In addition to providing long-term funding for highway infrastructure improvements and other transportation projects, the newly enacted Fixing America’s Surface Transportation Act (FAST Act) seeks to reduce consumer confusion by eliminating annual privacy notice requirements for financial institutions in some circumstances.
The Gramm-Leach-Bliley Act (GLBA) requires financial institutions to provide consumers with notice of the institution’s privacy policies and procedures annually. Section 75001 of the FAST Act, signed into law by President Obama on December 4, 2015, eliminates this annual notice requirement for financial institutions that satisfy two criteria:
- The financial institution does not share nonpublic personal information with nonaffiliated third parties except pursuant to certain GLBA exceptions permitting such disclosures; and
- The financial institution has also not changed its privacy policy and procedures since the most recent GLBA privacy notice sent to consumers.
Financial executives planning to send out annual privacy notices at the beginning of 2016 may no longer need to do so and may wish to review privacy practices and procedures to determine if the FAST Act exception is applicable to their institution.
Section 75001 should be considered in conjunction with a Consumer Financial Protection Bureau final rule issued in October 2014, which also allows financial institutions that meet certain requirements and limit data sharing to post privacy notices online in place of mailing notices to individuals.
Section 75001 of the FAST Act is available here.