Gramm-Leach-Bliley Act (GLBA)

Enacted in November 1999, the Gramm-Leach-Bliley Act (GLBA) establishes a requirement for financial institutions to protect the sensitive personal information of their customers. Also known as the Financial Services Modernization Act of 1999, GLBA "...requires financial institutions—companies that offer consumers financial products or services like loans, financial or investment advice, or insurance—to explain their information-sharing practices to their customers and to safeguard sensitive data" (Federal Trade Commission, n.d.a). The act was authored by Senator Phil Gramm and Representatives Thomas J. Bliley, Jr. and Jim Leach.

GLBA contains the "Safeguards Rule," which establishes the requirement for financial institutions to protect the information they collect from their consumers.

GLBA has several requirements regarding privacy protection. The first is an annual requirement for customers to receive the financial institution's privacy notice. This notice must clearly state opt-out instructions for sharing personal financial information. GLBA also puts limits on the use or redisclosure of nonpublic personal information acquired from a financial institution. And GLBA establishes requirements for securely storing personal financial information. Institutions subject to GLBA include nonbank mortgage lenders, loan brokers, some financial or investment advisors, tax preparers, providers of real estate settlement services, and debt collectors (Federal Trade Commission, n.d.b).

References

Federal Trade Commission. (n.d.a). Gramm-Leach-Bliley Act. https://www.ftc.gov/tips-advice/business-center/privacy-and-security/gramm-leach-bliley-act

Federal Trade Commission. (n.d.b). In brief: The financial privacy requirements of the Gramm-Leach-Bliley Act. https://www.ftc.gov/tips-advice/business-center/guidance/brief-financial-privacy-requirements-gramm-leach-bliley-act