Page. (July 17, 2002)
EPIC, Consumer Groups, State AGs Argue for Stronger Privacy Safeguards
for Financial Records. EPIC, Privacy
Rights Clearinghouse, U.S.
PIRG and Consumers
Union submitted comments
(PDF) on May 1 for a U.S. Treasury Department study
on the effectiveness of Gramm-Leach-Bliley Act financial privacy protections.
The study is required by law to shed light on the information sharing
practices of the financial services industry. The comments describe flaws
in the implementation of the GLB Act and demonstrate the benefits for
consumers if an "opt-in" approach is adopted for financial information
sharing. 37 state Attorneys General also filed comments
for the study, stating that "current law does not adequately protect
consumers' privacy" and poses a significant risk to consumers. (May
Groups Petition Agencies to Improve Financial Privacy. EPIC has
joined Public Citizen and other organizations in petitioning federal agencies
to improve notice and opt-out mechanisms under the Gramm-Leach-Bliley
Act (GLBA). The petition
(PDF) urges the agencies to adopt requirements of clear, concise language
for GLBA privacy notices and to require more effective measures to allow
consumers to opt-out from financial information sharing. (July
Report: Opt-Out Notices Are Difficult to Understand. The Privacy
Rights Clearinghouse has published a report
showing that most opt-out notices required by the Gramm-Leach-Bliley Act
are written at a second-year college level. Federal law requires that
these notices must be written in "plain language." The notices explain
how financial institutions collect, share, and use personal information
and how individuals can opt-out from certain types of information use.
Proposed Financial Privacy Regulations Released. The Treasury
Department, Federal Reserve, Federal Deposit Insurance Corporation, and
Office of Thrift Supervision issued a joint notice of proposed rule-making
on February 3. The rules
(160K PDF) will govern how financial institutions may pass on customer
information to affiliated and third parties. On February 24, the Federal
Trade Commission released its own notice
and rules (120K PDF) for financial institutions within its jurisdiction.
Comments on both sets of proposed rules are due by March 31. (Feb.
- Privacy Rights Clearinghouse.
- Privacy Rights
is the Gramm-Leach-Bliley Financial Services Modernization Act of 1999 And
How Does Information Sharing Affect Your Privacy?, US PIRG.
- Federal Trade
Commission GLBA Site.
Asked Questions for the Privacy Regulation, FTC Staff Guidance, December
Privatization of Big Brother (PDF), Report from Attorney General Mike
Hatch of Minnesota.
of Beth Givens to the Federal Trade Commission Workshop, Director, Privacy
Rights Clearinghouse, The Information Marketplace: Merging and Exchanging
Consumer Data, March 13, 2001.
Information Marketplace: Merging and Exchanging Consumer Data, FTC Workshop,
March 13, 2001.
Civil Liberties Union Financial Privacy Feature.
to Financial Institutions from California State Senator Jackie Speier,
November 19, 2002.
our Privacy (POP). POP is a non-profit, non-partisan, organization formed
by private citizens in North Dakota to repeal law SB 2191, which allows
banks and financial institutions to release records customer permission.
It was successful in campaigning for an opt-out scheme with the support
of 73% of population.
- Major Financial
Services Legislation, The Gramm-Leach-Bliley Act (P.L. 106-102): An Overview
(PDF), CRS Report for Congress RL30375, updated December 16, 1999.
Money Laundering Abatement and Anti-Terrorist Financing Act of 2001, Title
III of P.L. 107-56 (PDF), CRS Report for Congress RL31208, updated December
- Financial Privacy:
An Economic Perspective (PDF), CRS Report for Congress RL31758, updated
February 25, 2003.
- Financial Privacy
Laws Affecting Sharing of Customer Information Among Affiliated Institutions
(PDF), CRS Report for Congress RS21427, updated February 27, 2003.
- Privacy Protection
for Customer Financial Information (PDF), CRS Report for Congress RS20185,
updated February 28, 2003.
- Personal Privacy Protection:
The Legislative Response (PDF), CRS Report for Congress RL30671, updated
May 24, 2001.
- Oscar Gandy, The Panoptic Sort: A Political Economy of Personal Information,
- Robert Ellis Smith, Ben Franklin's Web Site: Privacy and Curiosity From
Plymouth Rock To the Internet, 2000.
- Lee Harris, The Increased Likelihood of Gramm-Leach-Bliley Enhancements
with a New Senate, 1 No. 11 Privacy Info. L. Rep. 4 (July/Aug 2001).
- William F. Kroener, III, Implementation of Selected GLBA Provisions
and Other Topics of Current Interest: The FDIC Perspective, SG023 ALI-ABA
- L. Richard Fischer, Oliver I. Ireland, Living with the Gramm-Leach-Bliley
Privacy Rules - Private Labels, Co-Brand, Agent Bank and Other Credit Partnerships,
2 No. 2 Privacy Info. L. Rep. 1, (Oct., 2001).
- Oliver I. Ireland, Krista P. DeLargy, The Disclosure of Account Numbers
Under the Gramm-Leach-Bliley Act, 2 No. 3 Privacy Info. L. Rep. 9 (Nov.
- Reece Hirsch, Andrew Mar, Gramm-Leach-Bliley Consumer Financial Privacy
Rules Apply to Many Web Sites, 6 No. 6 Cyberspace Law. 10, (2001).
- David Annecharico, Note, Online Transactions: Squaring the Gramm-Leach-Bliley
Act Privacy Provisions with the FTC Fair Information Practice Principles,
6 N.C. Banking Inst. 637 (April, 2002).
- Eric Poggemiller, Note, The Consumer Response to Privacy Provisions
in Gramm-Leach-Bliley: Much Ado About Nothing?, 6 N.C. Banking Inst.
617 (April, 2002).
- L. Richard Fisher, The Gramm-Leach-Bliley Act and Its Implementation,
2G066 ALI-ABA 65 (2002).
- Neal R. Pandozzi, Beware of Banks Bearing Gifts: Gramm-Leach-Bliley
and the Constitutionality of Federal Financial Privacy Legislation,
55 U. Miami L. Rev. 163 (January, 2001).
- Michael A. Benoit, Nicole F. Munro, Recent Federal Privacy Initiatives
Affecting the Electronic Delivery of Financial Services, 56 Bus. Law.
1143 (May 2001).
- Christopher C. Gallagher, The Perfect Storm the GLBA-HIPAA Convergence,
1 Privacy Info. L. Rep. 11 (October 2000).
- Vincent Serpico, Denise Landers, Damon A. Terrill, Making Sense of
U.S. State Data Privacy Law, 119 Banking L. J.462 (May 2002).
Union v. FTC, No. 00-1141 (D.C. Cir. 2001), cert. denied,
536 U. S. ____ (2002) . In Trans Union, the Court of Appeals for
the District of Columbia Circuit held that tradelines (credit information
that includes name, address, date of birth, telephone number, Social Security
number, account type, opening date of account, credit limit, account status,
and payment history) could not be sold for marketing purposes because they
constituted a credit report for purposes of the Fair Credit Reporting Act
(FCRA). Further, the Court rejected the profiler's claim that the First
and Fifth Amendments invalidated the FCRA.
- IRSG v.
FTC, 145 F. Supp. 2d 6, No. 00-1828 (D.D.C. 2001)(PDF 1.9 MB). In
Individual Reference Services Group v. FTC, a trade association representing
credit reporting agencies and their customers unsuccessfully sued to overturn
GLBA regulations. The credit reporting agencies sell products, which use
non-public personal information. For example, Trans Union sells products
such as "Trace," which allows the user to input an individual's
social security number and receive, in return, the name and address of that
person; "Retrace," which enables the user who has an individual's
name and address to obtain that person's social security and phone numbers;
and "ID Search," which permits a customer with a person's name
and phone number to obtain that individual's social security number and
current and former addresses; and other products which sell the above information
along with account information. This decision was affirmed in Trans
Union v. FTC, No. 01-5202 (D.C. Cir. 2002).
EPIC Privacy Page | EPIC
January 21, 2005
Page URL: http://www.epic.org/privacy/glba/default.html