US (United States) Code. Title 15. Chapter 94: Privacy

Codificación normativa de EEUU (Estados Unidos). Legislación federal estadounidense # Commerce and Trade

  • Enviado por: El remitente no desea revelar su nombre
  • Idioma: inglés
  • País: Estados Unidos Estados Unidos
  • 32 páginas
publicidad
publicidad

-CITE-

15 USC CHAPTER 94 - PRIVACY 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

.

-HEAD-

CHAPTER 94 - PRIVACY

-MISC1-

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

Sec.

6801. Protection of nonpublic personal information.

(a) Privacy obligation policy.

(b) Financial institutions safeguards.

6802. Obligations with respect to disclosures of personal

information.

(a) Notice requirements.

(b) Opt out.

(c) Limits on reuse of information.

(d) Limitations on the sharing of account number

information for marketing purposes.

(e) General exceptions.

6803. Disclosure of institution privacy policy.

(a) Disclosure required.

(b) Information to be included.

6804. Rulemaking.

(a) Regulatory authority.

(b) Authority to grant exceptions.

6805. Enforcement.

(a) In general.

(b) Enforcement of section 6801.

(c) Absence of State action.

(d) Definitions.

6806. Relation to other provisions.

6807. Relation to State laws.

(a) In general.

(b) Greater protection under State law.

6808. Study of information sharing among financial affiliates.

(a) In general.

(b) Consultation.

(c) Report.

6809. Definitions.

SUBCHAPTER II - FRAUDULENT ACCESS TO FINANCIAL INFORMATION

6821. Privacy protection for customer information of financial

institutions.

(a) Prohibition on obtaining customer information by

false pretenses.

(b) Prohibition on solicitation of a person to obtain

customer information from financial institution

under false pretenses.

(c) Nonapplicability to law enforcement agencies.

(d) Nonapplicability to financial institutions in

certain cases.

(e) Nonapplicability to insurance institutions for

investigation of insurance fraud.

(f) Nonapplicability to certain types of customer

information of financial institutions.

(g) Nonapplicability to collection of child support

judgments.

6822. Administrative enforcement.

(a) Enforcement by Federal Trade Commission.

(b) Enforcement by other agencies in certain cases.

6823. Criminal penalty.

(a) In general.

(b) Enhanced penalty for aggravated cases.

6824. Relation to State laws.

(a) In general.

(b) Greater protection under State law.

6825. Agency guidance.

6826. Reports.

(a) Report to the Congress.

(b) Annual report by administering agencies.

6827. Definitions.

-SECREF-

CHAPTER REFERRED TO IN OTHER SECTIONS

This chapter is referred to in title 7 section 7b-2.

-CITE-

15 USC SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL

INFORMATION 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

.

-HEAD-

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

-CITE-

15 USC Sec. 6801 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

-HEAD-

Sec. 6801. Protection of nonpublic personal information

-STATUTE-

(a) Privacy obligation policy

It is the policy of the Congress that each financial institution

has an affirmative and continuing obligation to respect the privacy

of its customers and to protect the security and confidentiality of

those customers' nonpublic personal information.

(b) Financial institutions safeguards

In furtherance of the policy in subsection (a) of this section,

each agency or authority described in section 6805(a) of this title

shall establish appropriate standards for the financial

institutions subject to their jurisdiction relating to

administrative, technical, and physical safeguards -

(1) to insure the security and confidentiality of customer

records and information;

(2) to protect against any anticipated threats or hazards to

the security or integrity of such records; and

(3) to protect against unauthorized access to or use of such

records or information which could result in substantial harm or

inconvenience to any customer.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 501, Nov. 12, 1999, 113 Stat.

1436.)

-MISC1-

EFFECTIVE DATE

Pub. L. 106-102, title V, Sec. 510, Nov. 12, 1999, 113 Stat.

1445, provided that: ''This subtitle (subtitle A (Sec. 501-510) of

title V of Pub. L. 106-102, enacting this subchapter and amending

section 1681s of this title) shall take effect 6 months after the

date on which rules are required to be prescribed under section

504(a)(3) (15 U.S.C. 6804(a)(3)), except -

''(1) to the extent that a later date is specified in the rules

prescribed under section 504; and

''(2) that sections 504 (15 U.S.C. 6804) and 506 (enacting

section 6806 of this title and amending section 1681s of this

title) shall be effective upon enactment (Nov. 12, 1999).''

-SECREF-

SECTION REFERRED TO IN OTHER SECTIONS

This section is referred to in sections 6803, 6805 of this title.

-CITE-

15 USC Sec. 6802 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

-HEAD-

Sec. 6802. Obligations with respect to disclosures of personal

information

-STATUTE-

(a) Notice requirements

Except as otherwise provided in this subchapter, a financial

institution may not, directly or through any affiliate, disclose to

a nonaffiliated third party any nonpublic personal information,

unless such financial institution provides or has provided to the

consumer a notice that complies with section 6803 of this title.

(b) Opt out

(1) In general

A financial institution may not disclose nonpublic personal

information to a nonaffiliated third party unless -

(A) such financial institution clearly and conspicuously

discloses to the consumer, in writing or in electronic form or

other form permitted by the regulations prescribed under

section 6804 of this title, that such information may be

disclosed to such third party;

(B) the consumer is given the opportunity, before the time

that such information is initially disclosed, to direct that

such information not be disclosed to such third party; and

(C) the consumer is given an explanation of how the consumer

can exercise that nondisclosure option.

(2) Exception

This subsection shall not prevent a financial institution from

providing nonpublic personal information to a nonaffiliated third

party to perform services for or functions on behalf of the

financial institution, including marketing of the financial

institution's own products or services, or financial products or

services offered pursuant to joint agreements between two or more

financial institutions that comply with the requirements imposed

by the regulations prescribed under section 6804 of this title,

if the financial institution fully discloses the providing of

such information and enters into a contractual agreement with the

third party that requires the third party to maintain the

confidentiality of such information.

(c) Limits on reuse of information

Except as otherwise provided in this subchapter, a nonaffiliated

third party that receives from a financial institution nonpublic

personal information under this section shall not, directly or

through an affiliate of such receiving third party, disclose such

information to any other person that is a nonaffiliated third party

of both the financial institution and such receiving third party,

unless such disclosure would be lawful if made directly to such

other person by the financial institution.

(d) Limitations on the sharing of account number information for

marketing purposes

A financial institution shall not disclose, other than to a

consumer reporting agency, an account number or similar form of

access number or access code for a credit card account, deposit

account, or transaction account of a consumer to any nonaffiliated

third party for use in telemarketing, direct mail marketing, or

other marketing through electronic mail to the consumer.

(e) General exceptions

Subsections (a) and (b) of this section shall not prohibit the

disclosure of nonpublic personal information -

(1) as necessary to effect, administer, or enforce a

transaction requested or authorized by the consumer, or in

connection with -

(A) servicing or processing a financial product or service

requested or authorized by the consumer;

(B) maintaining or servicing the consumer's account with the

financial institution, or with another entity as part of a

private label credit card program or other extension of credit

on behalf of such entity; or

(C) a proposed or actual securitization, secondary market

sale (including sales of servicing rights), or similar

transaction related to a transaction of the consumer;

(2) with the consent or at the direction of the consumer;

(3)(A) to protect the confidentiality or security of the

financial institution's records pertaining to the consumer, the

service or product, or the transaction therein; (B) to protect

against or prevent actual or potential fraud, unauthorized

transactions, claims, or other liability; (C) for required

institutional risk control, or for resolving customer disputes or

inquiries; (D) to persons holding a legal or beneficial interest

relating to the consumer; or (E) to persons acting in a fiduciary

or representative capacity on behalf of the consumer;

(4) to provide information to insurance rate advisory

organizations, guaranty funds or agencies, applicable rating

agencies of the financial institution, persons assessing the

institution's compliance with industry standards, and the

institution's attorneys, accountants, and auditors;

(5) to the extent specifically permitted or required under

other provisions of law and in accordance with the Right to

Financial Privacy Act of 1978 (12 U.S.C. 3401 et seq.), to law

enforcement agencies (including a Federal functional regulator,

the Secretary of the Treasury with respect to subchapter II of

chapter 53 of title 31, and chapter 2 of title I of Public Law

91-508 (12 U.S.C. 1951-1959), a State insurance authority, or the

Federal Trade Commission), self-regulatory organizations, or for

an investigation on a matter related to public safety;

(6)(A) to a consumer reporting agency in accordance with the

Fair Credit Reporting Act (15 U.S.C. 1681 et seq.), or (B) from a

consumer report reported by a consumer reporting agency;

(7) in connection with a proposed or actual sale, merger,

transfer, or exchange of all or a portion of a business or

operating unit if the disclosure of nonpublic personal

information concerns solely consumers of such business or unit;

or

(8) to comply with Federal, State, or local laws, rules, and

other applicable legal requirements; to comply with a properly

authorized civil, criminal, or regulatory investigation or

subpoena or summons by Federal, State, or local authorities; or

to respond to judicial process or government regulatory

authorities having jurisdiction over the financial institution

for examination, compliance, or other purposes as authorized by

law.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 502, Nov. 12, 1999, 113 Stat.

1437.)

-REFTEXT-

REFERENCES IN TEXT

This subchapter, referred to in subsecs. (a) and (c), was in the

original ''this subtitle'', meaning subtitle A (Sec. 501 et seq.)

of title V of Pub. L. 106-102, Nov. 12, 1999, 113 Stat. 1436, which

enacted this subchapter and amended section 1681s of this title.

For complete classification of subtitle A to the Code, see Tables.

The Right to Financial Privacy Act of 1978, referred to in

subsec. (e)(5), is title XI of Pub. L. 95-630, Nov. 10, 1978, 92

Stat. 3697, as amended, which is classified generally to chapter 35

(Sec. 3401 et seq.) of Title 12, Banks and Banking. For complete

classification of this Act to the Code, see Short Title note set

out under section 3401 of Title 12 and Tables.

Chapter 2 of title I of Public Law 91-508, referred to in subsec.

(e)(5), is chapter 2 (Sec. 121-129) of title I of Pub. L. 91-508,

Oct. 26, 1970, 84 Stat. 1116, which is classified generally to

chapter 21 (Sec. 1951 et seq.) of Title 12, Banks and Banking. For

complete classification of chapter 2 to the Code, see Tables.

The Fair Credit Reporting Act, referred to in subsec. (e)(6)(A),

is title VI of Pub. L. 90-321, as added by Pub. L. 91-508, title

VI, Sec. 601, Oct. 26, 1970, 84 Stat. 1127, as amended, which is

classified generally to subchapter III (Sec. 1681 et seq.) of

chapter 41 of this title. For complete classification of this Act

to the Code, see Short Title note set out under section 1601 of

this title and Tables.

-SECREF-

SECTION REFERRED TO IN OTHER SECTIONS

This section is referred to in sections 6803, 6804, 6809 of this

title.

-CITE-

15 USC Sec. 6803 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

-HEAD-

Sec. 6803. Disclosure of institution privacy policy

-STATUTE-

(a) Disclosure required

At the time of establishing a customer relationship with a

consumer and not less than annually during the continuation of such

relationship, a financial institution shall provide a clear and

conspicuous disclosure to such consumer, in writing or in

electronic form or other form permitted by the regulations

prescribed under section 6804 of this title, of such financial

institution's policies and practices with respect to -

(1) disclosing nonpublic personal information to affiliates and

nonaffiliated third parties, consistent with section 6802 of this

title, including the categories of information that may be

disclosed;

(2) disclosing nonpublic personal information of persons who

have ceased to be customers of the financial institution; and

(3) protecting the nonpublic personal information of consumers.

Such disclosures shall be made in accordance with the regulations

prescribed under section 6804 of this title.

(b) Information to be included

The disclosure required by subsection (a) of this section shall

include -

(1) the policies and practices of the institution with respect

to disclosing nonpublic personal information to nonaffiliated

third parties, other than agents of the institution, consistent

with section 6802 of this title, and including -

(A) the categories of persons to whom the information is or

may be disclosed, other than the persons to whom the

information may be provided pursuant to section 6802(e) of this

title; and

(B) the policies and practices of the institution with

respect to disclosing of nonpublic personal information of

persons who have ceased to be customers of the financial

institution;

(2) the categories of nonpublic personal information that are

collected by the financial institution;

(3) the policies that the institution maintains to protect the

confidentiality and security of nonpublic personal information in

accordance with section 6801 of this title; and

(4) the disclosures required, if any, under section

1681a(d)(2)(A)(iii) of this title.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 503, Nov. 12, 1999, 113 Stat.

1439.)

-SECREF-

SECTION REFERRED TO IN OTHER SECTIONS

This section is referred to in section 6802 of this title.

-CITE-

15 USC Sec. 6804 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

-HEAD-

Sec. 6804. Rulemaking

-STATUTE-

(a) Regulatory authority

(1) Rulemaking

The Federal banking agencies, the National Credit Union

Administration, the Secretary of the Treasury, the Securities and

Exchange Commission, and the Federal Trade Commission shall each

prescribe, after consultation as appropriate with representatives

of State insurance authorities designated by the National

Association of Insurance Commissioners, such regulations as may

be necessary to carry out the purposes of this subchapter with

respect to the financial institutions subject to their

jurisdiction under section 6805 of this title.

(2) Coordination, consistency, and comparability

Each of the agencies and authorities required under paragraph

(1) to prescribe regulations shall consult and coordinate with

the other such agencies and authorities for the purposes of

assuring, to the extent possible, that the regulations prescribed

by each such agency and authority are consistent and comparable

with the regulations prescribed by the other such agencies and

authorities.

(3) Procedures and deadline

Such regulations shall be prescribed in accordance with

applicable requirements of title 5 and shall be issued in final

form not later than 6 months after November 12, 1999.

(b) Authority to grant exceptions

The regulations prescribed under subsection (a) of this section

may include such additional exceptions to subsections (a) through

(d) of section 6802 of this title as are deemed consistent with the

purposes of this subchapter.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 504, Nov. 12, 1999, 113 Stat.

1439.)

-SECREF-

SECTION REFERRED TO IN OTHER SECTIONS

This section is referred to in sections 6802, 6803, 6809 of this

title.

-CITE-

15 USC Sec. 6805 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

-HEAD-

Sec. 6805. Enforcement

-STATUTE-

(a) In general

This subchapter and the regulations prescribed thereunder shall

be enforced by the Federal functional regulators, the State

insurance authorities, and the Federal Trade Commission with

respect to financial institutions and other persons subject to

their jurisdiction under applicable law, as follows:

(1) Under section 1818 of title 12, in the case of -

(A) national banks, Federal branches and Federal agencies of

foreign banks, and any subsidiaries of such entities (except

brokers, dealers, persons providing insurance, investment

companies, and investment advisers), by the Office of the

Comptroller of the Currency;

(B) member banks of the Federal Reserve System (other than

national banks), branches and agencies of foreign banks (other

than Federal branches, Federal agencies, and insured State

branches of foreign banks), commercial lending companies owned

or controlled by foreign banks, organizations operating under

section 25 or 25A of the Federal Reserve Act (12 U.S.C. 601 et

seq., 611 et seq.), and bank holding companies and their

nonbank subsidiaries or affiliates (except brokers, dealers,

persons providing insurance, investment companies, and

investment advisers), by the Board of Governors of the Federal

Reserve System;

(C) banks insured by the Federal Deposit Insurance

Corporation (other than members of the Federal Reserve System),

insured State branches of foreign banks, and any subsidiaries

of such entities (except brokers, dealers, persons providing

insurance, investment companies, and investment advisers), by

the Board of Directors of the Federal Deposit Insurance

Corporation; and

(D) savings associations the deposits of which are insured by

the Federal Deposit Insurance Corporation, and any subsidiaries

of such savings associations (except brokers, dealers, persons

providing insurance, investment companies, and investment

advisers), by the Director of the Office of Thrift Supervision.

(2) Under the Federal Credit Union Act (12 U.S.C. 1751 et

seq.), by the Board of the National Credit Union Administration

with respect to any federally insured credit union, and any

subsidiaries of such an entity.

(3) Under the Securities Exchange Act of 1934 (15 U.S.C. 78a et

seq.), by the Securities and Exchange Commission with respect to

any broker or dealer.

(4) Under the Investment Company Act of 1940 (15 U.S.C. 80a-1

et seq.), by the Securities and Exchange Commission with respect

to investment companies.

(5) Under the Investment Advisers Act of 1940 (15 U.S.C. 80b-1

et seq.), by the Securities and Exchange Commission with respect

to investment advisers registered with the Commission under such

Act.

(6) Under State insurance law, in the case of any person

engaged in providing insurance, by the applicable State insurance

authority of the State in which the person is domiciled, subject

to section 6701 of this title.

(7) Under the Federal Trade Commission Act (15 U.S.C. 41 et

seq.), by the Federal Trade Commission for any other financial

institution or other person that is not subject to the

jurisdiction of any agency or authority under paragraphs (1)

through (6) of this subsection.

(b) Enforcement of section 6801

(1) In general

Except as provided in paragraph (2), the agencies and

authorities described in subsection (a) of this section shall

implement the standards prescribed under section 6801(b) of this

title in the same manner, to the extent practicable, as standards

prescribed pursuant to section 1831p-1(a) of title 12 are

implemented pursuant to such section.

(2) Exception

The agencies and authorities described in paragraphs (3), (4),

(5), (6), and (7) of subsection (a) of this section shall

implement the standards prescribed under section 6801(b) of this

title by rule with respect to the financial institutions and

other persons subject to their respective jurisdictions under

subsection (a) of this section.

(c) Absence of State action

If a State insurance authority fails to adopt regulations to

carry out this subchapter, such State shall not be eligible to

override, pursuant to section 1831x(g)(2)(B)(iii) of title 12, the

insurance customer protection regulations prescribed by a Federal

banking agency under section 1831x(a) of title 12.

(d) Definitions

The terms used in subsection (a)(1) of this section that are not

defined in this subchapter or otherwise defined in section 1813(s)

of title 12 shall have the same meaning as given in section 3101 of

title 12.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 505, Nov. 12, 1999, 113 Stat.

1440.)

-REFTEXT-

REFERENCES IN TEXT

Section 25 of the Federal Reserve Act, referred to in subsec.

(a)(1)(B), is classified to subchapter I (Sec. 601 et seq.) of

chapter 6 of Title 12, Banks and Banking. Section 25A of the

Federal Reserve Act is classified to subchapter II (Sec. 611 et

seq.) of chapter 6 of Title 12.

The Federal Credit Union Act, referred to in subsec. (a)(2), is

act June 26, 1934, ch. 750, 48 Stat. 1216, as amended, which is

classified generally to chapter 14 (Sec. 1751 et seq.) of Title 12,

Banks and Banking. For complete classification of this Act to the

Code, see section 1751 of Title 12 and Tables.

The Securities Exchange Act of 1934, referred to in subsec.

(a)(3), is act June 6, 1934, ch. 404, 48 Stat. 881, as amended,

which is classified principally to chapter 2B (Sec. 78a et seq.) of

this title. For complete classification of this Act to the Code,

see section 78a of this title and Tables.

The Investment Company Act of 1940, referred to in subsec.

(a)(4), is title I of act Aug. 22, 1940, ch. 686, 54 Stat. 789, as

amended, which is classified generally to subchapter I (Sec. 80a-1

et seq.) of chapter 2D of this title. For complete classification

of this Act to the Code, see section 80a-51 of this title and

Tables.

The Investment Advisers Act of 1940, referred to in subsec.

(a)(5), is title II of act Aug. 22, 1940, ch. 686, 54 Stat. 847, as

amended, which is classified generally to subchapter II (Sec. 80b-1

et seq.) of chapter 2D of this title. For complete classification

of this Act to the Code, see section 80b-20 of this title and

Tables.

The Federal Trade Commission Act, referred to in subsec. (a)(7),

is act Sept. 26, 1914, ch. 311, 38 Stat. 717, as amended, which is

classified generally to subchapter I (Sec. 41 et seq.) of chapter 2

of this title. For complete classification of this Act to the

Code, see section 58 of this title and Tables.

-SECREF-

SECTION REFERRED TO IN OTHER SECTIONS

This section is referred to in sections 6801, 6804, 6807 of this

title.

-CITE-

15 USC Sec. 6806 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

-HEAD-

Sec. 6806. Relation to other provisions

-STATUTE-

Except for the amendments made by subsections (a) and (b),

nothing in this chapter shall be construed to modify, limit, or

supersede the operation of the Fair Credit Reporting Act (15 U.S.C.

1681 et seq.), and no inference shall be drawn on the basis of the

provisions of this chapter regarding whether information is

transaction or experience information under section 603 of such Act

(15 U.S.C. 1681a).

-SOURCE-

(Pub. L. 106-102, title V, Sec. 506(c), Nov. 12, 1999, 113 Stat.

1442.)

-REFTEXT-

REFERENCES IN TEXT

Amendments made by subsections (a) and (b), referred to in text,

means amendments made by section 506(a) and (b) of Pub. L. 106-102,

which amended section 1681s of this title.

This chapter, referred to in text, was in the original ''this

title'', meaning title V of Pub. L. 106-102, Nov. 12, 1999, 113

Stat. 1436, as amended, which enacted this chapter and amended

section 1681s of this title. For complete classification of title

V to the Code, see Tables.

The Fair Credit Reporting Act, referred to in text, is title VI

of Pub. L. 90-321, as added by Pub. L. 91-508, title VI, Sec. 601,

Oct. 26, 1970, 84 Stat. 1127, as amended, which is classified

generally to subchapter III (Sec. 1681 et seq.) of chapter 41 of

this title. For complete classification of this Act to the Code,

see Short Title note set out under section 1601 of this title and

Tables.

-CITE-

15 USC Sec. 6807 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

-HEAD-

Sec. 6807. Relation to State laws

-STATUTE-

(a) In general

This subchapter and the amendments made by this subchapter shall

not be construed as superseding, altering, or affecting any

statute, regulation, order, or interpretation in effect in any

State, except to the extent that such statute, regulation, order,

or interpretation is inconsistent with the provisions of this

subchapter, and then only to the extent of the inconsistency.

(b) Greater protection under State law

For purposes of this section, a State statute, regulation, order,

or interpretation is not inconsistent with the provisions of this

subchapter if the protection such statute, regulation, order, or

interpretation affords any person is greater than the protection

provided under this subchapter and the amendments made by this

subchapter, as determined by the Federal Trade Commission, after

consultation with the agency or authority with jurisdiction under

section 6805(a) of this title of either the person that initiated

the complaint or that is the subject of the complaint, on its own

motion or upon the petition of any interested party.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 507, Nov. 12, 1999, 113 Stat.

1442.)

-REFTEXT-

REFERENCES IN TEXT

This subchapter, referred to in text, was in the original ''this

subtitle'', meaning subtitle A (Sec. 501-510) of title V of Pub. L.

106-102, Nov. 12, 1999, 113 Stat. 1436, which enacted this

subchapter and amended section 1681s of this title. For complete

classification of subtitle A to the Code, see Tables.

-CITE-

15 USC Sec. 6808 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

-HEAD-

Sec. 6808. Study of information sharing among financial affiliates

-STATUTE-

(a) In general

The Secretary of the Treasury, in conjunction with the Federal

functional regulators and the Federal Trade Commission, shall

conduct a study of information sharing practices among financial

institutions and their affiliates. Such study shall include -

(1) the purposes for the sharing of confidential customer

information with affiliates or with nonaffiliated third parties;

(2) the extent and adequacy of security protections for such

information;

(3) the potential risks for customer privacy of such sharing of

information;

(4) the potential benefits for financial institutions and

affiliates of such sharing of information;

(5) the potential benefits for customers of such sharing of

information;

(6) the adequacy of existing laws to protect customer privacy;

(7) the adequacy of financial institution privacy policy and

privacy rights disclosure under existing law;

(8) the feasibility of different approaches, including opt-out

and opt-in, to permit customers to direct that confidential

information not be shared with affiliates and nonaffiliated third

parties; and

(9) the feasibility of restricting sharing of information for

specific uses or of permitting customers to direct the uses for

which information may be shared.

(b) Consultation

The Secretary shall consult with representatives of State

insurance authorities designated by the National Association of

Insurance Commissioners, and also with financial services industry,

consumer organizations and privacy groups, and other

representatives of the general public, in formulating and

conducting the study required by subsection (a) of this section.

(c) Report

On or before January 1, 2002, the Secretary shall submit a report

to the Congress containing the findings and conclusions of the

study required under subsection (a) of this section, together with

such recommendations for legislative or administrative action as

may be appropriate.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 508, Nov. 12, 1999, 113 Stat.

1442.)

-CITE-

15 USC Sec. 6809 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER I - DISCLOSURE OF NONPUBLIC PERSONAL INFORMATION

-HEAD-

Sec. 6809. Definitions

-STATUTE-

As used in this subchapter:

(1) Federal banking agency

The term ''Federal banking agency'' has the same meaning as

given in section 1813 of title 12.

(2) Federal functional regulator

The term ''Federal functional regulator'' means -

(A) the Board of Governors of the Federal Reserve System;

(B) the Office of the Comptroller of the Currency;

(C) the Board of Directors of the Federal Deposit Insurance

Corporation;

(D) the Director of the Office of Thrift Supervision;

(E) the National Credit Union Administration Board; and

(F) the Securities and Exchange Commission.

(3) Financial institution

(A) In general

The term ''financial institution'' means any institution the

business of which is engaging in financial activities as

described in section 1843(k) of title 12.

(B) Persons subject to CFTC regulation

Notwithstanding subparagraph (A), the term ''financial

institution'' does not include any person or entity with

respect to any financial activity that is subject to the

jurisdiction of the Commodity Futures Trading Commission under

the Commodity Exchange Act (7 U.S.C. 1 et seq.).

(C) Farm credit institutions

Notwithstanding subparagraph (A), the term ''financial

institution'' does not include the Federal Agricultural

Mortgage Corporation or any entity chartered and operating

under the Farm Credit Act of 1971 (12 U.S.C. 2001 et seq.).

(D) Other secondary market institutions

Notwithstanding subparagraph (A), the term ''financial

institution'' does not include institutions chartered by

Congress specifically to engage in transactions described in

section 6802(e)(1)(C) of this title, as long as such

institutions do not sell or transfer nonpublic personal

information to a nonaffiliated third party.

(4) Nonpublic personal information

(A) The term ''nonpublic personal information'' means

personally identifiable financial information -

(i) provided by a consumer to a financial institution;

(ii) resulting from any transaction with the consumer or any

service performed for the consumer; or

(iii) otherwise obtained by the financial institution.

(B) Such term does not include publicly available information,

as such term is defined by the regulations prescribed under

section 6804 of this title.

(C) Notwithstanding subparagraph (B), such term -

(i) shall include any list, description, or other grouping of

consumers (and publicly available information pertaining to

them) that is derived using any nonpublic personal information

other than publicly available information; but

(ii) shall not include any list, description, or other

grouping of consumers (and publicly available information

pertaining to them) that is derived without using any nonpublic

personal information.

(5) Nonaffiliated third party

The term ''nonaffiliated third party'' means any entity that is

not an affiliate of, or related by common ownership or affiliated

by corporate control with, the financial institution, but does

not include a joint employee of such institution.

(6) Affiliate

The term ''affiliate'' means any company that controls, is

controlled by, or is under common control with another company.

(7) Necessary to effect, administer, or enforce

The term ''as necessary to effect, administer, or enforce the

transaction'' means -

(A) the disclosure is required, or is a usual, appropriate,

or acceptable method, to carry out the transaction or the

product or service business of which the transaction is a part,

and record or service or maintain the consumer's account in the

ordinary course of providing the financial service or financial

product, or to administer or service benefits or claims

relating to the transaction or the product or service business

of which it is a part, and includes -

(i) providing the consumer or the consumer's agent or

broker with a confirmation, statement, or other record of the

transaction, or information on the status or value of the

financial service or financial product; and

(ii) the accrual or recognition of incentives or bonuses

associated with the transaction that are provided by the

financial institution or any other party;

(B) the disclosure is required, or is one of the lawful or

appropriate methods, to enforce the rights of the financial

institution or of other persons engaged in carrying out the

financial transaction, or providing the product or service;

(C) the disclosure is required, or is a usual, appropriate,

or acceptable method, for insurance underwriting at the

consumer's request or for reinsurance purposes, or for any of

the following purposes as they relate to a consumer's

insurance: Account administration, reporting, investigating, or

preventing fraud or material misrepresentation, processing

premium payments, processing insurance claims, administering

insurance benefits (including utilization review activities),

participating in research projects, or as otherwise required or

specifically permitted by Federal or State law; or

(D) the disclosure is required, or is a usual, appropriate or

acceptable method, in connection with -

(i) the authorization, settlement, billing, processing,

clearing, transferring, reconciling, or collection of amounts

charged, debited, or otherwise paid using a debit, credit or

other payment card, check, or account number, or by other

payment means;

(ii) the transfer of receivables, accounts or interests

therein; or

(iii) the audit of debit, credit or other payment

information.

(8) State insurance authority

The term ''State insurance authority'' means, in the case of

any person engaged in providing insurance, the State insurance

authority of the State in which the person is domiciled.

(9) Consumer

The term ''consumer'' means an individual who obtains, from a

financial institution, financial products or services which are

to be used primarily for personal, family, or household purposes,

and also means the legal representative of such an individual.

(10) Joint agreement

The term ''joint agreement'' means a formal written contract

pursuant to which two or more financial institutions jointly

offer, endorse, or sponsor a financial product or service, and as

may be further defined in the regulations prescribed under

section 6804 of this title.

(11) Customer relationship

The term ''time of establishing a customer relationship'' shall

be defined by the regulations prescribed under section 6804 of

this title, and shall, in the case of a financial institution

engaged in extending credit directly to consumers to finance

purchases of goods or services, mean the time of establishing the

credit relationship with the consumer.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 509, Nov. 12, 1999, 113 Stat.

1443.)

-REFTEXT-

REFERENCES IN TEXT

The Commodity Exchange Act, referred to in par. (3)(B), is act

Sept. 21, 1922, ch. 369, 42 Stat. 998, as amended, which is

classified generally to chapter 1 (Sec. 1 et seq.) of Title 7,

Agriculture. For complete classification of this Act to the Code,

see section 1 of Title 7 and Tables.

The Farm Credit Act of 1971, referred to in par. (3)(C), is Pub.

L. 92-181, Dec. 10, 1971, 85 Stat. 583, as amended, which is

classified generally to chapter 23 (Sec. 2001 et seq.) of Title 12,

Banks and Banking. For complete classification of this Act to the

Code, see Short Title note set out under section 2001 of Title 12

and Tables.

-SECREF-

SECTION REFERRED TO IN OTHER SECTIONS

This section is referred to in section 7215 of this title; title

7 section 7b-2; title 31 sections 5318, 5318A.

-CITE-

15 USC SUBCHAPTER II - FRAUDULENT ACCESS TO FINANCIAL

INFORMATION 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER II - FRAUDULENT ACCESS TO FINANCIAL INFORMATION

.

-HEAD-

SUBCHAPTER II - FRAUDULENT ACCESS TO FINANCIAL INFORMATION

-CITE-

15 USC Sec. 6821 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER II - FRAUDULENT ACCESS TO FINANCIAL INFORMATION

-HEAD-

Sec. 6821. Privacy protection for customer information of financial

institutions

-STATUTE-

(a) Prohibition on obtaining customer information by false

pretenses

It shall be a violation of this subchapter for any person to

obtain or attempt to obtain, or cause to be disclosed or attempt to

cause to be disclosed to any person, customer information of a

financial institution relating to another person -

(1) by making a false, fictitious, or fraudulent statement or

representation to an officer, employee, or agent of a financial

institution;

(2) by making a false, fictitious, or fraudulent statement or

representation to a customer of a financial institution; or

(3) by providing any document to an officer, employee, or agent

of a financial institution, knowing that the document is forged,

counterfeit, lost, or stolen, was fraudulently obtained, or

contains a false, fictitious, or fraudulent statement or

representation.

(b) Prohibition on solicitation of a person to obtain customer

information from financial institution under false pretenses

It shall be a violation of this subchapter to request a person to

obtain customer information of a financial institution, knowing

that the person will obtain, or attempt to obtain, the information

from the institution in any manner described in subsection (a) of

this section.

(c) Nonapplicability to law enforcement agencies

No provision of this section shall be construed so as to prevent

any action by a law enforcement agency, or any officer, employee,

or agent of such agency, to obtain customer information of a

financial institution in connection with the performance of the

official duties of the agency.

(d) Nonapplicability to financial institutions in certain cases

No provision of this section shall be construed so as to prevent

any financial institution, or any officer, employee, or agent of a

financial institution, from obtaining customer information of such

financial institution in the course of -

(1) testing the security procedures or systems of such

institution for maintaining the confidentiality of customer

information;

(2) investigating allegations of misconduct or negligence on

the part of any officer, employee, or agent of the financial

institution; or

(3) recovering customer information of the financial

institution which was obtained or received by another person in

any manner described in subsection (a) or (b) of this section.

(e) Nonapplicability to insurance institutions for investigation of

insurance fraud

No provision of this section shall be construed so as to prevent

any insurance institution, or any officer, employee, or agency of

an insurance institution, from obtaining information as part of an

insurance investigation into criminal activity, fraud, material

misrepresentation, or material nondisclosure that is authorized for

such institution under State law, regulation, interpretation, or

order.

(f) Nonapplicability to certain types of customer information of

financial institutions

No provision of this section shall be construed so as to prevent

any person from obtaining customer information of a financial

institution that otherwise is available as a public record filed

pursuant to the securities laws (as defined in section 78c(a)(47)

of this title).

(g) Nonapplicability to collection of child support judgments

No provision of this section shall be construed to prevent any

State-licensed private investigator, or any officer, employee, or

agent of such private investigator, from obtaining customer

information of a financial institution, to the extent reasonably

necessary to collect child support from a person adjudged to have

been delinquent in his or her obligations by a Federal or State

court, and to the extent that such action by a State-licensed

private investigator is not unlawful under any other Federal or

State law or regulation, and has been authorized by an order or

judgment of a court of competent jurisdiction.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 521, Nov. 12, 1999, 113 Stat.

1446.)

-SECREF-

SECTION REFERRED TO IN OTHER SECTIONS

This section is referred to in sections 6823, 6825 of this title.

-CITE-

15 USC Sec. 6822 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER II - FRAUDULENT ACCESS TO FINANCIAL INFORMATION

-HEAD-

Sec. 6822. Administrative enforcement

-STATUTE-

(a) Enforcement by Federal Trade Commission

Except as provided in subsection (b) of this section, compliance

with this subchapter shall be enforced by the Federal Trade

Commission in the same manner and with the same power and authority

as the Commission has under the Fair Debt Collection Practices Act

(15 U.S.C. 1692 et seq.) to enforce compliance with such Act.

(b) Enforcement by other agencies in certain cases

(1) In general

Compliance with this subchapter shall be enforced under -

(A) section 8 of the Federal Deposit Insurance Act (12 U.S.C.

1818), in the case of -

(i) national banks, and Federal branches and Federal

agencies of foreign banks, by the Office of the Comptroller

of the Currency;

(ii) member banks of the Federal Reserve System (other than

national banks), branches and agencies of foreign banks

(other than Federal branches, Federal agencies, and insured

State branches of foreign banks), commercial lending

companies owned or controlled by foreign banks, and

organizations operating under section 25 or 25A of the

Federal Reserve Act (12 U.S.C. 601 et seq., 611 et seq.), by

the Board;

(iii) banks insured by the Federal Deposit Insurance

Corporation (other than members of the Federal Reserve System

and national nonmember banks) and insured State branches of

foreign banks, by the Board of Directors of the Federal

Deposit Insurance Corporation; and

(iv) savings associations the deposits of which are insured

by the Federal Deposit Insurance Corporation, by the Director

of the Office of Thrift Supervision; and

(B) the Federal Credit Union Act (12 U.S.C. 1751 et seq.), by

the Administrator of the National Credit Union Administration

with respect to any Federal credit union.

(2) Violations of this subchapter treated as violations of other

laws

For the purpose of the exercise by any agency referred to in

paragraph (1) of its powers under any Act referred to in that

paragraph, a violation of this subchapter shall be deemed to be a

violation of a requirement imposed under that Act. In addition to

its powers under any provision of law specifically referred to in

paragraph (1), each of the agencies referred to in that paragraph

may exercise, for the purpose of enforcing compliance with this

subchapter, any other authority conferred on such agency by law.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 522, Nov. 12, 1999, 113 Stat.

1447.)

-REFTEXT-

REFERENCES IN TEXT

The Fair Debt Collection Practices Act, referred to in subsec.

(a), is title VIII of Pub. L. 90-321, as added by Pub. L. 95-109,

Sept. 20, 1977, 91 Stat. 874, as amended, which is classified

generally to subchapter V (Sec. 1692 et seq.) of chapter 41 of this

title. For complete classification of this Act to the Code, see

Short Title note set out under section 1601 of this title and

Tables.

Section 25 of the Federal Reserve Act, referred to in subsec.

(b)(1)(A)(ii), is classified to subchapter I (Sec. 601 et seq.) of

chapter 6 of Title 12, Banks and Banking. Section 25A of the

Federal Reserve Act is classified to subchapter II (Sec. 611 et

seq.) of chapter 6 of Title 12.

The Federal Credit Union Act, referred to in subsec. (b)(1)(B),

is act June 26, 1934, ch. 750, 48 Stat. 1216, as amended, which is

classified generally to chapter 14 (Sec. 1751 et seq.) of Title 12,

Banks and Banking. For complete classification of this Act to the

Code, see section 1751 of Title 12 and Tables.

-SECREF-

SECTION REFERRED TO IN OTHER SECTIONS

This section is referred to in section 6824 of this title.

-CITE-

15 USC Sec. 6823 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER II - FRAUDULENT ACCESS TO FINANCIAL INFORMATION

-HEAD-

Sec. 6823. Criminal penalty

-STATUTE-

(a) In general

Whoever knowingly and intentionally violates, or knowingly and

intentionally attempts to violate, section 6821 of this title shall

be fined in accordance with title 18 or imprisoned for not more

than 5 years, or both.

(b) Enhanced penalty for aggravated cases

Whoever violates, or attempts to violate, section 6821 of this

title while violating another law of the United States or as part

of a pattern of any illegal activity involving more than $100,000

in a 12-month period shall be fined twice the amount provided in

subsection (b)(3) or (c)(3) (as the case may be) of section 3571 of

title 18, imprisoned for not more than 10 years, or both.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 523, Nov. 12, 1999, 113 Stat.

1448.)

-CITE-

15 USC Sec. 6824 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER II - FRAUDULENT ACCESS TO FINANCIAL INFORMATION

-HEAD-

Sec. 6824. Relation to State laws

-STATUTE-

(a) In general

This subchapter shall not be construed as superseding, altering,

or affecting the statutes, regulations, orders, or interpretations

in effect in any State, except to the extent that such statutes,

regulations, orders, or interpretations are inconsistent with the

provisions of this subchapter, and then only to the extent of the

inconsistency.

(b) Greater protection under State law

For purposes of this section, a State statute, regulation, order,

or interpretation is not inconsistent with the provisions of this

subchapter if the protection such statute, regulation, order, or

interpretation affords any person is greater than the protection

provided under this subchapter as determined by the Federal Trade

Commission, after consultation with the agency or authority with

jurisdiction under section 6822 of this title of either the person

that initiated the complaint or that is the subject of the

complaint, on its own motion or upon the petition of any interested

party.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 524, Nov. 12, 1999, 113 Stat.

1448.)

-CITE-

15 USC Sec. 6825 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER II - FRAUDULENT ACCESS TO FINANCIAL INFORMATION

-HEAD-

Sec. 6825. Agency guidance

-STATUTE-

In furtherance of the objectives of this subchapter, each Federal

banking agency (as defined in section 1813(z) of title 12), the

National Credit Union Administration, and the Securities and

Exchange Commission or self-regulatory organizations, as

appropriate, shall review regulations and guidelines applicable to

financial institutions under their respective jurisdictions and

shall prescribe such revisions to such regulations and guidelines

as may be necessary to ensure that such financial institutions have

policies, procedures, and controls in place to prevent the

unauthorized disclosure of customer financial information and to

deter and detect activities proscribed under section 6821 of this

title.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 525, Nov. 12, 1999, 113 Stat.

1448.)

-CITE-

15 USC Sec. 6826 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER II - FRAUDULENT ACCESS TO FINANCIAL INFORMATION

-HEAD-

Sec. 6826. Reports

-STATUTE-

(a) Report to the Congress

Before the end of the 18-month period beginning on November 12,

1999, the Comptroller General, in consultation with the Federal

Trade Commission, Federal banking agencies, the National Credit

Union Administration, the Securities and Exchange Commission,

appropriate Federal law enforcement agencies, and appropriate State

insurance regulators, shall submit to the Congress a report on the

following:

(1) The efficacy and adequacy of the remedies provided in this

subchapter in addressing attempts to obtain financial information

by fraudulent means or by false pretenses.

(2) Any recommendations for additional legislative or

regulatory action to address threats to the privacy of financial

information created by attempts to obtain information by

fraudulent means or false pretenses.

(b) Annual report by administering agencies

The Federal Trade Commission and the Attorney General shall

submit to Congress an annual report on number and disposition of

all enforcement actions taken pursuant to this subchapter.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 526, Nov. 12, 1999, 113 Stat.

1448.)

-CITE-

15 USC Sec. 6827 01/06/03

-EXPCITE-

TITLE 15 - COMMERCE AND TRADE

CHAPTER 94 - PRIVACY

SUBCHAPTER II - FRAUDULENT ACCESS TO FINANCIAL INFORMATION

-HEAD-

Sec. 6827. Definitions

-STATUTE-

For purposes of this subchapter, the following definitions shall

apply:

(1) Customer

The term ''customer'' means, with respect to a financial

institution, any person (or authorized representative of a

person) to whom the financial institution provides a product or

service, including that of acting as a fiduciary.

(2) Customer information of a financial institution

The term ''customer information of a financial institution''

means any information maintained by or for a financial

institution which is derived from the relationship between the

financial institution and a customer of the financial institution

and is identified with the customer.

(3) Document

The term ''document'' means any information in any form.

(4) Financial institution

(A) In general

The term ''financial institution'' means any institution

engaged in the business of providing financial services to

customers who maintain a credit, deposit, trust, or other

financial account or relationship with the institution.

(B) Certain financial institutions specifically included

The term ''financial institution'' includes any depository

institution (as defined in section 461(b)(1)(A) of title 12),

any broker or dealer, any investment adviser or investment

company, any insurance company, any loan or finance company,

any credit card issuer or operator of a credit card system, and

any consumer reporting agency that compiles and maintains files

on consumers on a nationwide basis (as defined in section

1681a(p) of this title).

(C) Securities institutions

For purposes of subparagraph (B) -

(i) the terms ''broker'' and ''dealer'' have the same

meanings as given in section 78c of this title;

(ii) the term ''investment adviser'' has the same meaning

as given in section 80b-2(a)(11) of this title; and

(iii) the term ''investment company'' has the same meaning

as given in section 80a-3 of this title.

(D) Certain persons and entities specifically excluded

The term ''financial institution'' does not include any

person or entity with respect to any financial activity that is

subject to the jurisdiction of the Commodity Futures Trading

Commission under the Commodity Exchange Act (7 U.S.C. 1 et

seq.) and does not include the Federal Agricultural Mortgage

Corporation or any entity chartered and operating under the

Farm Credit Act of 1971 (12 U.S.C. 2001 et seq.).

(E) Further definition by regulation

The Federal Trade Commission, after consultation with Federal

banking agencies and the Securities and Exchange Commission,

may prescribe regulations clarifying or describing the types of

institutions which shall be treated as financial institutions

for purposes of this subchapter.

-SOURCE-

(Pub. L. 106-102, title V, Sec. 527, Nov. 12, 1999, 113 Stat.

1449.)

-REFTEXT-

REFERENCES IN TEXT

The Commodity Exchange Act, referred to in par. (4)(D), is act

Sept. 21, 1922, ch. 369, 42 Stat. 998, as amended, which is

classified generally to chapter 1 (Sec. 1 et seq.) of Title 7,

Agriculture. For complete classification of this Act to the Code,

see section 1 of Title 7 and Tables.

The Farm Credit Act of 1971, referred to in par. (4)(D), is Pub.

L. 92-181, Dec. 10, 1971, 85 Stat. 583, as amended, which is

classified generally to chapter 23 (Sec. 2001 et seq.) of Title 12,

Banks and Banking. For complete classification of this Act to the

Code, see Short Title note set out under section 2001 of Title 12

and Tables.

-CITE-