Consumer Privacy


Title V of the Gramm-Leach-Bliley Act ("GLB") states that it is federal policy for each financial institution "to respect the privacy of its customers" and to "protect the security and confidentiality of those customers’ non-public personal information." Section 504 of GLB directed the Federal banking agencies, the NCUA, the Secretary of the Treasury, the SEC and the FTC to implement rules to carry out the purpose of the GLB. Subsequently, Dodd-Frank Section 1093 (i) gave the CFTC authority to enforce Section 504 as to agencies that it regulates; and (ii) generally gave the CFPB, rather than the other banking regulators, the authority to enforce the privacy provisions of GLB.

To a good extent, the more limited regulatory requirements of U.S. federal law have been superseded by the more demanding requirements of various State laws, particularly the California Consumer Privacy Act in the United States and the General Data Protection Regulation in the European Union.'s picture
Contributor Title 
Partner's picture
Contributor Title 
Partner - Corporate





Implementing Rules

European Union