Data Security

Subscribe to Data Security

On Monday, May 17, 2021, the Federal Deposit Insurance Corporation (“FDIC”) issued a request for information and comment (“RFI”) regarding the current and potential digital asset activities of insured depository institutions (“IDIs”).  The RFI is intended to inform the FDIC’s understanding of digital asset activities, including associated risk and compliance management issues.  Comments on the RFI are due by July 16, 2021.

The RFI categorizes digital asset activities into five use cases and solicits comments based on this framework.  The five use cases are (i) technology solutions, such as token-based systems and distributed ledgers; (ii) asset-based activities, such as investments and margin lending; (iii) liability-based activities, such as deposit services and reserves; (iv) custodial services; and (v) other activities, which could include market-making and decentralized financing.  The RFI requests comment on whether additional use cases should be included within this framework and which use cases have the greatest demand in the marketplace.  The RFI also requests that commenters provide more detailed information about the use cases that IDIs currently conduct or are considering conducting.


Continue Reading FDIC Issues Request for Information on Digital Assets

On February 11, 2019, President Trump signed an Executive Order (“EO”), “Maintaining American Leadership in Artificial Intelligence,” that launches a coordinated federal government strategy for Artificial Intelligence (the “AI Initiative”).  Among other things, the AI Initiative aims to solidify American leadership in AI by empowering federal agencies to drive breakthroughs in AI research and development (“R&D”) (including by making data computing resources available to the AI research community), to establish technological standards to support reliable and trustworthy systems that use AI, to provide guidance with respect to regulatory approaches, and to address issues related to the AI workforce.  The Administration’s EO is the latest of at least 18 other countries’ national AI strategies, and signals that investment in artificial intelligence will continue to escalate in the near future—as will deliberations with respect to how AI-based technologies should be governed.

Continue Reading President Trump Signs Executive Order on Artificial Intelligence

On January 28, 2019, Senator Mike Crapo (R.-Id.), Chair of the Senate Committee on Banking, Housing, and Urban Affairs, published a column signaling his support for data privacy and security legislation in the 116th Congress.

In his column, Senator Crapo emphasizes what he sees as the “incredibly positive” developments associated with the development of

On January 17, 2019, the Payment Card Industry Security Standards Council (the “Council”), a payment industry association, released a new framework for PCI software security – the PCI Software Security Framework – to assist companies in designing and maintaining secure software for processing payment transactions. The framework includes two standards: the PCI Secure Software

In response to questions from a Member of the European Parliament, the European Data Protection Board (EDPB) has provided much needed clarification on the overlap between the General Data Protection Regulation (GDPR) and the EU Payment Services Directive (PSD2) in an open letter.  As we identified in a previous blog post on this topic, the interaction between PSD2, aimed at increasing the seamless sharing of data, and the GDPR, aimed at regulating such sharing, raises complicated compliance concerns.  The EDPB’s letter aims to clarify some of these difficult compliance questions.

Continue Reading European Data Protection Board Provides Clarification On PSD2