Credit: Pixels Hunter/Adobe Stock
America’s Credit Unions and the California Credit Union League have jointly sent a letter to the California Privacy Protection Agency (CPPA), voicing concerns over proposed regulations related to the California Consumer Privacy Act (CCPA), cybersecurity updates, risk assessments, automated decision-making technology, and insurance companies.
The CCPA, originally enacted in 2018 and expanded in 2020, aims to enhance consumer privacy protections. However, the letter, sent Wednesday, argues that the proposed regulations will add excessive regulatory burdens without any significant benefit to consumer privacy or security.
America’s Credit Unions Director of Innovation Technology Andrew Morris and California Credit Union League Vice President of Regulatory Advocacy and Compliance Lisa Quaranta outlined their concerns in the letter, emphasizing that the proposed rules impose an overly granular, one-size-fits-all framework.
They warned that these regulations create unnecessary complexity and diverge from well-established cybersecurity standards already applied to federally insured credit unions in California.
The letter underscores that credit unions are already subject to extensive federal supervision and regulatory oversight, making additional requirements redundant and needlessly burdensome. "Given the current regulatory environment, layering new requirements on top of existing cybersecurity standards only serves to increase compliance costs and operational challenges, without enhancing consumer protection," the letter stated.
The credit union associations argue that the proposed rulemaking could hinder financial institutions' ability to efficiently protect consumer data by forcing them to navigate conflicting requirements. Instead, they call for regulations that align with existing frameworks and focus on practical, risk-based approaches.
The full letter can be accessed here.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Michael Ogden
Editor-in-Chief at CU Times. To connect, email at [email protected]. As Editor-in-Chief of CU Times since 2016, Michael Ogden has led the editorial team in all aspects of content strategy and execution, including the creation of the publication’s exclusive and proprietary research database of the credit union industry’s economic landscape. Under Michael’s leadership, CU Times has successfully shifted to an all-digital editorial product with new focuses on the payments, fraud, lending and regulatory beats. Most recently, he introduced a data-focused editorial product for subscribers that breaks down credit union issues into hard data, allowing for a deeper and more factual narrative for readers. In 2024, he launched the "Shared Accounts With CU Times" podcast, which offers a fresh, inside-the-newsroom perspective through interviews with leaders from the credit union industry and the regulatory world. He dives into pressing credit union issues, while revealing the personalities working behind-the-scenes to push the credit union world forward. His background includes years as a radio and TV anchor/reporter and a public relations and digital/social media manager, where he covered the food and music industries, as well as cooperatives and credit unions. Over the years, he has launched numerous exclusive video and podcast series, including a successful series of interactive backstage interviews with musicians at music festivals, showcasing his social media and live streaming production skills.
