Final answer:
The Gramm-Leach-Bliley Act (GLBA) is a federal law that mandates financial institutions to protect the privacy and security of consumer's nonpublic personal information. It requires transparency in information-sharing practices and allows consumers to opt out of certain sharing. It also enforces the creation of information security programs and is overseen by several federal agencies, including the FTC.
Step-by-step explanation:
Understanding the Gramm-Leach-Bliley Act (GLBA)
The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, is a United States federal law that governs the handling of personal information by financial institutions. One of the key objectives of this act is to ensure that financial institutions protect the privacy of consumer information and provide transparency to consumers regarding their information-sharing practices.
GLBA primarily protects nonpublic personal information (NPI), which includes any information that a consumer provides to obtain a financial product or service, as well as any information obtained about a consumer from a transaction involving a financial product or service.
Main Privacy Requirements of GLBA
-
- Financial institutions must provide clear and conspicuous privacy notices to consumers, explaining information practices and the sharing of NPI.
-
- Consumers must be given the opportunity to opt-out of information-sharing with non-affiliated third parties.
Main Security Requirements of GLBA
-
- Financial institutions are required to develop, implement, and maintain a comprehensive information security program to protect NPI.
-
- Such a program must be designed to manage the risks to consumer information adequately, including assessing risks and testing the effectiveness of security measures.
The enforcement of the GLBA is carried out by several agencies, including the Federal Trade Commission (FTC), the Federal Reserve System, and the Office of the Comptroller of the Currency.