The Gram-Leach-Bliley Act, also known as the Financial Modernization Act of 1999, requires financial institutions to develop privacy notices and to notify customers that they are entitled to privacy.
The act prohibits banks from releasing information to nonaffiliated third parties without permission. Many customers groups have criticized the implementation of this act by financial institutions because of all the paperwork that it has created.
The act requires that employees need to be trained on information security issues, and security measures must be put into place and tested to verify information privacy.
The act includes a number of other provisions that allow banks and financial institutions to align and form partnerships.
The act requires banks to explain to individual consumers information-sharing policies. Customers have the ability to opt out of sharing agreements.
The act prohibits institutions from sharing account information for marketing purposes. If also prohibits the gathering of information about customers using false or fraudulent methods.
The law went into effect in July 2001. Financial officers and the board of directors can be held criminally liable for violations.
NOTE: For more information on Gramm-Leach-Bliley Act, visit www.ftc.gov/privacy/privacyinitiatives/glbact.html.