President Obama Signs FAST Act Modifying the Gramm-Leach-Bliley Act’s Annual Privacy Notice Requirement | Practical Law

President Obama Signs FAST Act Modifying the Gramm-Leach-Bliley Act’s Annual Privacy Notice Requirement | Practical Law

President Obama has signed H.R. 22, commonly known as the Fixing America’s Surface Transportation Act (FAST Act), into law. The FAST Act includes a provision that modifies the annual privacy notice requirement under the Gramm-Leach-Bliley Act (GLBA).

President Obama Signs FAST Act Modifying the Gramm-Leach-Bliley Act’s Annual Privacy Notice Requirement

by Practical Law Intellectual Property & Technology
Published on 08 Dec 2015USA (National/Federal)
President Obama has signed H.R. 22, commonly known as the Fixing America’s Surface Transportation Act (FAST Act), into law. The FAST Act includes a provision that modifies the annual privacy notice requirement under the Gramm-Leach-Bliley Act (GLBA).
On December 4, 2015, President Obama signed H.R. 22, commonly known as the Fixing America’s Surface Transportation Act (Fast Act), into law. While the FAST act is primarily aimed at improving America’s surface transportation infrastructure, it also contains a provision that creates an exception to the annual privacy notice requirements under the Gramm-Leach-Bliley Act (GLBA).
Under the current GLBA privacy rule, financial institutions are required to mail an annual privacy notice to customers which explains:
  • How customers’ nonpublic personal information (NPI) is collected, used, and disclosed.
  • Whether customers can limit the financial institutions’ sharing of that information.
Under Section 75001 of the FAST Act, financial institutions no longer need to provide an annual privacy notice if both of the following circumstances apply:
  • The institution only shares NPI with nonaffiliated third-parties in a manner that does not require customers to be provided with an opt-out right.
  • The institution has not changed its NPI disclosure policies and practices since the last time it provided customers with a privacy notice.
Both circumstances must be true to qualify for the new exception. If either instance does not apply to the financial institution, it is still required to send customers an annual privacy notice.
This provision of the Fast Act, which went into effect retroactively on October 1, 2015, is intended to save financial institutions significant costs in printing and postage.