U.S. House Financial Services Committee holds hearing on financial data privacy and the future of the Gramm-Leach-Bliley Act

The U.S. House Financial Services Committee’s Financial Institutions Subcommittee held a hearing to examine consumer financial data privacy under the Gramm-Leach-Bliley Act (GLBA) and how Congress should respond to overlapping federal and state privacy regimes as financial services become more data-driven. In opening remarks, Subcommittee Chair Andy Barr highlighted the growth in the volume and sensitivity of financial data since GLBA was enacted more than 25 years ago, alongside innovations such as mobile banking, peer-to-peer payments, and digital transactions. He pointed to open banking, where consumers share data with third-party providers through application programming interfaces, as raising practical questions around privacy, liability, standards, and GLBA’s applicability. Barr also cited a “patchwork” of state privacy laws, noting that 20 states have enacted comprehensive privacy laws with differing treatment of GLBA-covered institutions, and urged consideration of a uniform national standard and how GLBA should be treated within broader privacy legislation. He opposed expanding enforcement through private rights of action, arguing it would increase litigation risk and compliance costs. The subcommittee is taking witness testimony as part of its review of whether GLBA remains fit for purpose and what form any federal financial data privacy modernization should take.