Category Archives: digital trade

For data brokers, California and Vermont are only the beginning….

Washington’s focus on data brokers is blurry …

Congress has been distracted recently with the question of whether or not to impeach and eventually remove the President from office.  The discussion is taking up a lot of oxygen in Washington, but eventually the inside-the-beltway gang will turn itself back to other matters and I believe among those matters will be a national treatment of data privacy.

Pushing the desire for a national treatment of data privacy is the call on the part of broadband companies for federal privacy legislation that treats broadband providers, such as AT&T and Comcast, the same way as Amazon, Facebook, and Google.

While the data broker business model differs from that of a broadband infrastructure provider, the common denominator for congressman and consumer is data and its protection.  Cambridge Analytica’s mishandling of data it obtained from Facebook served to blend in Congress and the consumers’ minds that a bad act on the part of one player automatically taints all other players in the chain of data possession.

The federal and state attempts at reining in data brokers …

On the federal side, Congress has dipped its toe on the “regulate the data brokers” pool with introduction of S. 2342, the Data Broker List Act.  Introduced by Senator Gary Peters, Democrat of Michigan, and co-sponsored by Senator Martha McSally, Republican of Arizona, the Act, if passed, would require that data brokers register annually with the Federal Trade Commission.

Under the Data Broker List Act, there would be certain requirements regarding the acquisition and brokering of personal information, including the requirement that brokered data not be acquired through fraudulent means, and that acquired or brokered personal data not be used for stalking or harassing another person; committing financial or e-mail fraud, or engaging in unlawful discrimination, including discrimination involving credit, employment, or housing.

Data brokers would also be required to implement and maintain a comprehensive information security program designed to protect personal data against hacks and other breaches.

Two states are ahead of the federal government when it comes to legislation regulating data brokers.  Under the Vermont Data Broker Law, there is also a requirement for the annual registration of data brokers with the Vermont secretary of state where company name and physical, email, and internet addresses are required. Data brokers are also required to implement and maintain an information security program that protects Vermont consumers from theft or fraudulent use of personally identifiable information.

California AB 1202 requires that data brokers register with the state’s attorney general, providing company name and physical, email, and internet address.  The legislation, which takes effect next January, is not as comprehensive as Vermont’s statute or the proposed federal data broker legislation in terms of requiring an information security program.

What’s next …

As state legislatures begin their sessions in the next couple of months, data brokers should continue to stay on the look out for pre-filed bills and keep their ears to the ground for any media chatter concerning data privacy protection. Data brokers may also continue refining arguments that promote the positive role they play in ensuring that data that brings value to commercial actors i.e. lenders, landlords, retailers, etc., gets to these market participants thus ensuring that consumers get the products that best suit their needs.

Balkanizing internet regulation is out of step with the uniformity needs of financial technology

The eye-catcher ….

In two weeks, state utility regulators will convene in San Antonio, Texas for the National Association of Regulatory Utility Commissioners annual meeting to discuss how they can leverage a recent decision by the United States Court of Appeals-DC Circuit that the Federal Communications Commission cannot preempt state regulation of concerns over consumer access to and privacy on the internet via broadband.

Some states such as California have moved ahead with their own net neutrality laws, hoping to enforce consumer protections by prohibiting internet access providers from lowering traffic speed from certain websites or preventing internet service providers from favoring their own content by blocking a consumer’s access to content that the consumer prefers.

The state-by-state approach problem

The problem with a state-by-state approach for a financial technology firm is the uncertainty that data and capital face when they traverse state borders. Will a content delivery firm tasked with storing and transmitting financial data on behalf of a financial technology firm have to enter into different interconnection agreements per state because of the differing consumer privacy laws encountered in each state?  Will differing requirements on paid prioritization result in financial data traffic slowing down depending on which state border it crosses?

There is an irony that on a global basis, the United States is a staunch proponent of freer cross-border data flows, but would run the risk of subjecting those same data flows to a hodge-podge of regulations that create digital toll roads for financial data traffic.

The changing consumer taste in banking

What federal and state policy makers should be focusing on is ensuring the amount of bandwidth necessary for digital transmission of financial data and capital is available.  Our use of digital banking services will not be shrinking anytime soon.  MediaCom Business cited data in a blog post that 92% of millennials make their choices as to where to bank based on the digital services a bank offers.  Legacy banks hoping to compete with digital upstarts are accepting this type of demand an, as found by consulting firm Accenture, are exploring how best to integrate and deploy technology necessary for meeting this demand.

Recommendation: Seamless versus Balkanization

The supply of digital banking and payment systems services combined with increasing demand for these services means more bandwidth is needed in order to optimize the consumer experience.  State and federal policy makers can facilitate this need for increased bandwidth by focusing policy on ensuring the delivery of this infrastructure.  Coming up with 50 different rules on net neutrality is more distraction than help.

What should be spawned in next month’s NARUC meeting is a recommendation for national legislation on consumer privacy.  Consumer privacy concerns should no longer be leveraged to create 50-plus fiefdoms for net neutrality.  Transmission of information, data, and knowledge should be a seamless experience for consumer and firms that use financial technology to transmit value and capital.