US First Cyber Security Regulation to Pressure Bitcoin Companies
Governor Andrew Cuomo and the New York Department of Financial Services have officially announced the proposal of the country’s first cyber security regulation to protect consumers and financial institutions.
Governor Andrew Cuomo and the New York Department of Financial Services have officially announced the proposal of the country’s first cyber security regulation to protect consumers and financial institutions. If approved and activated, it will affect any financial license holders in the state, including BitLicense-approved Bitcoin companies.
Once the 45-day notice and public comment period passes and the proposal is issued, any regulated financial entities, including Bitcoin companies, will be required by law to:
“Establish a cybersecurity program; adopt a written cybersecurity policy; designate a Chief Information Security Officer responsible for implementing, overseeing and enforcing its new program and policy; and have policies and procedures designed to ensure the security of information systems and non-public information accessible to, or held by, third-parties, along with a variety of other requirements to protect the confidentiality, integrity and availability of information systems.”
Negative impact on Bitcoin startups
Bitcoin companies, including exchanges and wallet service providers, are already overwhelmed by having to obtain the expensive BitLicense required by the NYDFS in order to continue their operations in the state of New York.
If the new cybersecurity regulation is approved, Bitcoin companies will have to deal with hundreds of thousands of dollars in fees to comply with all the requirements stated in the proposal. That includes hiring a Chief Information Security Officer and implementing various government-designed financial security programs and frameworks.
Under the BitLicense, Bitcoin companies are demanded to offer any type of personal and sensitive data to the law enforcement for strict KYC (Know Your Customer) regulations. The presence of the new cybersecurity regulation will force Bitcoin companies to store more sensitive user data in their private servers and databases, making their entire platform, software, system, or application more vulnerable.
More importantly, the US government has proven to have a poor track record in dealing with confidential data. Yet, the NYDFS Superintendent Maria Vullo says:
“Consumers must be confident that their sensitive non-public information is being protected and handled appropriately by the financial institutions that they are doing business with.”
It is still too early to speculate whether the proposal will pass the approval period. However, even if proposals from the NYDFS inevitably become intensely controversial, the government will approve the proposals regardless, as seen in the issuance of BitLicense.
As more regulations and unjustified financial frameworks become released in the state of New York, Bitcoin companies will be pressured to deal with a unideal ecosystem for various core operations.