-
Start Preamble
AGENCY:
Commodity Futures Trading Commission.
ACTION:
Notice.
SUMMARY:
In compliance with the Paperwork Reduction Act of 1995 (“PRA”), this notice announces that the Information Collection Request (“ICR”) abstracted below has been forwarded to the Office of Management and Budget (“OMB”) for review and comment. The ICR describes the nature of the information collection and its expected costs and burden.
DATES:
Comments must be submitted on or before October 30, 2019.
ADDRESSES:
Comments regarding the burden estimate or any other aspect of the information collection, including suggestions for reducing the burden, may be submitted directly to the Office of Information and Regulatory Affairs (“OIRA”) in OMB within 30 days of this notice's publication by either of the following methods. Please identify the comments by “OMB Control No. 3038-0067.”
- By email addressed to: OIRAsubmissions@omb.eop.gov or
- By mail addressed to: The Office of Information and Regulatory Affairs, Office of Management and Budget, Attention Desk Officer for the Commodity Futures Trading Commission, 725 17th Street NW, Washington DC 20503.
A copy of all comments submitted to OIRA should be sent to the Commodity Futures Trading Commission (“CFTC” or “Commission”) by either of the following methods. The copies should refer to “OMB Control No. 3038-0067.”
- By mail addressed to: Christopher Kirkpatrick, Secretary of the Commission, Commodity Futures Trading Commission, Three Lafayette Centre, 1155 21st Street NW, Washington, DC 20581;
- By Hand Delivery/Courier to the same address; or
- Through the Commission's website at http://comments.cftc.gov. Please follow the instructions for submitting comments through the website.
Please submit your comments to the Commission using only one method. A copy of the supporting statement for the collection of information discussed herein may be obtained by visiting http://RegInfo.gov.
All comments must be submitted in English, or if not, accompanied by an English translation. Comments will be posted as received to http://www.cftc.gov. You should submit only information that you wish to make available publicly. If you wish the Commission to consider information that you believe is exempt from disclosure under the Freedom of Information Act, a petition for confidential treatment of the exempt information may be submitted according to the procedures established in § 145.9 of the Commission's regulations.[1] The Commission reserves the right, but shall have no obligation, to review, pre-screen, filter, redact, refuse or remove any or all of your submission from http://www.cftc.gov that it may deem to be inappropriate for publication, such as obscene language. All submissions that have been redacted or removed that contain comments on the merits of the ICR will be retained in the public comment file and will be considered as required under the Administrative Procedure Act and other applicable laws, and may be accessible under the Freedom of Information Act.
Start Further InfoFOR FURTHER INFORMATION CONTACT:
Jacob Chachkin, Special Counsel, Division of Swap Dealer and Intermediary Oversight, Commodity Futures Trading Commission, (202) 418-5496, email: jchachkin@cftc.gov, and refer to OMB Control No. 3038-0067.
End Further Info End Preamble Start Supplemental InformationSUPPLEMENTARY INFORMATION:
Title: Part 162—Protection of Consumer Information under the Fair Credit Reporting Act (OMB Control No. 3038-0067). This is a request for an extension of a currently approved information collection.
Abstract: On July 21, 2010, President Obama signed into law the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank Act”).[2] Title X of the Dodd-Frank Act, which is titled the Consumer Financial Protection Act of 2010 (“CFP Act”), amends a number of federal consumer protection laws enacted prior to the Dodd-Frank Act including, in relevant part, the Fair Credit Reporting Act (“FCRA”)[3] and the Fair and Accurate Start Printed Page 51523Credit Transactions Act of 2003 (“FACT Act”).[4] Specifically, Section 1088 of the CFP Act sets out certain amendments to the FCRA and the FACT Act directing the Commission to promulgate regulations that are intended to provide privacy protections to certain consumer information held by an entity that is subject to the jurisdiction of the Commission.
Section 1088 amends section 214(b) of the FACT Act—which added section 624 to the FCRA in 2003—and directs the Commission to implement the provisions of section 624 of the FCRA with respect to persons that are subject to the Commission's enforcement jurisdiction. Section 624 of the FCRA gives a consumer the right to block affiliates of an entity subject to the Commission's jurisdiction from using certain information obtained from such entity to make solicitations to that consumer (hereinafter referred to as the “affiliate marketing rules”).[5] Under the affiliate marketing rules, the entities covered by the regulations are expected to prepare and provide clear, conspicuous and concise opt-out notices to any consumers with whom such entities have a pre-existing business relationship. A covered entity only has to provide an opt-out notice to the extent that an affiliate of the covered entity plans to make a solicitation to any of the covered entity's consumers. The purpose of the opt-out notice is to provide consumers with the ability to prohibit marketing solicitations from affiliate businesses that do not have a pre-existing business relationship with the consumers, but that do have access to such consumers' nonpublic, personal information. A covered entity is required to send opt-out notices at the maximum of once every five years.
Section 1088 of the CFP Act also amends section 628 of the FCRA and mandates that the Commission implement regulations requiring persons subject to the Commission's jurisdiction who possess or maintain consumer report information in connection with their business activities to properly dispose of that information (hereinafter referred to as the “disposal rules”).[6] Under the disposal rules, the entities covered by the regulations are expected to develop and implement a written disposal plan with respect to any consumer information within such entities' possession. The regulations provide that a covered entity develop a written disposal plan that is tailored to the size and complexity of such entity's business. The purpose of the written disposal plan is to establish a formal plan for the disposal of nonpublic, consumer information, which otherwise could be illegally confiscated and used by unauthorized third parties. Under the rules, a covered entity is required to develop a written disposal plan only once, but may subsequently amend such plan from time to time.
In addition, Section 1088 of the CFP Act amended the FCRA by adding the CFTC and the Securities and Exchange Commission (“SEC,” together with the CFTC, the “Commissions”) to the list of federal agencies required to jointly prescribe and enforce identity theft red flags rules and guidelines and card issuer rules. Thus, the Dodd-Frank Act provides for the transfer of rulemaking responsibility and enforcement authority to the CFTC and SEC with respect to the entities under their respective jurisdiction. Accordingly, the Commissions have issued final rules and guidelines (hereinafter referred to as the “identity theft rules”) [7] to implement new statutory provisions enacted by the CFP Act that amend section 615(e) of the FCRA and direct the Commissions to prescribe rules requiring entities that are subject to the Commissions' jurisdiction to address identity theft. Under the identity theft rules, entities covered by the regulation are required to develop and implement reasonable policies and procedures to identify, detect, and respond to relevant red flags for identity theft that are appropriate to the size and complexity of such entity's business and, in the case of entities that issue credit or debit cards, to assess the validity of, and communicate with cardholders regarding, address changes.[8] They are also required to provide for the continued administration of identity theft policies and procedures.
An agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a currently valid OMB control number. On July 26, 2019, the Commission published in the Federal Register notice of the proposed extension of this information collection and provided 60 days for public comment on the proposed extension, 84 FR 36086 (“60-Day Notice”). The Commission did not receive any relevant comments on the 60-Day Notice.
Burden Statement: The Commission is revising its burden estimate for this collection to reflect its estimate of the current number of CFTC registrants subject to the requirements of part 162 regulations. In addition, this burden estimate reflects the total burden hours from the affiliate marketing rules (subpart A), the disposal rules (subpart B), and the identity theft rules (subpart C)—the first two categories of which were inadvertently omitted from previous renewals. Thus the current renewal aims to correct past omissions by including burden calculations from all three categories under part 162.
Accordingly, the respondent burden for this collection is estimated to be as follows:
Estimated Number of Respondents: 4,488.
Estimated Average Burden Hours per Respondent: 13.25.[9]
Estimated Total Annual Burden Hours: 59,459.
Frequency of Collection: As applicable.
There are no capital costs or operating and maintenance costs associated with this collection.
Start SignatureDated: September 24, 2019.
Robert Sidman,
Deputy Secretary of the Commission.
Footnotes
2. Public Law 111-203, 124 Stat. 1376 (2010).
Back to Citation4. Public Law 108-159, 117 Stat. 1952, 1980 (2003).
Back to Citation5. The affiliate marketing rules are found in part 162, subpart A (Business Affiliate Marketing Rules) of the CFTC's regulations. 17 CFR part 162, subpart A.
Back to Citation6. The disposal rules are found in part 162, subpart B (Disposal Rules) of the CFTC's regulations. 17 CFR part 162, subpart B.
Back to Citation7. The CFTC's identity theft rules are found in part 162, subpart C (Identity Theft Red Flags) of the CFTC's regulations. 17 CFR part 162, subpart C.
Back to Citation8. The CFTC understands that CFTC-regulated entities generally do not issue credit or debit cards, but instead may partner with other entities, such as banks, that issue cards on their behalf. These other entities, which are not regulated by the CFTC, are already subject to substantially similar change of address obligations pursuant to other federal regulators' identity theft red flags rules. Therefore, the CFTC does not expect that any CFTC-regulated entities will be subject to the related information collection requirements under the CFTC's identity theft rules.
Back to Citation9. This number reflects the average aggregate burden hours, per respondent, in response to: (a) disclosure (1 hr.) and recordkeeping requirements (3.5 hrs) under the affiliate marketing rules, (b) recordkeeping requirements under the disposal rules (5.9 hrs), and (c) recordkeeping requirements under the identity theft rules (2.85 hrs).
Back to Citation[FR Doc. 2019-21077 Filed 9-27-19; 8:45 am]
BILLING CODE 6351-01-P
Document Information
- Published:
- 09/30/2019
- Department:
- Commodity Futures Trading Commission
- Entry Type:
- Notice
- Action:
- Notice.
- Document Number:
- 2019-21077
- Dates:
- Comments must be submitted on or before October 30, 2019.
- Pages:
- 51522-51523 (2 pages)
- PDF File:
- 2019-21077.pdf