X

HFS Asks Public to Weigh-in on Consumer Financial Data Privacy

"[Graham-Leach-Bliley's] broad framework has served us well, setting key protections for consumer data. But a quarter-century is a long time in tech, so we must ask – Is GLBA still fit for purpose in today's fast-paced, data-driven environment? Does it provide the clarity, flexibility, and protection needed in the digital age?"
Andy Barr, Chair, House Subcommittee on Financial Institutions
"[Graham-Leach-Bliley's] broad framework has served us well, setting key protections for consumer data. But a quarter-century is a long time in tech, so we must ask – Is GLBA still fit for purpose in today's fast-paced, data-driven environment? Does it provide the clarity, flexibility, and protection needed in the digital age?"
Andy Barr, Chair, House Subcommittee on Financial Institutions

The House Financial Services Committee requested public feedback on potential changes to federal consumer financial data privacy laws.

The Committee posed questions on whether to amend the Gramm Leach Bliley Act ("GLBA") Title V, subtitle A, which requires that banking agencies issue regulations "ensuring that financial institutions protect the privacy of consumers' personal financial information". After hearings, the Commission is seeking input on whether to adopt a broader privacy framework; whether a federal standard should preempt state laws or continue serving as a floor; and how federal law should interact with existing state law and other privacy regimes. The Committee also sought feedback on redefining key terms such as "non-public personal information," "consumer" and "financial institution."

In addition, the Committee asked whether new requirements should be introduced—such as: (i) requiring consent before collecting sensitive data; (ii) mandating data deletion for inactive accounts; (iii) enhancing transparency around data sharing; (iv) assigning liability for third-party breaches; and (v) minimizing data collection and retention practices. The Committee also sought comments on effective elements from state privacy laws that could be incorporated into a federal framework.

Responses are due by August 28, 2025.

Primary Sources

  1. House Committee on Financial Services: Press Releases: House Financial Services Committee Requests Feedback on Current Federal Consumer Financial Data Privacy Law and Potential Legislative Proposals

Tags

Regulated Activities
Data Protection / Cybersecurity
Regulated Entities
Banking Entities Broker-Dealers
Body of Law
Privacy / Data Protection / Cybersecurity
Jurisdiction
US - Federal
Organization
US Congress