#Privacy: Harvard experts call for standardised cybersecurity legislation for greater consumer protection

As the scope and power of data have increased, recent legislative efforts to improve consumer financial data privacy and security at the state level have sparked a national discussion about what more can be done to ensure consumers are protected.

An overwhelming 97% of consumers saying they are somewhat or very concerned about their data privacy, according to Gary Sterling. Two researchers at the Harvard Kennedy School of Government’s Mossavar-Rahmani Center are proposing broad recommendations on this topic, including establishing federal legislation to standardize and increase consumer protections for financial data privacy and security.

In the new reportHarvard researchers Marshall Lux, research fellow at the Center, and Matthew Shackelford, research assistant, lay out the optimal regulatory policy framework to establish the Comprehensive Consumer Financial Data Act (CCFDA) that includes the following:

  • Creating the Consumer Financial Data Bill of Rights;
  • Harmonizing regulations across state and federal jurisdictions;
  • Recognizing the treatment of data as the property of consumers; and
  • Designating the government as the party responsible for protecting those rights.

What’s more, the report suggests ways to simplify the existing regulations to reduce business frictions and foster innovation for privacy and security-focused technologies and financial products.

“Consumer financial data privacy and security are essential for the protection of consumers and the continued functioning of the US financial system. The optimal solution is to pursue comprehensive federal legislation that incorporates prior federal rules on financial data and significantly simplifies the regulatory approach for financial data protection,” said Marshall Lux, research fellow, Harvard Kennedy School of Government’s Mossavar-Rahmani Center.

“We strongly recommend that the US Congress undertake the process necessary to realize the vision of the CCFDA for the betterment of American consumers, businesses and society over the long-term.”

Overall, the authors expect that the impact of the CCFDA will be significant for the long-term stability of businesses, stronger consumer rights and the protection of financial data privacy and security. It will allow for an increase in innovation to build business models and systems. In the long-term, this will lead to societal benefits from a financial industry that is more secure, more technologically advanced and better at ensuring the privacy of consumer financial data.

While legislative attempts at state-level solutions are a promising start to rectifying some of these issues, the optimal solution is to pursue comprehensive federal legislation that incorporates prior federal rules on financial data and simplifies the regulatory approach for financial data protection.

Doing so would ensure that consumers are truly treated as the rightful owners of their data, with all the appropriate associated rights, and would simultaneously lower the regulatory burden on companies. Utilizing this exhaustive approach, the US regulatory framework for financial data will truly empower American consumers with their legitimate rights and enable companies to tackle the largest innovation challenge to come.

The full paper titled, “The New Frontier of Consumer Protection: Financial Data Privacy and Security,” can be downloaded here.


We’re now live at PrivSec Global!
Taking place across four days from 30 Nov to 3 Dec, PrivSec Global, will be the largest data protection, privacy and security event of 2020.

Register your virtual seat today and gain access to the entire event free of charge. With all sessions available to view live or on-demand, you can build a personalised agenda based on your key focus topics and make the event fit around your work schedule.

Secure your seat

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.