About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

1 1 (November 15, 2019)

handle is hein.crs/govbbvs0001 and id is 1 raw text is: Reeah ervic,\\e Big Data in Financial Services: Privacy and Security Regulation November 15, 2019 Congress has shown interest in data privacy and security issues in the financial services industry, including an upcoming iouse Financial Services task force hearing. Recent data breaches at large financial institutions and credit reporting agencies have increased concern about the privacy and security of the large amounts of consumer financial information (known increasingly as big data) that companies gather, use, and store. Some of this information is public, whereas other information is considered personal and nonpublic. No single law provides a framework for regulating data privacy in the United States. Instead, rnsiad laws cover different industries. In the financial services industry, several federal and state laws cover data privacy; most comprehensively, the Gramm-Leach-Bliley Act (GLBA; P.L. 106-102) directs financial regulators to implement disclosure requirements and security measures to safeguard private information. This Insight summarizes GLBA's regulatory implementation and discusses policy issues for Congress. GLBA and the Financial Regulators GLBA provides a framework for regulating data privacy and security practices in the financial services industry. This framework is built upon two pillars: (1) privacy standards that impose disclosure limitations on financial institutions concerning consumers' information and (2) security standards that require institutions to implement certain practices to safeguard the information from unauthorized access, use, and disclosure. The two major rules for implementing this framework are known as the Privacy Rule (Regulation P) and the Safeguards Rule, respectively. These rules are promulgated, supervised, and enforced by different government agencies, and in some cases different agencies have rulemaking and supervisory authority over the same entity. Rulemaking Rulemaking authority to implement the Privacy Rule through Regulation P is vested in four agencies. The Federal Trade Commission (FTC) has the rulemaking authority for the Safeguards Rule. Table 1 provides a crosswalk of the federal agencies and who they may regulate under each rule. Congressional Research Service https://crsreports.congress.gov IN11199 CRS INSIGHT Prepared for Members and C ornm ttees of C onr-gress ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Already a HeinOnline Subscriber?

Log In

profiles profiles most