FTC & State AG

FTC Calls for Comments on Safeguards Rule

Published: Aug. 30, 2016

Updated: Jun. 22, 2021

The FTC has issued a notice calling for comments on Standards for Safeguarding Customer Information, also known as the “Safeguards Rule.” The review of the Safeguards Rule, which took effect in 2003, is part of the FTC’s systemic, once-per-decade review of all FTC rules and guides.

As background, the Safeguards Rule implements Section 501(b) of the Gramm-Leach-Bliley Act, and requires financial institutions under the FTC’s jurisdiction to develop, implement, and maintain a comprehensive information security program for handling customer information (called “non-public information” or NPI).

The FTC seeks comment on a number of questions, including the economic impact and benefits of the Safeguards Rule; possible conflict between the Rule and state, local or other federal laws or regulations; and the effect on the Rule of any technological, economic or other industry changes. The comment period presents an excellent opportunity for financial institutions and their vendors to provide feedback to the FTC on what parts of the Safeguards Rule have worked or need to be revised in light of technology, economic, and legal changes over the past decade. Comments are due on November 7, 2016. If you would like to file comments, please contact the ZwillGen attorney with whom you work.