In 2020, California took the first significant step to change American privacy concerns by implementing a seismic shift—relative to what was in place before—in Data Protection with the California Consumer Privacy Act (CCPA). Four other states—Colorado, Utah, Virginia and now Connecticut—have also enacted consumer privacy laws.
According to a recent article in the National Law Review, the states of Alaska, Hawaii, Massachusetts, New York, Pennsylvania, Washington, Wisconsin and New Jersey all have multiple privacy bills pending. They are also considering the small but noticeable program of updates to decades-old laws. Even questions regarding federal-level data protection regulations have been raised and are under debate.
A Setback In Open Banking
One segment of privacy is related to a system known as open banking. Advocates of the concept suggest open banking will make it simpler for non-banks like technology companies to compete with traditional financial institutions—a move that could lower costs and boost Americans’ access to financial services. According to West Monroe, the technology behind open banking utilizes aggregated and authenticated data connected via APIs, giving consumers more ways to consume their financial data while also making transactions more secure.
However, it was recently revealed that the effort to bring open banking to the U.S. is stalled by privacy concerns. The main reason being the Consumer Financial Protection Bureau (CFPB) appears to be stuck on exactly how to manage the consumer privacy and data protection issues created by open banking, especially how big tech companies will use the data.
The sharing of data has always been a given, so it came as a surprise to many when the privacy of individuals’ data was cited as the reason for opposition to the open banking proposals. For the first time, possibly ever, the rights and freedoms of the data subject were not only being considered but brought to the forefront of pivotal federal plans.
The Next Reasonable Steps
The United States would not be the first region to dip its toes into the open banking space. With the General Data Protection Regulation (GDPR) and Payment Services Directive (PSD2) building blocks in place, Europe has successfully put both feet in. The building blocks are where America can learn from its counterparts, and the formation of a more centralized model will be crucial in any plan to move forward.
Luckily, we have already begun with CCPA, CPA and UCPA, as noted above, with many more states drafting new or revised legislation. This is the key to that centralized model framework needed to make open banking a reality. If the CFPB addresses the privacy concerns right, we can look forward to an open banking future in the U.S.
As it plans for the implementation of open banking, it is important that the CFPB strike this balance of enabling progress, competition and business to thrive with the appropriate and adequate protection of citizens’ data rights in order to succeed. Even if the end game is improvement, coming at the expense of people’s privacy will only be met with resistance and non-support.
The CFPB recognizes this and wants to take this opportunity to show that you can indeed have both. Executed with the right measures and framework, open banking stands to be successful both because of what it is doing and how it is protecting the American people.
Embedded culture and history take time to change. The proof will be in the details of the proposals, and a standardized approach to the processing of data will realign skeptics’ thoughts and opinions. Tightly defined data processing purposes, appropriate retention of the data fit for that purpose and an absence of unnecessary data proliferation will all help this cause. Big tech companies are being forced into the adoption of these principles by global legislative pressures, and this could be a good place to look for guidance for the CFPB.
The laying of legislation in this central formation means that these ‘bumps in the road’ can only be temporary. An effective, comprehensive and encompassing legal landscape is the solid foundation that’s needed. As this cross-state embracing of data privacy, and the rights of the subjects to whom it relates, gathers momentum, popularity and weight with lawmakers, consumers and businesses, the open banking concepts and technology are likely to take off exponentially.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?