Letters

Standards for Safeguarding Customer Information

Summary

SIFMA, Bank Policy Institute (BPI)-BITS, and the American Bankers Association (ABA) joint comments to the Federal Trade Commission (FTC) regarding the FTC Notice of Proposed Rulemaking on the Standards for Safeguarding Customer Information (Safeguards Rule). The Associations share the FTC commitment to protecting the privacy interests of all Americans by safeguarding their personal information.

PDF

Submitted To

FTC

Submitted By

SIFMA, BPI-BITS, ABA

Committee

Legal & Compliance

Date

2

August

2019

Excerpt

August 2, 2019

Via Electronic Submission through https://www.regulations.gov/docket?D=FTC-2019-0019

David Lincicum and Allison M. Lefrak
Division of Privacy and Identity Protection
Bureau of Consumer Protection
Federal Trade Commission
600 Pennsylvania Avenue, NW
Washington, DC 20580

Re: Notice of Proposed Rulemaking – Standards for Safeguarding Customer Information, RIN 3084-AB35 (Safeguards Rule, 16 C.F.R. part 314, Project No. P145407)

Ladies and Gentlemen:

The Bank Policy Institute (BPI) – BITS, the American Bankers Association (ABA), and the Securities Industry and Financial Markets Association (SIFMA) (collectively, the “Associations”)1 appreciate the opportunity to comment on the Federal Trade Commission’s (“FTC”) proposal to amend the Standards for Safeguarding Customer Information (the “Safeguards Rule” or “Rule”).2 We share your commitment to protecting the interests of all Americans by safeguarding their personal information. We agree with the FTC’s view that it is important “to provide financial institutions with the flexibility to shape [] information security programs to their particular business and to allow the programs to adapt to changes in technology and threats to the security and integrity of customer information.”3

The Associations also appreciate the FTC’s efforts to clarify the scope of the Safeguards Rule in light of changes to the authority of the Privacy Rule. We also appreciate the FTC’s efforts to coordinate key aspects of its proposed amendments with other agencies’ regulatory provisions, notably, amending the definition of “financial institution” so that it cross-references permissible activities enumerated by the Federal Reserve Board in  12 C.F.R. §§ 225.28 and .86.4

Continue reading >

1 Descriptions of the Associations are provided in Annex A of this letter.
2 16 C.F.R. part 314.
3 Safeguards Rule, 84 Fed. Reg. 13,158, 13,159 (proposed Apr. 4, 2019) (to be codified at 16 C.F.R. pt. 314).
4 Lists of permissible non-banking activities for bank holding companies and financial holding companies, respectively.