With states passing inconsistent laws and no uniform federal law addressing data privacy, there’s a patchwork of rules for companies to comply with. ALTA is dedicated to helping its members understand what they need to do to comply, if required, with data privacy laws.

ALTA Policy Position

ALTA believes any comprehensive data privacy legislation should include a full entity exemption for entities subject to the Gramm-Leach-Bliley Act (GLBA). Since 1999, this federal law has strictly limited financial institutions’ use and sharing of customers’ personal information. Additionally, financial institutions are required to assure the security of this information and provide comprehensive disclosures to consumers.


Data Privacy Principles



Data Privacy Articles

Recent 2024 2023 2022 2021 2020 2019

U.S. Lawmakers Reveal Draft Data Privacy Bill
June 7, 2022

Several members of Congress have published a discussion draft of a bipartisan federal privacy bill. In 2020, ALTA developed a set of data privacy principles that recommend the development of a single, national standard. Key aspects of principles include exemptions for entities already subject to the Gramm-Leach-Bliley Act, personal information that is already publicly available and business-to-business relationships. In addition, the standards say data privacy laws should recognize the need for businesses to share personal information needed complete a transaction. Consideration also should be given to the impact on small business, with respect to the cost of compliance relative to the risk of consumer harm, the principles say.