Gramm-Leach-Bliley Act


Pub. L.106-102, 113 Stat.1338, codified in relevant part at 15 U.S.C. §§ 6801-6809 and §§ 6821-6827, as amended

Title V, subtitle A, of this Act requires the FTC, along with several other agencies, to issue regulations (see 16 CFR Part 313) ensuring that financial institutions protect the privacy of consumers' personal financial information. Such institutions must develop and give notice of their privacy policies to their own customers at least annually and before disclosing any consumer's personal financial information to an unaffiliated third party, must give notice and an opportunity for that consumer to "opt out" from such disclosure. Under the Dodd-Frank Act, this rule transferred to the Bureau of Consumer Financial Protection, but the FTC will continue to have authority to enforce it. The subtitle also requires the FTC and other agencies to issue regulations (see 16 CFR Part 314) for the safeguarding of personal financial information. The Act also limits the sharing of account number information for marketing purposes. Subtitle B of Title V prohibits obtaining customer information of a financial institution by false pretenses. The FTC enforces these provisions with regard to entities not specifically assigned by the provision to the Federal banking agencies or other regulators.