Mar. 28, 2023
March 28, 2023 From a concerned SEC employee: In a very non-transparent move, the SEC is proposing to require us (SEC employees) to allow unidentified third parties to monitor our financial transactions and have access to our investment information. \"Automated compliance system\" is the euphemism in the proposed rule for outsourcing compliance monitoring of SEC employees to unidentified third parties. Who are these unidentified third parties that will track our financial moves? Who selects them, and how will they be vetted? Where are they located? Where are their data centers located? Who owns these companies? How much will they potentially earn from this arrangement? What security measures do these unidentified third parties have in place? What will the SEC do if these third-party systems are breached or federal employee information is stolen? The proposed rule does not say It is alarming that the SEC is willing to expose our financial and personal privacy to third parties, and to expose all of us to having our financial information potentially hacked and misappropriated. The risks of allowing third-party systems to have access to our sensitive financial information are real and unaddressed by this proposal. There is a long history of cybersecurity breaches affecting federal employees. If anyone cares among the Commissioners, please vote NO and please reject this proposal.