Protecting Investors’ Personally Identifiable Information Act
S. 658119th Congress

Protecting Investors’ Personally Identifiable Information Act

Introduced in the SenateSen. John Kennedy (R-LA)12 sections · 1 min read
Version: is · Apr 20, 2026

Section 1. Short title

This Act may be cited as the Protecting Investors’ Personally Identifiable Information Act.

(a) Definitions

In this section:

(1) Commission

The term Commission means the Securities and Exchange Commission.

(2) Personally identifiable information

The term personally identifiable information means information that can be used to distinguish or trace the identity of an individual, either alone or when combined with other personal or identifying information that is linked or linkable to that individual, including the name, address, date or year of birth, Social Security number, telephone number, email address, or IP-address of the individual.

(b) Prohibition

Except as provided in subsection (c), the Commission may not require a national securities exchange, a national securities association, or a member of such an exchange or association to provide personally identifiable information with respect to a market participant to meet the requirements relating to an order or a reportable event under section 242.613(c)(7) of title 17, Code of Federal Regulations, or any successor regulation.

(c) Exception

The Commission may only require a national securities exchange, a national securities association, or a member of such an exchange or association to provide personally identifiable information with respect to a market participant, as described in subsection (b), if—

(1) the Commission makes a request for that information; and

(2) the information is related to an investigation of—

(A) a violation of the Federal securities laws or a regulation issued under the Federal securities laws; or

(B) an enforcement action with respect to a violation described in subparagraph (A).

(d) Request for extension

At the request of the Commission under subsection (c), a national securities exchange, a national securities association, or a member of such an exchange or association shall provide the personally identifiable information subject to that request not later than 24 hours after receiving that request, unless, at the request of that national securities exchange, national securities association, or member, the Commission provides a reasonable extension.

(e) Destruction of personally identifiable information

In the case of personally identifiable information provided to the Commission under subsection (c), the Commission shall destroy that information not later than 1 day after the conclusion of the investigation or other matter for which that information was required.

to ask questions about this bill.