[Congressional Bills 117th Congress]
[From the U.S. Government Publishing Office]
[H.R. 9588 Introduced in House (IH)]

<DOC>






117th CONGRESS
  2d Session
                                H. R. 9588

To amend the Gramm-Leach-Bliley Act to provide a national standard for 
 financial institution data security and breach notification on behalf 
               of all consumers, and for other purposes.


_______________________________________________________________________


                    IN THE HOUSE OF REPRESENTATIVES

                           December 15, 2022

 Mr. Luetkemeyer (for himself, Mr. Hill, Mr. Timmons, Mr. Williams of 
Texas, Mr. Gooden of Texas, Mr. Lucas, and Mr. Davidson) introduced the 
   following bill; which was referred to the Committee on Financial 
                                Services

_______________________________________________________________________

                                 A BILL


 
To amend the Gramm-Leach-Bliley Act to provide a national standard for 
 financial institution data security and breach notification on behalf 
               of all consumers, and for other purposes.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Consumer Information Notification 
Requirement Act''.

SEC. 2. BREACH NOTIFICATION STANDARDS.

    Section 501 of the Gramm-Leach-Bliley Act (15 U.S.C. 6801) is 
amended--
            (1) in subsection (b)(3) by striking the period at the end 
        and inserting ``, including through the provision of a breach 
        notice in the event of unauthorized access that is reasonably 
        likely to result in identity theft, fraud, or economic loss.''; 
        and
            (2) by adding at the end the following:
    ``(c) Standards With Respect to Breach Notification.--Subject to 
section 504(a)(2) and sections 505(b) and 505(c), within 6 months after 
the date of enactment of this subsection, each agency or authority 
required to establish standards described under subsection (b)(3) with 
respect to the provision of a breach notice shall ensure that such 
standards are in compliance with subsection (b).''.

SEC. 3. PREEMPTION WITH RESPECT TO FINANCIAL INSTITUTION SAFEGUARDS.

    Section 507 of the Gramm-Leach-Bliley Act (15 U.S.C. 6807) is 
amended to read as follows:

``SEC. 507. RELATION TO STATE LAWS.

    ``This subtitle preempts any law, rule, regulation, requirement, 
standard, or other provision having the force and effect of law of any 
State, or political subdivision of a State, with respect to a financial 
institution (other than a financial institution engaged in providing 
insurance) or affiliate thereof securing personal information from 
unauthorized access or acquisition, including notification of 
unauthorized access or acquisition of data.''.
                                 <all>