Chairman Wicker, Ranking Member Cantwell, and members of the Committee, the American Bankers Association (“ABA”) appreciates the opportunity to provide its views on federal privacy legislation for your December 4, 2019 hearing “Examining Legislative Proposals to Protect Consumer Data Privacy”. The American Bankers Association is the voice of the nation’s $18 trillion banking industry, which is composed of small, regional and large banks. Together, America’s banks employ more than 2 million men and women, safeguard $14 trillion in deposits and extend more than $10 trillion in loans.
Our members are strong proponents of protecting consumer data and privacy, and financial institutions have been subject to extensive federal privacy and data protection laws and regulations for several decades. Congress carefully constructed this regulatory regime to provide an effective and successful balance between strong consumer protections while ensuring that consumer financial transactions take place in a safe and secure environment. We commend you for your interest in legislation that would put in place similar consumer protections for all entities that collect and use sensitive consumer information, and recommend that the following key elements be included in any legislation passed by Congress.
The U.S. financial sector is subject to a number of federal laws that already impose privacy and data security obligations with respect to financial data and other data relating to consumers, particularly Title V of the Gramm-Leach-Bliley Act (GLBA). Notably, the GLBA requires that financial institutions provide consumers with notice of their privacy practices and generally prohibits such institutions from disclosing financial and other consumer information to third parties without first providing consumers with an opportunity to opt-out of such sharing. The GLBA contains strict security and confidentiality requirements over consumer records and requires notice to consumers if a breach of sensitive financial information puts them at risk. Even more significant, bank regulatory agencies routinely conduct examinations regarding compliance with the GLBA and other privacy laws, ensuring compliance in a manner that is not replicated in other sectors.
As discussed below in detail, ABA supports legislation to protect consumer privacy that includes the following elements: