NAFCU reiterates CUs’ data privacy, security stance to FTC

As the Federal Trade Commission (FTC) seeks public feedback on commercial surveillance and data security issues, NAFCU advised the commission to “abstain from all further data privacy-related rulemaking efforts until Congress passes the comprehensive federal data privacy legislation necessary to meet the challenges of the contemporary data privacy risk environment.”

NAFCU has long advocated for comprehensive federal data privacy standards through its six data privacy principles. Credit unions for decades have complied with robust data privacy and security standards under the Gramm-Leach-Bliley Act (GLBA).

The association wrote the FTC in response to its advance notice of proposed rulemaking (ANPR) on whether the commission should implement new regulations and/or pursue regulatory alternatives that address ways in which companies may unfairly or deceptively collect, use, share, sell, or otherwise monetize consumer data.

In addition to urging the commission to refrain from rulemaking on this issue, NAFCU reiterated its position that the NCUA should be credit unions’ primary data privacy regulator. Though the NCUA oversees federal credit unions’ compliance with the GLBA, the FTC oversees GLBA compliance at state-chartered credit unions that are not federally insured.


continue reading »