Final Model Privacy Form Under the Gramm-Leach-Bliley Act
A Small Entity Compliance Guide
April 15, 2010
The Securities and Exchange Commission (“SEC”) issued a guidance document titled Final Model Privacy Form Under the Gramm-Leach-Bliley Act to help small entities comply with privacy notice requirements established by the GLB Act. Here's a summary of the key points:
1. Background and Purpose. The SEC, along with other federal agencies, updated rules to enhance consumer understanding of privacy practices in financial institutions. Under the GLB Act, certain entities (brokers, dealers, investment advisers, and investment companies) are required to provide initial and annual privacy notices detailing their information-sharing practices and customers' opt-out rights.
2. Model Privacy Form. A two-page model privacy form was introduced to simplify the disclosure of information-sharing practices, making it easier for consumers to compare different institutions. Using this model form provides a safe harbor for compliance with the privacy notice requirements.
3. Requirements for Using the Model Privacy Form. SEC entities must present the form clearly and intact, ensuring customers can easily retain it. The form must maintain specific page orientation, format, and order as outlined in the regulations. Entities can only customize the form in designated areas (shown in brackets) and must not alter the core content.
4. Flexibility in Form Use. The form can be printed on both sides or incorporated into other documents, provided it remains clear and conspicuous. It can be shared jointly by affiliated institutions, feature color and logos, and be printed on different paper sizes, adhering to minimum font size and layout requirements. Information on state and international privacy laws can be included in specified sections, and entities can also provide a mail-in opt-out form. The model form may be translated into other languages.
5. Online Resources. The SEC provides an online model privacy form builder for entities to create customized notices easily.
6. Changes to Existing Guidelines. The amendments eliminate previous sample clauses and guidance from Regulation S-P starting January 1, 2012. After December 31, 2010, only the final model privacy form will offer a safe harbor for compliance. While other notice types are allowed, they must still comply with the GLB Act and Regulation S-P.
7. Compliance Support. This guide serves as a compliance tool for small entities, summarizing the regulatory changes without substituting the actual regulations, which provide the definitive requirements.
This guidance aims to streamline the process for financial institutions to inform customers about their privacy practices while ensuring compliance with federal regulations.
For more information, see here: https://www.sec.gov/divisions/marketreg/tmcompliance/modelprivacyform-secg.htm
These materials were obtained directly from the Federal Government public websites and are posted here for your review and reference only. No Claim to Original U.S. Government Works. These may not be the most recent versions. The U.S. Government may have more current information. We make no guarantees or warranties about the accuracy or completeness of this information, or the information linked to. Please check the linked sources directly.
