The U.S. Securities and Exchange Commission announced a $35 million settlement with multinational financial services provider Morgan Stanley Smith and Barney's wealth and asset management division related to alleged insufficient data protection measures for approximately 15 million customers over a five-year period. The SEC claims various data deletion issues, including those occurring via a contracted third-party moving and storage company "with no experience or expertise in data destruction services" and by MSSB itself. SEC Enforcement Division Director Gurbir Grewal said, "Today's action sends a clear message to financial institutions that they must take seriously their obligation to safeguard (sensitive) data."
22 Sept. 2022
SEC fines Morgan Stanley $35M over alleged data protection, deletion issues
RELATED STORIES
Privacy in Arkansas: Is Arkansas ready for a consumer privacy law?
A view from DC: CFPB calls for states to regulate financial privacy
Notes from the IAPP Canada: OPC's WADA investigation 'raises some interesting issues'
A view from Brussels: European Commission's new tech policy center of gravity
First fine imposed under Thailand's Personal Data Protection Act
