Yesterday on February 14, 2023, the US Securities and Exchange Commission released its proposed amendment to the Commission’s Privacy Act Regulations.

Image by rawpixel.com on Freepik 

First of all, they proposed to add

1. a provision setting forth the process providing individuals an accounting of disclosures made by the Commission including the date, nature and purpose;
2. a provision to codify the existing practice of providing 90 days to lodge an administrative appeal in response to a denial of a Privacy inquiry or request. Accordingly, this amendment is correspondent to the Freedom of Information Act requests setting forth a 90-day deadline to file the administrative appeal. Furthermore, they also wished to modify, delete, reorganise and update certain other provisions as follows. 

Second, regarding the amendment to procedural provisions, they proposed to 

• clarify the purpose and scope of the regulations (proposed Section 200.301); 
• modify the processes with a plain description (proposed 17 CFR 200.302);
• simplify the processes for submitting, receiving the responses to Privacy Act inquiries, requests, and administrative appeals (proposed 17 CFR 200.303, 305, 306, 307, and 308); 
• allow the electrical verification of requesters’ identities (proposed 17 CFR 200.303); 
• shorten the Commission response time to Privacy Act inquiries, aligning with other relevant time lines (proposed 17 CFR 200.304); and, 
• update agency contact information and list of Commission systems of records promulgating rules exempting certain records in accordance with current Privacy Act (proposed 17 CFR 200.303, 305, and 310). 

Third, in addition to the fee revisions, the SEC also proposed the elimination of certain provisions: 

• unnecessary special procedure for requests for medical records because the Commission has never used them (title 17 Section 200.305);
• restatement of standards applied in reviewing requests for amendment or correction of records (title 17 Section 200.307(b)) and the statutory penalties set forth in the Privacy Act (5 U.S.C. 552a(i) – title 17 Section 200.309); 
• description of standards for extending time to respond to requests (title 17 Section 200.309(a)); and,
• unnecessary contemplation by the statutes due to changes of technology affecting the process of Privacy Act requests (title 17 Sections 200.309(b), (c), (d), (e)).

In conclusion, the Commission expects that their proposed amendments would slightly improve the operational efficiency, to the extent that they decrease the time of response to inquiries, requests and appeals. 

For the full text: https://www.sec.gov/rules/proposed/2022/34-96906.pdf and press release: https://www.sec.gov/news/press-release/2023-28

For more news on AstraIA Gear: https://www.astraiagear.com/category/news/