Newsroom
NAFCU, trades voice concerns around data privacy draft bill, share support for SECURE Act
NAFCU along with several other organizations wrote to the House Energy and Commerce Subcommittee on Consumer Protection and Commerce in conjunction with their markup yesterday to consider federal data privacy and security standards as part of H.R. 8152, the American Data Privacy and Protection Act (ADPPA), introduced this week. Of note, the subcommittee passed ADPAA by voice vote and it is now headed to the full committee for a vote.
House Energy and Commerce Committee Chairman Frank Pallone, D-N.J., Ranking Member Cathy McMorris Rodgers, R-Wash., and Senate Commerce, Science, and Transportation Committee Ranking Member Roger Wicker, R-Miss., unveiled the bipartisan data privacy legislation earlier this month in an effort to reignite the conversation around the need for comprehensive federal data privacy and security standards. The bill was formally introduced in the House this week ahead of the markup.
In the letter, NAFCU and the groups expressed that while they are supportive of comprehensive federal data privacy standards, there are several provisions of concern under the ADPPA, particularly around existing data and privacy standards for financial institutions under the Gramm-Leach Bliley Act (GLBA). The groups also warned against the “overly rushed pace that this legislation is proceeding through the Committee process,” saying it did not allow for “adequate input from stakeholders.”
Citing the carefully structured privacy and data standards under the GLBA, the groups noted that this existing framework creates an “effective and successful balance between strong consumer protections and ensuring that consumer financial transactions take place in a safe and secure environment.”
However, the legislation in consideration excludes “unambiguous language for financial institutions to understand their exemption from the requirements of the bill,” and is disruptive to the data privacy system already set in place.
“The ADPPA should be amended to broaden the provision to exempt all GLBA regulated institutions to avoid such disruption,” wrote the groups. NAFCU and the organizations also questioned the feasibility of uniform enforcement from state-to-state. Varying enforcement by private rights of action would only lead to “different interpretations in the law,” noted the groups.
In addition, the groups also suggested that any federal privacy and data standards preempt existing state laws to “avoid inconsistent and duplicative requirements that could potentially disrupt financial transactions and the financial system.” While the ADPPA would preempt many state laws, it would also provide many exceptions that undermine the preemption.
“The ADPPA should be amended to create a clear and direct preemption of all state privacy and data protection provisions to prevent the continued patchwork of requirements imposed on companies,” suggested the group.
During the markup, lawmakers also passed the Securing and Enabling Commerce Using Remote and Electronic Notarization (SECURE) Act, in a 22-0 vote, which will provide businesses and consumers the ability to execute critical documents using two-way audiovisual communication. NAFCU and other trades shared support for the SECURE Act, in a letter to the subcommittee, stating that its passage would be critical in helping businesses“ leverage technology to continue to keep Americans safe while also meeting their needs into the future through innovation.” This legislation will also head to the full committee for a vote.
NAFCU has long advocated for comprehensive federal data privacy standards through its six data privacy principles and will continue to monitor movement on federal data privacy legislation.
Share This
Related Resources
Add to Calendar 2024-06-26 14:00:00 2024-06-26 14:00:00 Gallagher Executive Compensation and Benefits Survey About the Webinar The webinar will share trends in executive pay increases, annual bonuses, and nonqualified benefit plans. Learn how to use the data charts as well as make this data actionable in order to improve your retention strategy. You’ll hear directly from the survey project manager on how to maximize the data points to gain a competitive edge in the market. Key findings on: Total compensation by asset size Nonqualified benefit plans Bonus targets and metrics Prerequisites Demographics Board expenses Watch On-Demand Web NAFCU digital@nafcu.org America/New_York public
Gallagher Executive Compensation and Benefits Survey
preferred partner
Gallagher
Webinar
Add to Calendar 2024-06-21 09:00:00 2024-06-21 09:00:00 The Evolving Role of the CISO in Credit Unions Listen On: Key Takeaways: [01:30] Being able to properly implement risk management decisions, especially in the cyber age we live in, is incredibly important so CISOs have a lot of challenges here. [02:27] Having a leader who can really communicate cyber risks and understand how ready that institution is to deal with cyber events is incredibly important. [05:36] We need to be talking about risk openly. We need to be documenting and really understanding what remediating risk looks like and how you do that strategically. [16:38] Governance, risk, compliance, and adherence to regulatory controls are all being looked at much more closely. You are also seeing other technology that is coming into the fold directly responsible for helping CISOs navigate those waters. [18:28] The reaction from the governing bodies is directly related to the needs of the position. They’re trying to help make sure that we are positioned in a way that gets us the most possibility of success, maturing our postures and protecting the institutions. Web NAFCU digital@nafcu.org America/New_York public
The Evolving Role of the CISO in Credit Unions
preferred partner
DefenseStorm
Podcast
AI in Action: Redefining Disaster Preparedness and Financial Security
Strategy
preferred partner
Allied Solutions
Blog Post
Get daily updates.
Subscribe to NAFCU today.