WASHINGTON—The proposed American Privacy Rights Act of 2024 has the Defense Credit Union Council (DCUC) concerned about its potential impact on credit unions, DCUC told leaders of the House, House Financial Services Committee and the Senate Banking Committee.
In letters to the groups, DCUC President and CEO Anthony Hernandez stated that while DCUC supports efforts to strengthen data privacy and prevent the buying and selling of personal information, the Council is concerned how this legislation “overlaps and contradicts with other federal privacy laws, such as the Gramm-Leach-Billey Act (GLBA) and the Health Insurance Portability and Accountability Act (HIPAA).
“Other than data security, it is unclear whether credit unions already in compliance with these laws will be exposed to new lawsuits despite GLBA compliance,” Hernandez continued. “Additionally, we are interested in whether merchants will also be held to the same data security requirements as financial institutions. Merchants have a larger role in safeguarding data as consumers have less opportunities to opt out when purchasing goods and services. Altogether, the American Privacy Rights Act has the potential to create uncertainty in the market, particularly in terms of educating consumers who may or may not understand their right to opt out of data collection.
Hernandez concluded by stating DCUC hopes the Committee “will link efforts with the House Financial Services Committee to update financial data privacy efforts to create a better sense of balance for the financial services industry.”