February 26, 2020

NAFCU talks data privacy, GLBA safeguards with FTC

FTCYesterday, NAFCU Director of Regulatory Affairs Ann Kossachev, Senior Regulatory Counsel Elizabeth LaBerge, and Regulatory Affairs Counsel Mahlet Makonnen met with the Federal Trade Commission's Bureau of Consumer Protection, Division of Privacy and Identity Protection to discuss data privacy and safeguards under the Gramm-Leach-Bliley Act (GLBA), among other things.

NAFCU recently urged the Federal Financial Institutions Examination Council (FFIEC) to provide data privacy guidance indicating that the GLBA should be the sole framework under which financial institutions collect, process, sell, or disclose consumer data, thereby eliminating duplicative state standards. During Tuesday's meeting, NAFCU shared with the FTC the effectiveness of current GLBA safeguards and how such guidance would provide consistent protection for consumers across state lines.

Additionally, the group discussed NAFCU’s support for the FTC’s efforts to bolster the GLBA's safeguards rule. However, NAFCU recommends that the FTC clarify that credit union service organizations – which by definition primarily serve credit union members – will not be subject to duplicative or potentially inconsistent data privacy expectations originating from different agencies.

The association is an advocate for a uniform federal data privacy standard that protects consumers and reduces the regulatory burden of having to comply with a patchwork of state laws. As the industry's Washington Watchdog, NAFCU's unmatched relationships with key regulators and policymakers ensure credit unions' voices are heard and industry issues are addressed.