Representative Patrick McHenry, a Republican from North Carolina and ranking member of the House Financial Services Committee, speaks during a hearing in Washington, DC
Andrew Harrer | Bloomberg | Getty Images
A new draft bill from House Financial Services Ranking member Patrick McHenry, RN.C., lays the foundation for how the GOP will deal with financial data privacy if the party wins a majority in the chamber this November.
The discussion draft, shared exclusively with CNBC, covers the modernization of a financial data protection law known as the Gramm-Leach-Bliley Act to cover data aggregators other than financial institutions and the need for greater transparency with customers. Will do Such changes may apply to fintech companies such as plaid either Intuit’s Mint.
The text comes on the same day that House Energy and Commerce Committee lawmakers flagged off the US Data Privacy and Protection Act, a new bipartisan framework that has thrown digital privacy back into the spotlight, as Congress prepares to wrap up its August recess. does. , While the push for a federal privacy law has had several halts and starts in the past, the new text provided a new spark behind the effort as it contained agreement on key issues that had already been stalled.
According to a senior Republican staffer on the Financial Services Committee, who is not authorized to speak on the record, the draft aims to update and broaden a targeted portion of the law so that it remains relevant even in the face of further innovation.
“We really didn’t want to start with a prescriptive and restrictive model that is going to prevent developers from creating a new app or fine-tuning your app, creating new products,” the employee said. “But we wanted to make sure consumers had all the information to make smart choices about what they wanted to share and what they were not willing to share.”
The discussed draft would require financial institutions to tell customers when their non-public personal information is being collected, not just when it is being disclosed to third parties.
It will also allow consumers to tell financial institutions and data aggregators to stop collecting their data or delete the data they hold. In addition, it would expand the definition of personally identifiable non-public information subject to law and give companies covered by the bill the ability to opt out of data collection to consumers if it is not required to provide the service. .
The draft bill allows federal agencies to create regulations that take into account the potentially high burden of compliance on small firms. It would also undo state law to create a national standard, something that some Democrats have dismissed in other privacy discussions because they see states as important places to expand protections on top of federal law. .
“This proposal will modernize existing infrastructure to better align with modern technology and protect against misuse or overuse of consumers’ personal information,” McHenry said in a statement. “I look forward to continuing to work with my colleagues on this discussion draft to help protect Americans’ privacy without stifling innovation.”