The U.S. Securities and Exchange Commission announced a $35 million settlement with multinational financial services provider Morgan Stanley Smith and Barney's wealth and asset management division related to alleged insufficient data protection measures for approximately 15 million customers over a five-year period. The SEC claims various data deletion issues, including those occurring via a contracted third-party moving and storage company "with no experience or expertise in data destruction services" and by MSSB itself. SEC Enforcement Division Director Gurbir Grewal said, "Today's action sends a clear message to financial institutions that they must take seriously their obligation to safeguard (sensitive) data."
22 Sept. 2022
SEC fines Morgan Stanley $35M over alleged data protection, deletion issues
Related stories
Notes from the IAPP Europe: EDPB and EDPS 2024 annual reports, first DMA fines and difficulties keeping up with deadlines
GPS 2025: Collaboration, precision highlight future of US state privacy law enforcement
Notes from the Asia-Pacific region: Add your voice to the privacy, governance discussion
GPS 2025: How 3 AI regulators view cross-border cooperation
GPS 2025: European regulators reflect on pay or consent enforcement, concerns
