The HFSC Task Force on Financial Technology today considered draft legislation that would give the CFPB rulemaking and enforcement authority over the GLBA’s safeguards rule for the institutions it regulates and data aggregators. It also considered separate draft legislation that would establish minimum data security standards for non-financial companies that hold financial data. While neither bill was substantively discussed during today’s hearing, there was bipartisan concern that increased sharing of financial information is raising privacy and cybersecurity risks. There also appears to be bipartisan consensus about the need for legislative action, although significant differences about specifics remain. Many of the issues discussed were addressed in a Basel report, which laid out numerous concerns guiding U.S. banking-agency action going forward. During the hearing, Chairman Lynch (D-MA) questioned whether existing data sharing protections are adequate and Ranking Member Emmer (R-MN) asked whether GLBA protections cover data aggregator activities. Saying that screen scraping increase security risks, Rep. Hill (R-AR) asked whether the banking agencies should prohibit it.
The full report is available to retainer clients. To find out how you can sign up for the service, click here.