As part of an ongoing effort to modernize U.S. data privacy policy, the Commerce Department’s National Telecommunications and Information Administration has published for comment a proposal intended to guide organizations as they develop new policies and procedures regarding the treatment of consumer data. The proposal establishes a series of desired outcomes that organizations should pursue when crafting their own data protection policies.
Among other things, the proposal calls on organizations to be transparent about the collection and use of customer information; give users the ability to exercise control over the personal information they share; provide a way for users to access and correct personal data they have provided; and be accountable for the use of personal data that has been collected, maintained or used by their systems. Comment on the proposal are due Oct. 26.
The American Bankers Association noted that banks already adhere to similar standards for consumer data privacy as required by the Gramm-Leach-Bliley Act. The association has long advocated for consistent data security standards and continues to highlight the need for businesses across all industries to be held to the same data protection standards adhered to by regulated financial institutions.