The Securities and Exchange Commission today proposed a rule that would revise the Commission’s regulations under the Privacy Act. The Privacy Act is the principal law governing the handling of personal information in the federal government. The current rules provide procedures for making Privacy Act requests, including requests for access to and amendment of records pertaining to the individual making the request. The revisions will clarify, update, and streamline the language of several procedural provisions.

“I am pleased to support this proposal because, if adopted, it would broadly update our Privacy Act rules to account for modern technology, as well as provide the public with greater transparency into the Commission’s use of this data,” said SEC Chair Gary Gensler. “These amendments would provide more clarity on how the public can access their records maintained by the Commission and request amendments. I look forward to public comment on the proposal.”

The Commission last updated its Privacy Act rules in 2011. The proposed revisions would codify current practices for processing requests made by the public under the Privacy Act. This would provide greater clarity regarding the Commission’s process for how individuals can access information pertaining to themselves. Due to the scope of the revisions, the proposed rule would replace the Commission’s current Privacy Act regulations in their entirety.

If adopted, the proposed rule would revise procedural and fee provisions, as well as eliminate unnecessary provisions. The proposed rule would also allow for electronic methods to verify one’s identity and to submit Privacy Act requests.

The proposing release is published on SEC.gov and will be published in the Federal Register. The public comment period will remain open until Apr. 17, 2023, or until 30 days following publication of the proposing release in the Federal Register, whichever is later.