[Congressional Bills 118th Congress]
[From the U.S. Government Publishing Office]
[S. 3349 Introduced in Senate (IS)]

<DOC>






118th CONGRESS
  1st Session
                                S. 3349

   To prohibit the Federal Insurance Office of the Department of the 
 Treasury and other financial regulators from collecting data directly 
                       from an insurance company.


_______________________________________________________________________


                   IN THE SENATE OF THE UNITED STATES

                           November 28, 2023

Mrs. Britt (for herself, Mr. Hagerty, Mr. Scott of South Carolina, Mr. 
Rounds, Mr. Tillis, Ms. Lummis, Mr. Vance, Mr. Daines, Mr. Cramer, Mr. 
Budd, Mr. Thune, Mr. Boozman, Mr. Cotton, Mr. Ricketts, Mrs. Blackburn, 
 Mr. Crapo, and Mr. Kennedy) introduced the following bill; which was 
read twice and referred to the Committee on Banking, Housing, and Urban 
                                Affairs

_______________________________________________________________________

                                 A BILL


 
   To prohibit the Federal Insurance Office of the Department of the 
 Treasury and other financial regulators from collecting data directly 
                       from an insurance company.

    Be it enacted by the Senate and House of Representatives of the 
United States of America in Congress assembled,

SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Insurance Data Protection Act''.

SEC. 2. REPEAL OF SUBPOENA AND ENFORCEMENT AUTHORITY.

    Section 313(e) of title 31, United States Code, is amended by 
striking paragraph (6).

SEC. 3. CONFIDENTIALITY BY FEDERAL INSURANCE OFFICE.

    Section 313(e)(5) of title 31, United States Code, is amended--
            (1) in subparagraph (A), by inserting after ``Office'' the 
        following: ``, or the sharing of any nonpublicly available data 
        and information with or by the Office among any other Federal 
        agency, any State insurance regulator (or any agent of such a 
        regulator), or any other entity,'';
            (2) in subparagraph (C)(ii), by inserting ``any privilege 
        described in subparagraph (A) or'' after ``including''; and
            (3) in subparagraph (D), by inserting ``including the 
        exceptions under that section,'' after ``United States Code,''.

SEC. 4. LIMITATION ON SUBPOENAS BY THE OFFICE OF FINANCIAL RESEARCH.

    Section 153(f)(1) of the Financial Stability Act of 2010 (12 U.S.C. 
5343(f)(1)) is amended, in the matter preceding subparagraph (A), by 
inserting after ``financial company'' the following: ``(other than an 
insurance company, as defined in section 201(a))''.

SEC. 5. CONFIDENTIALITY BY FINANCIAL REGULATORS.

    (a) In General.--The Financial Stability Act of 2010 (12 U.S.C. 
5311 et seq.) is amended by adding at the end the following:

   ``Subtitle D--Treatment of Data Collected From Insurance Companies

``SEC. 181. TREATMENT OF DATA COLLECTED FROM INSURANCE COMPANIES BY 
              FINANCIAL REGULATORS.

    ``(a) Definitions.--In this section:
            ``(1) Covered entity.--The term `covered entity' means a 
        nonbank financial company that is an insurance company.
            ``(2) Financial regulator.--The term `financial regulator' 
        means the Commission, the Commodity Futures Trading Commission, 
        the Council, the Federal banking agencies, and the Office of 
        Financial Research.
            ``(3) Insurance company.--The term `insurance company' has 
        the meaning given the term in section 201(a).
    ``(b) Advance Coordination.--
            ``(1) In general.--
                    ``(A) Pre-collection.--Before collecting any data 
                or information pursuant to this title or title II from 
                a covered entity, a financial regulator shall 
                coordinate with each relevant Federal agency, State 
                insurance regulator, and other Federal or State 
                regulatory agency, and with any publicly available 
                source, to determine if the data or information to be 
                collected is available from, and may be obtained in a 
                timely manner by, that agency, regulator, or regulatory 
                agency, individually or collectively, or that publicly 
                available source.
                    ``(B) Determinations.--
                            ``(i) Information available.--If a 
                        financial regulator, under subparagraph (A), 
                        determines that the data or information 
                        described in that subparagraph is available, 
                        and may be obtained in a timely manner, from an 
                        agency, regulator, regulatory agency, or source 
                        described in that subparagraph, the financial 
                        regulator shall obtain the data or information 
                        from that agency, regulator, regulatory agency, 
                        or source.
                            ``(ii) Information unavailable.--If a 
                        financial regulator, under subparagraph (A) 
                        determines that the data or information 
                        described in that subparagraph is not 
                        available, the financial regulatory may collect 
                        that data or information from the applicable 
                        covered entity only if the financial regulator 
                        complies with the requirements of subchapter I 
                        of chapter 35 of title 44, United States Code 
                        (commonly referred to as the `Paperwork 
                        Reduction Act'), in collecting that data or 
                        information.
            ``(2) Authority to provide information.--Notwithstanding 
        any other provision of law, for the purposes of paragraph (1), 
        each relevant Federal agency and State insurance regulator or 
        other Federal or State regulatory agency may provide to a 
        financial regulator data or information described in that 
        paragraph.
    ``(c) Confidentiality.--
            ``(1) Retention of privilege.--The sharing by a covered 
        entity of any nonpublicly available data or information with a 
        financial regulator under this title or title II shall not 
        constitute a waiver of, or otherwise affect, any privilege 
        arising under Federal or State law (including the rules of any 
        Federal or State court) to which the data or information is 
        otherwise subject.
            ``(2) Continued application of prior confidentiality 
        agreements.--Any requirement under Federal or State law to the 
        extent otherwise applicable, or any requirement pursuant to a 
        written agreement in effect between the original source of any 
        nonpublicly available data or information and the source of 
        that data or information to a financial regulator, regarding 
        the privacy or confidentiality of any data or information in 
        the possession of the source to a financial regulator, shall 
        continue to apply to that data or information after the data or 
        information has been provided under this section to the 
        financial regulator.
            ``(3) Information-sharing agreement.--Any data or 
        information obtained by a financial regulator may be made 
        available to State insurance regulators, individually or 
        collectively, through an information-sharing agreement that--
                    ``(A) shall comply with applicable Federal law; and
                    ``(B) shall not constitute a waiver of, or 
                otherwise affect, any privilege under Federal or State 
                law (including any privilege described in paragraph (1) 
                and the rules of any Federal or State court) to which 
                the data or information is otherwise subject.
            ``(4) Agency disclosure requirements.--Section 552 of title 
        5, United States Code, including the exceptions under that 
        section, shall apply to any data or information submitted to a 
        financial regulator by a covered entity under this section.''.
    (b) Technical Amendment.--The table of contents in section 1(b) of 
the Dodd-Frank Wall Street Reform and Consumer Protection Act (Public 
Law 111-203) is amended by inserting after the item relating to section 
176 the following:

   ``Subtitle D--Treatment of Data Collected From Insurance Companies

``Sec. 181. Treatment of data collected from insurance companies by 
                            financial regulators.''.
                                 <all>