As financial activity becomes increasingly digital, new principles are needed to protect consumers’ data privacy. Consumers are entitled to high levels of data stewardship from companies when sharing their personal financial information, whether sending money to a family member through an app or accessing digital investment advice.

Financial Technology Association (FTA) member companies believe privacy and data protection are core consumer rights and are subject to a broad array of laws, regulations, and guidance. That’s why FTA supports comprehensive, federal legislation focused on establishing clear, consistent, and uniform national standards that preempt the patchwork of state privacy laws and satisfy consumer needs and expectations, safeguard consumer data, and comport with broader societal objectives and regulatory requirements.

The following privacy principles reflect FTA’s values of promoting consumer trust and transparency, along with financial inclusion and robust competition to lower costs and improve financial services:

  1. We believe in transparency: Consumers should be provided clear information on what personal data is being collected about them, how the data will be used, which parties are involved in data collection and processing, and whether any data is being sold to third parties.
  2. We believe consumers should control their personal information: Consumers should have the ability to control the data they share, its use, and with whom it is shared, including the ability to request access to and deletion of their data, subject to common sense retention and processing requirements (e.g., regulatory, security, and operational needs).
  3. We believe data should only be collected and used for a stated and transparent purpose: Consumer data should only be collected and used subject to a stated and transparent purpose, as would be consistent with data minimization principles, and unnecessary data should be deleted unless its preservation is otherwise required by regulatory, security, or other similar requirements.
  4. We believe in plain language disclosures: Consumers should receive information and disclosures in simple and straightforward language, including with respect to privacy, data use, and data processing policies, to facilitate understanding and informed consent.
  5. We believe consumers should be able to exercise their privacy rights without retaliation: We believe consumers should have the ability to exercise their data privacy rights without fear of unfair retaliation or discrimination from businesses that collect their personal information.
  6. We believe in industry adoption of modern data security standards: Consumer data should be protected by data security standards that are fit for purpose and designed for today’s modern digital finance age. These standards should support robust data protection for consumers and be informed by leading security practices.
  7. We believe consumers’ data should not be used in a discriminatory manner: Consumers should have confidence that their personal data will not be used to drive discriminatory activities or behaviors.