Blog Posts Tagged with Gramm-Leach-Bliley Act

To quote studio head Samuel Goldwyn’s famous malaprop, an oral contract isn’t worth the paper it’s printed on. The same can be said of a written security policy if a company doesn’t carry out its provisions.

Financial institutions collect personal information from customers every day, from names and addresses to bank account and Social Security numbers. The Gramm-Leach-Bliley Act’s Safeguards Rule requires those institutions to develop, implement, and maintain a comprehensive information security program. As part of its regulatory review process, the FTC has proposed changes to the Rule.

Turning eighteen was a momentous birthday for most of us and the same could be said for the Gramm-Leach-Bliley Act’s Safeguards Rule. Finalized in 2002 and in effect since 2003, the Safeguards Rule requires “financial institutions” to develop, implement, and maintain a comprehensive information security program for handling customer information.

California-based mortgage broker Mortgage Solutions FCS also does business under the name Mount Diablo Lending. And according to the FTC, the company gave consumers a devil of a time if they posted negative reviews on Yelp. Is your business pondering how to address unfavorable consumer comments?

The domino principle. The ripple effect. The butterfly phenomenon. Apply the analogy of your choice to describe what happens when one software developer’s allegedly lax security practices result in the breach of confidential customer information maintained by multiple businesses that use the software.

It’s a given that companies shouldn’t charge consumers hidden fees. But it raises a particular concern when an online lender makes “No Hidden Fees” claims a centerpiece of its marketing – and then deducts from those loans hundreds or even thousands of dollars in hidden up-front fees.

One Direction had a hit with a song called “18,” but the FTC’s recent law enforcement and policy initiatives suggest that the agency will continue to pursue many directions in its efforts to protect consumers in ‘18. (Sorry. We’re expecting a fresh shipment of pop culture references in January.) In case you missed them – and in no particular order – here are ten FTC consumer protection topics of note from 2017.

There are three letters every auto dealer should know about. GTO? XKE? Good guesses, but not what we had in mind.

We’re talking about GLB.

The Gramm-Leach-Bliley Act requires financial institutions to give their customers initial and annual notices about their privacy policies. If the company shares certain customer information with particular types of third parties, they also have to give customers the opportunity to opt out of sharing. The FTC’s Privacy of Consumer Financial Information Rule – friends call it the GLB Privacy Rule – explains the specifics.

53 and it’s likely to go up. That’s the number of data security law enforcement actions the FTC has settled so far. The facts of each case are different, but distilled down to the basics, they stand for one central proposition: Your company’s data security measures should be reasonable and appropriate in light of the sensitivity and amount of consumer information you have, the size and complexity of your business, and the availability and cost of tools to improve security and reduce vulnerabilities.