Internet Law 101: The Gramm-Leach-Bliley Act

the gramm-leach-bliley act law and lawyer
What is the GLB Act and why is it an important law for every Internet business to know

The Gramm-Leach Bliley Act of 1999 (GLB Act) is the commonly used name for the Financial Modernization Act of 1999, which went into effect on July 1, 2001. “The GLB” protects individuals’ pecuniary penetralia — and all financial, banking and consumer finance businesses must comply with its rules.

Business and Financial Institutions that Must Comply With the Financial Modernization Act (a.k.a., the Gramm-Leach-Bliley Act)

  • Banks
  • Securities Firms
  • Insurance Companies
  • Real Estate Appraisers
  • Automobile Leasing Companies
  • Travel Agencies connected to Financial Services
  • Retailers that issue their own consumer credit cards

Which Federal Agencies Deal With Gramm-Leach-Bliley Issues?

Several federal agencies are charged with the task of enforcing the GLB Act. States are also authorized to enforce the GLB Act.

  1. Office of the Comptroller of Currency;
  2. Board of Governors of the Federal Reserve System;
  3. Federal Deposit Insurance Corporation;
  4. Office of Thrift Supervision;
  5. Securities and Exchange Commission;
  6. National Credit Union Administration and
  7. Federal Trade Commission (most online marketers and businesses would fall under the Federal Trade Commission).

Sections of the GLB Act

The Financial Modernization Act of 1999 is comprised of three sections:

  1. the Financial Privacy Rule,
  2. the Safeguards Rule, and
  3. the pre-texting provisions section.

GLB Act: Financial Privacy Rule

The Financial Privacy Rule outlines how a consumers’ financial information must be collected and disclosed. The Rule applies to all financial services companies and isn’t limited to banks or federal financial institutions.

Consumers v. Customers: An Important Financial Modernization Act Distinction

One of the most significantly important definitions set forth by the Financial Privacy Rule is the defining difference between a consumer and a customer.

  • A consumer is someone who obtains the services of a company for personal or household reasons, such as services provided by a check-cashing store.
  • A customer is someone who is in a long-term financial services relationship with a financially based company, such as a mortgage obtained from a lending institution.

Only customers of the financially oriented company are entitled to a copy of the Financial Privacy Rule automatically. Consumers are only entitled to an automatic copy of the Rule if the company shares information with an independent third party.

Data and Privacy Disclosure Statements A Must

The Privacy Rule requires businesses to provide a clear and concise disclosure statement about how financial and identifying information is collected, handled and shared. And no, posting one on a wall in the company break room or posted on an unknown Web page does not satisfy the requirement.

Opt-Out Requirements

Customers and consumers must also have the right to opt-out of information sharing. The financial institution is required to provide a simple and obvious opt-out method, such as a pre-printed form to mail in or a toll-free number to call.

Requiring the customer to compose a letter and mail it in to the company in order to opt-out is not allowed by the Gramm-Leach-Bliley Financial Modernization Act.

GLB Act: Safeguards Rule

The Safeguards Rule of the GLB Act requires companies to have an operational and effective digital security system to protect consumer financial data. To state it bluntly, Computer servers can be vulnerable to hackers. The GLB says that any company storing private financial data must have some sort of system in place to combat security breaches.

The GLB Act does not differentiate between information that was collected before or after the law went into effect. All companies who carry out financial transactions with their customers are required to comply; notifying their customers of their privacy policy, providing opt-out mechanisms and implementing a kick-ass digital security system.

GLB Act: Pretexting Provions Rule

The pretexting provisions target parties that collect sensitive and private consumer information under false pretenses.

The purpose of the Gramm-Leach Bliley Act is to protect consumer privacy and safeguard their personal and financial information from third parties. It does not, however, provide a means for individual lawsuits against violating businesses.

Speak With A Gramm-Leach-Bliley Act Lawyer

Need to speak with an attorney who has experience with the Gramm-Leach-Bliley Act? If yes, get in touch with Kelly / Warner Law. We’re one of the first law firms in the U.S. to concentrate on Internet law matters and therefore have considerable knowledge of GLB mechanics.

Let's Talk »
Legal Disclaimer | Privacy Policy | Terms of Service
© 2017 Kelly Warner Law PLLC. All Rights Reserved.
800: 1-866-570-8585
Office: 480-588-0449