A bill that would establish national data privacy standards does not include clear language for financial institutions to understand their exemption from the requirements, the American Bankers Association and six financial sector associations said today in a letter to House lawmakers.
The American Privacy Rights Act would establish standards for consumer privacy rights and data privacy. In their letter, the associations noted that the Gramm-Leach-Bliley Act already sets privacy and data security requirements for financial institutions. The groups said the proposed legislation must recognize “the strong privacy and data security standards that are already in place for the financial sector under the GLBA and other financial privacy laws (e.g., the Fair Credit Reporting Act and Right to Financial Privacy Act) and avoid provisions that duplicate or are inconsistent with those laws.”
“This will lead to duplicative and conflicting requirements for financial institutions already subject to oversight by GLBA regulation,” the groups said. “As currently drafted, the bill would be disruptive to the financial system, consumers and the economy. We urge that Title I of the [proposed bill] be amended to exempt all financial institutions subject to the GLBA to avoid such disruption.”