Gramm Leach Bliley Act
| Gramm Leach Bliley Act | |
|---|---|
| Short Title | Gramm–Leach–Bliley Act (GLBA) |
| Official Text | Gramm Leach Bliley Act |
| Country/Jurisdiction | United States |
| State or Province | |
| Regulatory Bodies | 106th United States Congress |
| Date Enacted | 1999/11/12 |
| Scope of the Law | Financial Institutions, Banks |
| Information | |
| Taxonomy | Breach of Confidentiality, Disclosure, Distortion, Exclusion, Insecurity |
| Strategies | |
The Gramm–Leach–Bliley Act (GLBA) provides customers to have secured information by financial institutions. The Act also prevents financial institutions from disclosing individuals' nonpublic personal information which is confidential. However, individuals have the right to choose whether the information is disclosed under the Act.
Text of the law
SEC. 502. OBLIGATIONS WITH RESPECT TO DISCLOSURES OF PERSONAL INFORMATION. (a) NOTICE REQUIREMENTS.—Except as otherwise provided in this subtitle, a financial institution may not, directly or through any affiliate, disclose to a nonaffiliated third party any nonpublic personal information, unless such financial institution provides or has provided to the consumer a notice that complies with section 503.
(b) OPT OUT.—
(1) IN GENERAL.—A financial institution may not disclose nonpublic personal information to a nonaffiliated third party unless—
(A) such financial institution clearly and conspicuously discloses to the consumer, in writing or in electronic form or other form permitted by the regulations prescribed under section 504, that such information may be disclosed to such third party;
(B) the consumer is given the opportunity, before the time that such information is initially disclosed, to direct that such information not be disclosed to such third party; and
(C) the consumer is given an explanation of how the consumer can exercise that nondisclosure option. Decisional Interference
SEC. 508. STUDY OF INFORMATION SHARING AMONG FINANCIAL AFFILIATES.
(a) IN GENERAL.—The Secretary of the Treasury, in conjunction with the Federal functional regulators and the Federal Trade Commission, shall conduct a study of information sharing practices among financial institutions and their affiliates. Such study shall include—
(1) the purposes for the sharing of confidential customer information with affiliates or with nonaffiliated third parties;
(2) the extent and adequacy of security protections for such information;
(3) the potential risks for customer privacy of such sharing of information;
(4) the potential benefits for financial institutions and affiliates of such sharing of information;
(5) the potential benefits for customers of such sharing of information;
(6) the adequacy of existing laws to protect customer privacy;
(7) the adequacy of financial institution privacy policy and privacy rights disclosure under existing law;
(8) the feasibility of different approaches, including optout and opt-in, to permit customers to direct that confidential information not be shared with affiliates and nonaffiliated third parties; and Decisional Interference
(9) the feasibility of restricting sharing of information for specific uses or of permitting customers to direct the uses for which information may be shared.
SEC. 521. PRIVACY PROTECTION FOR CUSTOMER INFORMATION OF FINANCIAL INSTITUTIONS. Disclosure
(a) PROHIBITION ON OBTAINING CUSTOMER INFORMATION BY FALSE PRETENSES.—It shall be a violation of this subtitle for any person to obtain or attempt to obtain, or cause to be disclosed or attempt to cause to be disclosed to any person, customer information of a financial institution relating to another person—
(1) by making a false, fictitious, or fraudulent statement or representation to an officer, employee, or agent of a financial institution;
(2) by making a false, fictitious, or fraudulent statement or representation to a customer of a financial institution; or
(3) by providing any document to an officer, employee, or agent of a financial institution, knowing that the document is forged, counterfeit, lost, or stolen, was fraudulently obtained, or contains a false, fictitious, or fraudulent statement or representation.
(b) PROHIBITION ON SOLICITATION OF A PERSON TO OBTAIN CUSTOMER INFORMATION FROM FINANCIAL INSTITUTION UNDER FALSE PRETENSES.—It shall be a violation of this subtitle to request a person to obtain customer information of a financial institution, knowing that the person will obtain, or attempt to obtain, the information from the institution in any manner described in subsection (a).
(c) NONAPPLICABILITY TO LAW ENFORCEMENT AGENCIES.—No provision of this section shall be construed so as to prevent any action by a law enforcement agency, or any officer, employee, or agent of such agency, to obtain customer information of a financial institution in connection with the performance of the official duties of the agency.
(d) NONAPPLICABILITY TO FINANCIAL INSTITUTIONS IN CERTAIN CASES.—No provision of this section shall be construed so as to prevent any financial institution, or any officer, employee, or agent of a financial institution, from obtaining customer information of such financial institution in the course of—
(1) testing the security procedures or systems of such institution for maintaining the confidentiality of customer information;
(2) investigating allegations of misconduct or negligence on the part of any officer, employee, or agent of the financial institution; or
(3) recovering customer information of the financial institution which was obtained or received by another person in any manner described in subsection (a) or (b).
(e) NONAPPLICABILITY TO INSURANCE INSTITUTIONS FOR INVESTIGATION OF INSURANCE FRAUD.—No provision of this section shall be construed so as to prevent any insurance institution, or any officer, employee, or agency of an insurance institution, from obtaining information as part of an insurance investigation into criminal activity, fraud, material misrepresentation, or material nondisclosure that is authorized for such institution under State law, regulation, interpretation, or order.
(f) NONAPPLICABILITY TO CERTAIN TYPES OF CUSTOMER INFORMATION OF FINANCIAL INSTITUTIONS.—No provision of this section shall be construed so as to prevent any person from obtaining customer information of a financial institution that otherwise is available as a public record filed pursuant to the securities laws (as defined in section 3(a)(47) of the Securities Exchange Act of 1934).
(g) NONAPPLICABILITY TO COLLECTION OF CHILD SUPPORT JUDGMENTS.—No provision of this section shall be construed to prevent any State-licensed private investigator, or any officer, employee, or agent of such private investigator, from obtaining customer information of a financial institution, to the extent reasonably necessary to collect child support from a person adjudged to have been delinquent in his or her obligations by a Federal or State court, and to the extent that such action by a State-licensed private investigator is not unlawful under any other Federal or State law or regulation, and has been authorized by an order or judgment of a court of competent jurisdiction.
Disclaimer: The text of this law may not be the most recent version. We make no warranties or representations about the accuracy, completeness, or adequacy of the information contained on this site. Please check official sources.