There are three letters every auto dealer should know about. GTO? XKE? Good guesses, but not what we had in mind.
We’re talking about GLB.
The Gramm-Leach-Bliley Act requires financial institutions to give their customers initial and annual notices about their privacy policies. If the company shares certain customer information with particular types of third parties, they also have to give customers the opportunity to opt out of sharing. The FTC’s Privacy of Consumer Financial Information Rule – friends call it the GLB Privacy Rule – explains the specifics.
In this context, the definition of “financial institution” extends beyond places with tellers, vaults, and pens tethered to the counter. And post Dodd-Frank, much of the rulemaking authority under GLB is now with the CFPB. But there’s an important exception. The FTC retains rulemaking authority when the financial institution in question is an auto dealer. We’ve proposed a change to how the GLB Privacy Rule will operate for auto dealers and we’re asking for your feedback.
What’s under consideration? A revision that would allow dealers that finance cars or offer car leases to provide online updates to consumers about their privacy policies, rather than send yearly updates by mail. Dealers could do that only if they notify consumers annually that the policy is viewable online. The proposed rule change would require that notification to be part of some other legally required document provided to consumers.
Those are just some highlights of what's under consideration, so be sure to read the Federal Register Notice for details. The goal, of course, is to keep the rules the FTC enforces up to date and streamlined.
Interested in weighing in? File an online comment by August 31, 2015.