On July 31, two representatives from the House Committee on Financial Services requested public feedback on the current federal consumer financial data privacy law, the GLBA, and potential legislative proposals to address changes in the financial services sector. The committee asked whether to amend the GLBA, establish a preemptive federal standard or maintain the current federal floor, and how a preemptive federal standard should interact with state laws. These laws typically include only data-level exemptions.

The representatives listed additional questions to request information on the relationship between the GLBA and general or sector-specific federal privacy laws, including defining “non-public personal information,” “personally identifiable financial information,” “consumer,” and “customer relationship,” and whether the definition of “financial institution” should include entities like data aggregators. The committee also sought input on effective state privacy frameworks, requirements for consumer consent before collecting certain data, mandates for deleting inactive account data, providing consumers with lists of entities receiving their data, procedures for data breaches, and data retention practices.

Reps. French Hill (R-AR) and Andy Barr (R-KY) issued the request, inviting all interested members of the public to submit comments by August 28 to [email protected].