US national data‑privacy push

House Republicans released two bills on April 22 that would set one federal rulebook for how companies collect, share and delete Americans’ data. (politico.com) The package pairs the SECURE Data Act for nonfinancial companies with the GUARD Financial Data Act for banks and other financial firms, in a joint push by the House Energy and Commerce and Financial Services committees. Committee leaders said the bills are “aligned in substance” but split by sector. (financialservices.house.gov) The bills would require companies to limit data collection to what is necessary, let consumers request access to a copy of their data, and let consumers ask to delete data held by a controller or financial institution. The House committees’ one-pager also says companies would need a consumer’s opt-in before using sensitive data. (financialservices.house.gov) The biggest legal shift is preemption: the proposal would override dozens of state privacy laws and replace them with a national standard. Politico reported the draft would also bar most private lawsuits, leaving enforcement mainly to regulators such as the Federal Trade Commission and state attorneys general. (politico.com) That puts the House Republican plan at odds with many Democrats’ approach to privacy. A bipartisan Senate-House draft from 2024, the American Privacy Rights Act, also would have created a national standard, but it included a private right of action for individuals to sue over violations. (congress.gov, commerce.senate.gov) The financial half of the package is also an update to older law. House Financial Services Republicans said the GUARD bill is meant to modernize the Gramm-Leach-Bliley Act, the federal financial privacy law enacted on November 12, 1999. (financialservices.house.gov, congress.gov) Gramm-Leach-Bliley already requires financial institutions to explain how they share customer information and protect sensitive data. The Federal Trade Commission says it covers firms offering products or services such as loans, investment advice and insurance. (ftc.gov) Supporters say one federal framework would replace a patchwork that now differs from state to state. The House committees’ summary says the bills keep a role for state enforcers, including attorneys general and insurance regulators, even as federal law would become the main standard. (financialservices.house.gov) Critics are focused on what would be lost when state laws are displaced. Energy and Commerce ranking member Frank Pallone said the proposal would protect “corporations and their bottom line,” and argued Congress should not preempt tougher state consumer protections. (politico.com) The next fight is not over whether Washington should write privacy rules, but over who gets to enforce them and whether states can keep stricter ones. That split has stalled national privacy bills before, and it is now at the center of this one. (politico.com, politico.com)