WASHINGTON – America’s Credit Unions has released a white paper calling for a federal data privacy standard that preempts state privacy regulation, while recognizing the existing compliance obligations already in place for credit unions.
According to the trade group, considering the mounting uncertainty and rising compliance burdens from a patchwork of incompatible state regulations, the white paper makes clear that the need for comprehensive federal privacy legislation is critical.
“Without a clear federal privacy standard, states will continue to advance their own laws, creating a patchwork of conflicting requirements that credit unions must navigate,” Chief Advocacy Officer Kathleen Coulombe said in a statement. “For credit unions operating across state lines, keeping pace with an ever-changing maze of state mandates diverts time, resources, and attention away from serving members and protecting their data. A comprehensive federal standard that preempts state law would establish one clear set of expectations nationwide. Establishing a standard baseline would make cross-state privacy protection seamless and remove uncertainty across the system.”
Recommendations Shared
With current federal legislative efforts to date and the legal authority supporting a nationwide federal privacy standard, America’s Credit Unions said it is taking the lead in advocating for uniformity in the application of privacy laws.
The white paper recommends the following principles necessary in an effective comprehensive national standard:
- Recognition of Gramm-Leach-Bliley Act (GLBA) standards and implementing regulations, which warrant a financial institution exemption from overbroad or burdensome new requirements incorporated in a multi-sector approach to privacy legislation.
- Robust federal preemption from a patchwork of state laws that attempt to regulate financial institutions.
- Protection from frivolous lawsuits created by a private right of action with appropriate safe harbors for financial institutions.
- Minimization of compliance burden by avoiding unnecessary complexity.
“In order to effectively protect consumers’ data privacy, federal legislation must be grounded in reality. That means recognizing the existing regulatory expectations already in place for credit unions,” Vice President of policy engagement and credit union operations Ann Petros said in a statement “Working within the current regulatory framework would help credit unions strengthen their compliance programs, reduce unnecessary regulatory burden, and keep their focus on safeguarding members’ privacy and trust.
The white paper can be found here.
