On June 23, Congressman Patrick McHenry released a discussion draft of new legislation to modernize federal financial data privacy law. The draft legislation would amend and build on the Gramm-Leach-Bliley Act (“GLBA”). The draft includes notable provisions on consumer rights, data minimization, and disclosures. It also updates the definition of “financial institution” to include data aggregators and limits the distinction between “consumers” and “customers” under the GLBA. Finally, the law would preempt state laws regulating the obligations of financial institutions with respect to areas covered under the law. Congressman McHenry is the ranking Republican on the House Financial Services Committee, and the draft legislation could provide a framework for further discussions on financial data privacy moving into the next Congress.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Libbie Canter Libbie Canter

Libbie Canter represents a wide variety of multinational companies on privacy, cyber security, and technology transaction issues, including helping clients with their most complex privacy challenges and the development of governance frameworks and processes to comply with global privacy laws. She routinely supports…

Libbie Canter represents a wide variety of multinational companies on privacy, cyber security, and technology transaction issues, including helping clients with their most complex privacy challenges and the development of governance frameworks and processes to comply with global privacy laws. She routinely supports clients on their efforts to launch new products and services involving emerging technologies, and she has assisted dozens of clients with their efforts to prepare for and comply with federal and state privacy laws, including the California Consumer Privacy Act and California Privacy Rights Act.

Libbie represents clients across industries, but she also has deep expertise in advising clients in highly-regulated sectors, including financial services and digital health companies. She counsels these companies — and their technology and advertising partners — on how to address legacy regulatory issues and the cutting edge issues that have emerged with industry innovations and data collaborations.

Andrew Smith

Andrew Smith advises clients on retail financial services, data protection, advertising and consumer protection, technology, credit reporting, and e-commerce issues. He assists banks, non-bank lenders, technology companies, and their vendors with regulatory compliance, litigation, and transactional matters.

Prior to re-joining the firm, Andrew…

Andrew Smith advises clients on retail financial services, data protection, advertising and consumer protection, technology, credit reporting, and e-commerce issues. He assists banks, non-bank lenders, technology companies, and their vendors with regulatory compliance, litigation, and transactional matters.

Prior to re-joining the firm, Andrew served as Director of the Bureau of Consumer Protection at the Federal Trade Commission (FTC), where he was focused on investigations and enforcement of privacy, data security, financial services, and marketing laws and regulations across a broad range of areas, including fair lending, technology platforms, digital advertising, payments, telemarketing, lead generation, affiliate marketing, consumer reporting, and small business financing. He also oversaw the Bureau’s extensive rulemaking and workshop proceedings, including on endorsement guides, security of financial data, subscription marketing, contact lenses, and children’s privacy. Additionally, he led the FTC’s COVID-19 pandemic-related enforcement and consumer education efforts. In a previous role as Assistant to the Director of the Bureau of Consumer Protection at the FTC, Andrew led a team of professionals to develop and draft ten rules and six studies under the Fair Credit Reporting Act.

Andrew represents clients before federal and state agencies—particularly the FTC and Consumer Financial Protection Bureau (CFPB)—in law enforcement and rulemaking proceedings. He regularly advises companies on the requirements of the GLBA, FCRA, DPPA, ECOA, FDCPA, TCPA and TSR, FTC Act, Dodd-Frank Act, and analogous state laws, including state insurance privacy laws and security breach notification requirements.

Photo of Sarah Parker Sarah Parker

Sarah Parker is an associate in the firm’s Washington Office. Her practice focuses on privacy, advertising, and consumer protection regulatory matters and government investigations.

Sarah also maintains an active pro bono practice, with a focus on criminal justice and civil rights litigation