Regulation

FTC Wants Comment On Proposed Changes To Safeguards, Privacy Rules

The Federal Trade Commission (FTC) has requested comment on the proposed amendments of two rules that protect the privacy and security of customer data held by financial institutions (FIs).

The proposed changes are related to the Safeguards Rule and the Privacy Rule under the Gramm-Leach-Bliley Act. The Safeguards Rule, which went into effect in 2003, requires FIs to develop, implement and maintain a comprehensive information security program. The Privacy Rule, introduced in 2000, requires an FI to inform customers about its information-sharing practices, as well as enable customers to opt out of having their information shared.

“We are proposing to amend our data security rules for financial institutions to better protect consumers and provide more certainty for business[es],” said Andrew Smith, director of the FTC’s Bureau of Consumer Protection, in a press release. “While our original, groundbreaking Safeguards Rule from 2003 has served consumers well, the proposed changes are informed by the FTC’s almost-20 years of enforcement experience. It also shows that, where we have rule-making authority, we will exercise it as necessary to keep up with marketplace trends, and respond to technological developments.”

The FTC is proposing more detailed requirements related to the comprehensive information security program, requiring FIs to encrypt all customer data, implement controls to prevent unauthorized access to customer information and the use multi-factor authentication. The agency also wants FIs to submit periodic reports to their boards of directors to ensure they are staying on track.

The Dodd-Frank Act gave the majority of the FTC’s rule-making authority for the Privacy Rule to the Consumer Financial Protection Bureau (CFPB), leaving the FTC with power only over certain motor vehicle dealers. With that in mind, the agency wants to remove examples of FIs that do not apply to motor vehicle dealers, as well as clarify when they must provide annual privacy notices.

In addition, the FTC is proposing to expand the definition of “financial institution” in both rules to include “finders,” which charge a fee to connect consumers looking for a loan to a lender.

——————————

NEW PYMNTS DATA: HOW WE SHOP – SEPTEMBER 2020 

The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.

TRENDING RIGHT NOW