Monetary Policy
Public Comments
March 31, 2000

The Proposed Rules to Protect the Privacy of Consumer Financial Information

  • Jay Cochran

Key materials
Contact us
To speak with a scholar or learn more on this topic, visit our contact page.

Rulemaking:

Privacy of Consumer Financial Information

Stated Purpose:

"This rule proposes to implement notice requirements and restrictions on a financial institution’s ability to disclose nonpublic personal information about consumers to nonaffiliated third parties."

Summary of RSP Comment:

On February 22, 2000, the Office of the Comptroller of the Currency (OCC), in conjunction with the Federal Reserve Board (FRB), Federal Deposit Insurance Corporation (FDIC), and the Office of Thrift Supervision (OTS) proposed regulations to:

. . . implement notice requirements and restrictions on a financial institution's ability to disclose nonpublic personal information about consumers to nonaffiliated third parties.

The authority for this proposed rulemaking comes from Title V of the Gramm-Leach-Bliley ("GLB") Act. Under the Act, Congress expressed its policy "that each financial institution has an affirmative and continuing obligation to protect the security and confidentiality of [its] customers' nonpublic personal information." The law contains four major requirements:

  1. All covered institutions must establish appropriate administrative, technical, and physical safeguards to protect customer records and information.
  2. Institutions must clearly and conspicuously disclose their privacy policies and practices to consumers in writing or electronic form.
  3. Consumers must be given the opportunity to "opt out" of any disclosures to nonaffiliated third parties before such disclosures take place; and
  4. Any nonaffiliated third party receiving nonpublic personal information may not subsequently reuse or re-disclose such information unless such disclosure would be lawful if performed by the original financial institution.

The law allows a number of exceptions to the general requirements. Key exceptions include disclosures necessary to carry out transactions on a customer's behalf, disclosures for law enforcement purposes, disclosures in connection with business combinations or mergers, and disclosures for auditing and insurance rating purposes.

The agencies' proposed regulations closely follow the requirements of the law. In particular, institutions covered by the rule may not disclose nonpublic information about a consumer to nonaffiliated third parties unless the institution satisfies disclosure and opt-out requirements, and the consumer has not opted out of disclosure.

Financial Regulation
Monetary Policy
Consumer Finance
Bank Regulation
Financial Markets

Related Content

Mercatus Original Podcast
Monetary Policy

Jim Bianco on Policy Responses to the Coronavirus: Details, Implications, and Concerns Moving Forward

David Beckworth, Jim Bianco
Mar 30
Mercatus Original Podcast
Monetary Policy

Robin Brooks on COVID-19’s Impact on Emerging Markets and the Domestic Policy Response to the Crisis

David Beckworth, Robin Brooks
Mar 25
Mercatus Original Podcast
Monetary Policy

Stan Veuger on Helping Businesses Survive in the Post-Coronavirus Economy

David Beckworth, Stan Veuger
Mar 23