CUNA strongly supports the enactment of a comprehensive national data security and data privacy standard, it wrote to the Federal Trade Commission (FTC) Monday. CUNA sent its comments in response to an Advance Notice of Proposed Rulemaking on commercial surveillance and data security.
“Credit unions strongly support the enactment of a comprehensive national data security and data privacy standard that includes robust security requirements that apply to all who collect or hold personal data and is preemptive of state laws,” the letter reads. “We firmly believe there can be no data privacy until there is data security. Securing and protecting consumer data is important not only for consumers’ individual financial health but as a further safeguard against rogue international agents and interference by foreign governments.”
CUNA also called on the FTC to exempt credit unions—as followers of Gramm-Leach-Bliley Act (GLBA) standards—from this rulemaking.
“Financial institutions comply with a rigorous, comprehensive data security and privacy framework and, in fact, compliance is an element of fundamental safety and soundness for the overall banking system,” it reads. “Additionally, it must not be overlooked that the financial industry is the only sector subject to ongoing examination to ensure compliance with these security and privacy standards.”
The letter also reiterates CUNA’s principles for data security and privacy policy: