House Passes Legislation Eliminating Annual GLBA Privacy Notice Requirement
Earlier this week, the House of Representatives passed H.R. 749, the Eliminate Privacy Notice Confusion Act. The bill is sponsored by Rep. Blaine Leutkemeyer (R-MO) and Rep. Brad Sherman (D-CA). An earlier version of the bill passed the House in December but was never taken up by the Senate. We previously covered similar legislation introduced by Representative Leutkemeyer.
The bill provides that a financial institution subject to the requirement in the Gramm-Leach-Bliley Act (GLBA) to send annual privacy notices to customers is excluded from this requirement if the institution (1) only discloses customers’ nonpublic personal information to nonaffiliated third-parties pursuant to an exception in GLBA (e.g., for processing or servicing a customer’s account or to a service provider) from the overall opt-out framework and (2) has not changed its policies and practices with regard to disclosing nonpublic personal information from the policies and practices that were disclosed in the most recent notice sent to customers. If either of these requirements ceases to apply, the institution would be required to send an annual privacy notice. The legislation is intended to lessen the regulatory burden on financial institutions and potential for customer confusion in sending to customers privacy notices that have not changed over time and that are generally available on institutions’ websites.