SB 773: Financial Information Privacy Act
When Congress passed the Gramm-Leach-Bliley Act of 1999, it did so absent strong consumer privacy protections but invited states to enact legislation to further protect consumers’ sensitive financial information. Currently, information that was traditionally held only by a consumer’s bank, insurer or investment firm may now be shared across various financial service providers. Under federal law, affiliates may share information regarding consumer accounts and spending practices. Further, these companies may share information with third parties for financial marketing purposes. In either instance, the consumer has no legal right to stop this distribution of information.
SB 773 (Speier) is California’s response to Congress’ invitation to strengthen the law and gives California consumers more control over their personal financial information.
· Gives consumers the right to stop the sharing of information with affiliated companies (opt-out).
Under federal law, consumers have no right to control the use and sharing of their financial information with affiliates of the financial institution with whom they have a business relationship. SB 773 allows consumers to stop the sharing of this information by opting out of this practice.
· Requires financial institutions to get a consumer’s affirmative consent (opt-in) before sharing information with third parties.
This will significantly reduce unwanted marketing as well as the deceptive practices of some financial institutions that result in consumers being charged for products or services without ever giving an outside party their account information. Consumers must opt-in to allow banks to share information with third parties.
· Allows financial institutions to enter joint marketing agreements on a limited basis under an opt-out standard.
Small financial institutions with limited affiliates may choose to enter joint marketing agreements in order to remain competitive with financial institutions that have many affiliates. Under these circumstances, financial institutions may share consumer information with outside financial institutions unless the consumer opts-out of this practice.
· Gives the Attorney General enforcement authority for violations of this law.
Financial institutions that share information negligently will be fined $2,500 per violation with a cap of $500,000 per occurrence. Those who knowingly and willfully violate the law will be fined $2,500 per violation with no cap.