Font Size: AAA // Print // Bookmark

Financial Privacy

  • The Gramm-Leach-Bliley Act imposes restrictions on the ability of financial institutions to disclose non-public personal information about consumers to nonaffiliated third parties and requires financial institutions to provide privacy notices to consumers.

    Entities subject to the CFTC’s jurisdiction became subject to the privacy provisions of the Gramm-Leach-Bliley Act when Congress enacted the Commodity Futures Modernization Act of 2000 (CFMA). The CFMA amended the Commodity Exchange Act by adding a new section on privacy to the Commodity Exchange Act, Section 5g, 7 USC 7b-2.

    The CFTC adopted rules, 17 CFR Part 160, implementing the privacy provisions of the Gramm-Leach-Bliley Act on April 27, 2001. Futures commission merchants, commodity trading advisors, commodity pool operators, and introducing brokers were required to comply with those rules by March 31, 2002.

    Privacy rules have been adopted by:

    • Federal Reserve Board
    • Department of Treasury, Office of the Comptroller of the Currency
    • Department of Treasury, Office of Thrift Supervision
    • Federal Deposit Insurance Corporation
    • Federal Trade Commission
    • National Credit Union Administration
    • Securities and Exchange Commission

    CFTC staff issued interpretative guidance to assist firms in complying with the privacy rules:

    • Applicability of CFTC Privacy Rules to Operators of Certain Hedge Funds, CFTC Letter No. 01-48 (May 31, 2001)
    • Applicability of CFTC Privacy Rules to Institutional Investors, Including Pension Funds, CFTC Letter No. 01-70 (July 6, 2001)

    How to provide effective financial privacy notices was discussed at an interagency workshop in 2001 at the Federal Trade Commission. Transcripts, audio, and other workshop materials are available at Get Noticed: Effective Financial Privacy Notices.

    Resources available to help individuals understand their rights to financial privacy include