Financial privacy laws in the United States

While each state approaches financial privacy differently, they mostly draw from federal laws and provide more stringent outlines and definitions.[1][2] The act was put in place to limit the government's ability to freely access nonpublic financial records.[3] The RFPA was later amended to increase financial institutions' ability to help facilitate criminal investigations and prosecutions.Under the new amendments, financial institutions are allowed to disclose information to the government if they believe that a regulation has been violated.[4] The amendments also states that a court can compel a financial institution to notify a customer that their information has been subpoenaed.To promote consumer privacy, the Gramm-Leach-Bliley Act included regulations to limit the ways in which companies handled and shared financial data.[8] The rule also states that institutions must dedicate employees to the development, implementation, and maintenance of the security program.The FCRA also includes the Red Flag Rule, which was added by the Fair and Accurate Credit Transactions Act.The act states that unauthorized access to a file or receiving a report under false pretext will result in a criminal offense.[15] The act required that account numbers printed on receipts have to be shortened to five digits in order to protect consumer privacy.[2] The act gave the United States Treasury clearance to consolidate bank records so that the information can effectively serve in legal proceedings.[4] Financial institutions are required to hold records for six years and are obligated to report any suspicious transactions.[16] Requirements were set to outline the ways in which debt collectors are allowed to interact with a consumer when pursuing payment.[16] Collectors are also not allowed disclose fraudulent information to credit reporting agencies in an attempt to collect the debt.A clear link that specifically says "Do Not Sell My Personal Information" must also be provided to employees under the employers' website to help facilitate any opt-out requests.[17] Employees must also be notified if their employers are selling their information under the California Civic Code's definition of "business purposes."[18] The act also provides an opt-in rule instead of opt-out which allows consumers more control over the situations in which financial institutions can handle information without consent.As a result of the act, California's government agencies are not authorized to access financial records unless the consumer gives consent or if a subpoena or a search warrant is issued for the information.[16] Under the act, companies may not collect personally identifiable information from consumers who purchase goods or services using credit cards.Companies cannot set conditions in which consumers must consent to sharing their information in order to use their credit cards for a transaction.The act also set a redundant state level requirement that companies must shorten a consumer's credit and debit card information on receipts.[12] As part of its enforcement powers, the CFPB can initiate investigations, issue subpoenas, hold hearings, and hand out fines of over a million dollars for violations.[12] The bureau also has the ability to enforce and make rules regarding any existing federal financial privacy laws.At the beginning, the agency promoted self regulation as they encouraged companies to produce their own privacy policies that the FTC would help enforce.Eventually the FTC, in general, gained the power to create privacy regulations and implement protections against fraudulent activities.The FTC has power to conduct investigations and can issue subpoenas as well as compel companies to provide reports under oath.
Bank Secrecy ActRight to Financial Privacy ActGramm-Leach-Bliley ActFair Credit Reporting ActElectronic Funds Transfer ActConsumer Financial Protection BureauFederal Trade CommissionRight to Financial Privacy Act of 1978 (RFPA)Supreme CourtUnited States v. Miller 1976U.S. governmentSearch warrantFederal Rules of Criminal ProcedureGramm-Leach-Bliley Act (GLBA)Glass-Steagall ActSafeguards RuleFederal Trade Commission (FTC)Federal Reserve Bank of RichmondJeffrey M. LackerFair Credit Reporting Act (FCRA)Red Flag RuleFair and Accurate Credit Transactions Act (FACTA)United States TreasuryFair Debt Collection Practices Act (FDCPA)Dodd-Frank Wall Street Reform and Consumer Protection Act2008 financial crisisVermontBank Holding Company Act of 1956Background checkBank regulation in the United StatesBank secrecyCredit rating agencyCustomer Identification ProgramConsumer protectionElectronic funds transferFinancial regulationFTC fair information practiceFTC regulation of behavioral advertisingIdentity theft in the United StatesInformation brokerKnow your customerPrivacy lawPrivacy laws of the United StatesTenant screeningLaw of the United StatesConstitutional lawlegislationFederalismSeparation of powersCivil rightsAct of CongressBill (United States Congress)United States CodeCourts of theUnited StatesFederal courtsSupremeAppealsDistrictBankruptcyClaimsInternational TradeState courtsState supremeEducationLaw schoolLaw School Admission TestUS barAdmission to the barReading lawAbortionAdministrative lawAntitrustChild custodyChild sexual abuseCivil procedureConflict of lawsConstitutionalContractCopyrightPropertyCorporateCriminalProcedureEnergyEnvironmentalHuman rightsJuvenileMartialObscenityPatentPrivacySportsDefamationRight of access to personal dataExpectation of privacyRight to privacyRight to be forgottenPost-mortem privacyPrivacy lawsAustraliaBrazilCanadaDenmarkEnglandEuropean UnionGermanyNew ZealandRussiaSingaporeSri LankaSwitzerlandUnited KingdomUnited StatesCaliforniaamended in 2020Data protection authoritiesFranceIndonesiaIrelandIsle of ManNetherlandsNorwayPhilippinesPolandSouth KoreaSwedenThailandTurkeyConsumerDigitalMedicalWorkplaceInformation privacyFinancialInternetFacebookGoogleTwitterPersonal dataPersonal identifierSocial networking servicesPrivacy-enhancing technologiesPrivacy engineeringPrivacy-invasive softwarePrivacy policyPrivacy softwareSecret ballotVirtual assistant privacyAmerican Civil Liberties UnionCenter for Democracy and TechnologyComputer Professionals for Social ResponsibilityData Privacy LabElectronic Frontier FoundationElectronic Privacy Information CenterEuropean Digital RightsFuture of Privacy ForumGlobal Network InitiativeInternational Association of Privacy ProfessionalsPrivacy InternationalAnonymityCellphone surveillanceData securityEavesdroppingGlobal surveillanceIdentity theftMass surveillancePanopticonWiretappingPersonality rights