In this special joint episode of The Consumer Finance Podcast and Payments Pros, Taylor Gess and Kim Phan discuss key privacy and data security risks in point-of-sale finance. They dive into regulators’ growing view that every player in the payments chain shares responsibility for protecting data, highlighting best practices for vendor management, PCI DSS oversight, and incident response planning. The episode also touches on the shifting patchwork of state privacy and breach notification laws, GLBA exemptions, and the risks of data monetization, including when packaging and selling transaction data can trigger Fair Credit Reporting Act obligations.

Transcript: Point-of-Sale Finance Series: Privacy, Breaches, and Data Monetization (PDF)

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Taylor Gess Taylor Gess

Taylor focuses her practice on providing regulatory advice on matters related to federal and state consumer protection, consumer finance, and payments laws, including those that apply to payment cards, lines of credit, installment loans, electronic payments, online banking, buy-now-pay-later transactions, retail installment contracts…

Taylor focuses her practice on providing regulatory advice on matters related to federal and state consumer protection, consumer finance, and payments laws, including those that apply to payment cards, lines of credit, installment loans, electronic payments, online banking, buy-now-pay-later transactions, retail installment contracts, rental-purchase transactions, and small business loans.

Read more about Taylor Gess
Show more Show less
Photo of Kim Phan Kim Phan

Kim is a partner in the firm’s Privacy + Cyber Practice Group, where she is a privacy and data security attorney, who also assists companies with data breach prevention and response, including establishing effective security programs prior to a data breach and the

Kim is a partner in the firm’s Privacy + Cyber Practice Group, where she is a privacy and data security attorney, who also assists companies with data breach prevention and response, including establishing effective security programs prior to a data breach and the assessment of breach response obligations following a breach.

Read more about Kim PhanKim's Linkedin Profile
Show more Show less
Related Posts
istock_102344703_og_cybersecurity-privacy
NY DFS Hosts Webinar on MFA Requirements
March 4, 2026
Alabama Flag
Alabama Enacts App Store Law
February 18, 2026
Privacy_1200x600_GettyImages-1952157610
Privacy With a Purpose: Data Privacy Day 2026
January 27, 2026