya, who is the founding director of the Center on Privacy & Technology at Georgetown Law, previously served as the first Chief Counsel to the U.S. Senate Judiciary Subcommittee on Privacy, Technology and the Law. A December 1, 2021 vote to send his nomination from the Committee to the entire Senate faced opposition from all Senate Republicans on the Committee.
FTC Warns Companies About Log4j Security Vulnerability. On January 4, the FTC published a blog post warning companies about Log4j, which the agency describes as “a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services.” Specifically, the FTC noted that “a serious vulnerability in the popular Java logging package, Log4j (CVE-2021-44228) was disclosed, posing a severe risk to millions of consumer products to enterprise software and web applications.” The agency notes that when vulnerabilities are discovered and exploited, companies have a duty to take steps to mitigate known software vulnerabilities pursuant to both the FTC Act and the Gramm-Leach-Bliley Act (GLBA). The FTC warns that it “intends to use its full legal authority to pursue companies that fail to take reasonable steps to protect consumer data from exposure as a result of Log4j, or similar known vulnerabilities in the future.” You can check whether your systems potentially use Log4j software by consulting guidance here.
CFPB Report Details Consumer Complaint Response Issues with Big Three Credit Bureaus. On January 5, the CFPB released new analysis detailing how changes in complaint responses provided by the nationwide consumer reporting agencies – Equifax, Experian, and TransUnion – purportedly resulted in fewer responses and less relief for consumers….