SEC Data Protection Act
- Bill Number
- H.R. 6161
- Origin Chamber
- House
- Congress
- 119th Congress, Session 1
- Policy Area
- Finance and Financial Sector
- Status
- Introduced
- Latest Action
- 2025-11-19: Referred to the House Committee on Financial Services.
- Last Updated
- 2025-12-18T09:07:07Z
AI-Generated Summary
Purpose
The SEC Data Protection Act (H.R. 6161) aims to strengthen the protection of sensitive financial information by requiring the Securities and Exchange Commission (SEC) to establish formal policies for safeguarding nonpublic data received from investment advisers. Investment advisers are professionals who provide advice on securities (like stocks and bonds) to clients, and this bill ensures their proprietary information is handled securely by the government.
Key Provisions
- Timeline for Implementation: The SEC must adopt these data protection policies and procedures no later than one year after the bill's enactment, following a public notice and comment period (a process where the public can review and provide feedback on proposed rules).
- Scope of Protection: The policies apply to "sensitive, nonpublic proprietary information" as defined by the SEC, which includes confidential business details shared by investment advisers during regulatory oversight.
- Specific Requirements:
- Address situations where the SEC requests such information from advisers.
- Include safeguards tailored to the information's sensitivity level (e.g., encryption or secure storage for highly sensitive data).
- Restrict access to only authorized SEC staff who need it for their work.
- Prevent unlawful use or disclosure of the information, such as unauthorized sharing or misuse.
Significant Changes to Existing Law
This bill amends Section 204 of the Investment Advisers Act of 1940 (a law regulating investment advisers) by adding a new subsection (g). Previously, the Act focused on the SEC's general examination and enforcement powers but did not explicitly mandate detailed data protection policies for proprietary information obtained from advisers. This addition introduces specific, enforceable requirements for how the SEC handles such data, filling a gap in privacy protections for financial disclosures.
Potential Impacts
- On Government Agencies: The SEC will need to invest resources in developing, training staff on, and enforcing these policies, potentially improving its overall data security practices and reducing risks of breaches.
- On Citizens and Investors: Indirect benefits for individual investors and clients of investment advisers, as better protection of proprietary data could prevent identity theft, financial fraud, or market disruptions from data leaks. No direct impact on everyday citizens outside the financial sector.
- On International Relations: Minimal direct effects, though enhanced U.S. financial data security could align with global standards for data privacy (like those in the EU's GDPR), potentially aiding cross-border regulatory cooperation.
Main Stakeholders Affected
- Securities and Exchange Commission (SEC): Primary entity responsible for compliance and implementation.
- Investment Advisers: Firms and individuals regulated under the 1940 Act, whose confidential information will be better protected during SEC interactions.
- Clients of Investment Advisers: End-users (e.g., individual investors, pension funds) who benefit from secure handling of their financial details.
- Congressional Committees: Referred to the House Committee on Financial Services for oversight.
Notable Legal, Constitutional, or Political Implications
- Legal Implications: Reinforces regulatory accountability under administrative law by mandating "reasonably designed" policies, which could lead to future lawsuits if the SEC fails to comply or if data breaches occur despite the rules. It builds on existing privacy obligations without creating new enforcement mechanisms.
- Constitutional Implications: No apparent conflicts with constitutional rights; it supports due process by ensuring fair handling of private information submitted to the government, aligning with Fourth Amendment protections against unreasonable searches (though not directly applicable here).
- Political Implications: Bipartisan sponsorship (from both Democratic and Republican members) suggests broad support for financial data security amid rising concerns over cyberattacks and privacy. It could set a precedent for similar protections in other regulatory areas, like banking or securities trading, without major partisan divides.
This summary was generated by AI and may contain inaccuracies. Refer to the official source document for the authoritative text.
Sponsor
Cosponsors (20)
Rep. Loudermilk, Barry [R-GA-11], Rep. Foster, Bill [D-IL-11], Rep. Wagner, Ann [R-MO-2], Rep. Sherman, Brad [D-CA-32], Rep. Meuser, Daniel [R-PA-9], Rep. Gottheimer, Josh [D-NJ-5], Rep. Davidson, Warren [R-OH-8], Rep. Cleaver, Emanuel [D-MO-5], Rep. Kim, Young [R-CA-40], Rep. Himes, James A. [D-CT-4], Rep. Fitzgerald, Scott [R-WI-5], Rep. Gonzalez, Vicente [D-TX-34], Rep. Salazar, Maria Elvira [R-FL-27], Rep. Bynum, Janelle S. [D-OR-5], Rep. De La Cruz, Monica [R-TX-15], Rep. Carson, André [D-IN-7], Rep. Nunn, Zachary [R-IA-3], Rep. Stutzman, Marlin A. [R-IN-3], Rep. Lawler, Michael [R-NY-17], Rep. Suozzi, Thomas R. [D-NY-3]
Recent Actions
- 2025-11-19: Referred to the House Committee on Financial Services.
- 2025-11-19: Introduced in House
- 2025-11-19: Introduced in House
Bill Versions
- SEC Data Protection Act — issued 2025-11-19 — PDF (2 pages)