Module 8 Flashcards
(22 cards)
Fair Credit Reporting Act (or FCRA)
the first federal law to regulate the use of personal information by private businesses, to mandate accurate and relevant data collection and limit the use of consumer reports to defined permissible purposes.
consumer reporting agencies (CRAs)
compile or evaluate personal information to furnish consumer reports to third parties for a fee
“consumer report”
is any communication by a CRA, related to an individual, which is used to establish that individual’s eligibility for credit, insurance, employment, etc.
FCRA limits the use of medical information obtained from a CRA. If needed for employment purposes, written consent is needed, and medical information must be relevant
“investigative consumer report”
gives information about a one’s character, reputation, mode of living, etc. and is obtained through a personal interview
The FCRA mandates accurate and relevant data collection and provides privacy rights in consumer reports:
Consumers have the ability to access and correct their information
Limits use of consumer reports to “permissible purposes”
The FTC, the Consumer Financial Protection Bureau (or CFPB), and state attorneys general enforcement of the FCRA through:
Dispute resolution
Private right of action
Government actions
Fair and Accurate Credit Transactions Act (or FACTA).
amended the FCRA
The truncation of credit and debit card numbers; affording consumers the right to an explanation of their credit scores, as well as the right to a free annual credit report* from each of the three national credit agencies; and requiring regulators to implement the Disposal Rule and the Red Flags Rule.
The FACTA Disposal Rule
requires any individual or entity that uses a consumer report, or information derived from a consumer report for a business purpose, to dispose of that consumer information in a way that prevents unauthorized access and misuse of the data. This rule can be enforced at both the federal and state levels and may lead to civil litigation.
The Red Flags Rule
under FACTA
requires certain financial entities to develop and implement written identity theft detection programs that can identify and respond to “red flags” that signal identity theft. It also applies to all other entities that hold a “transaction account” belonging to a consumer.
The Gramm-Leach-Bliley Act (or GLBA)
regulates financial institutions and their management of nonpublic personal information. This includes providing notice of their policies regarding sharing personal financial information and the choice to opt out.
GLBA Privacy Rule
requires financial institutions to provide initial and annual privacy notices that are clear, conspicuous and accurate, and inform customers of their right to opt out and process opt-out requests within 30 days.
allows financial institutions to share any information they have with their affiliated and nonaffiliated companies, joint marketing partners and other third parties provided that the notice standard is met and the FCRA-mandated “opt-out” is offered.
GLBA Privacy Notices must include:
What is collected
With whom information is being shared
How information will be safeguarded
How consumers can opt out
GLBA Information sharing
Once notice and opt-out standards have been met, consumer information may be shared with: • Affiliated companies • Joint marketing partners • Nonaffiliated companies • Other third parties
GLBA Compliance
Comply
with regulatory standards established by government authorities to:
• Protect the security and confidentiality of customer information
• Protect against security threats and unauthorized access to or uses of customer
information
California Financial Information Privacy Act (SB-1)
expands the financial privacy protections afforded under GLBA, it increases the disclosure requirements of financial institutions and grants consumers increased rights with regard to information- sharing, including the ability to opt out of information sharing between their financial institutions and affiliates not in the same line of business.
the Dodd-Frank Wall Street Reform and Consumer Protection Act,
The act created the new Consumer Financial Protection Bureau (CFPB) as an independent bureau within the Federal Reserve that oversees the relationship between consumers and financial product and services providers.
What does CRA stand for?
Consumer reporting agencies
What are provisions of the Fair Credit Reporting Act (FCRA)?
Consumers have the ability to access and correct their information
Use of consumer reports is limited to “permissible purposes”
True or false? The Fair Credit Reporting Act (FCRA) amended the Fair and Accurate Credit Transactions Act (FACTA).
False
True or false? The FACTA Disposal Rule requires any entity that uses a consumer report for a business purpose to dispose of it in a way that prevents unauthorized access and misuse of the data.
True
Which act regulates financial institutions and their management of nonpublic personal information?
Gramm-Leach-Bliley Act (GLBA)
Which authority was created by the Dodd-Frank Wall Street Reform and Consumer Protection Act?
Consumer Financial Protection Bureau (CFPB)
