| The new federal privacy rules |
|
What is a financial institution?
|
|
A financial institution is any institution
that engages in financial activities including lending, exchanging,
transferring and investing of money for others as well as
insurance activities. Banks, credit unions, brokerages and
insurance companies are all financial institutions.
|
|
Who is a consumer?
|
|
A consumer is an individual who obtains from
a financial institution, financial products or services that
are to be used primarily for personal, family or household
purposes. A person who applies for a financial product is
considered a consumer even if the application is withdrawn
or rejected.
|
|
What are the privacy protections for a
consumer?
|
|
A financial institution must provide an opt-out
notice to a consumer before it can share "nonpublic" information
with third-party marketing companies. The notice will explain
the types of information that it discloses and the categories
of companies with which it would share this information. The
financial institution must also provide a consumer with the
opportunity to opt-out in writing, by e-mail or with a toll-free
number. A financial institution must also make its privacy
policy available to a consumer.
|
|
Who is a customer?
|
|
A customer is any consumer who has a continuing
relationship with a financial institution. People who open
deposit accounts, borrow money, or obtain financial advice
are considered customers. People who use financial institutions
for isolated transactions such as purchasing money orders,
cashing checks or ATM withdrawals are considered consumers.
|
|
What are the privacy protections for a
customer?
|
|
A financial institution must disclose its
privacy policy when someone signs on as a customer and at
least once a year thereafter. Because "a customer" is also
considered "a consumer," a financial institution must give
a customer the opportunity to opt-out before it shares any
nonpublic information with a nonaffiliated third party.
|
|
What is "nonpublic" information and how
can I prevent my financial institution from sharing or selling
mine to third-party marketing companies?
|
|
Regulators consider "nonpublic information"
to be any "personally identifiable financial information"
provided by a consumer to a financial institution as well
as any transaction and service information. You can block
the sharing of this information by choosing to opt out.
|
|
Are there any exceptions to the opt-out
requirement?
|
|
Yes. A financial institution may disclose
"nonpublic" information to a nonaffiliated third party if
the company is providing services or doing marketing for the
financial institution. Financial institutions in a joint marketing
agreement may also share this information. No opt-out notice
is required.
|
|
When do these new protections start?
|
|
The rules are effective Nov. 13, 2000, one
year after President Clinton signed the bill into law. However,
compliance is voluntary until July 1, 2001.
|
|
What's not protected in the new privacy
laws?
|
|
The sharing of personal financial information
among affiliates. A company's information-sharing policies
with its affiliates must be disclosed in its privacy policy
but there is no way for a consumer to block the sharing of
this information.
|
|
Source: Gramm-Leach-Bliley Act; final rules
from the Board of Governors of the Federal Reserve System,
the Federal Deposit Insurance Corporation, the Office of the
Comptroller of the Currency and the Office of Thrift Supervision.
|
