Banks have legal obligations to protect consumer data

bank legal obligations

Running a banking institution involves garnering consumers’ trust. After all, no one wants to bank with a company that seems lax in its protections or does not follow federal and New Jersey state laws. In particular, bank owners and operators want to ensure that they protect consumers’ personal information and data, and understanding their legal obligations can help them do that.

Banks must adhere to various federal laws that relate to the protection of consumer information. For example, the Gramm-Leach-Bliley Act requires that banks and other financial institutions provide consumers with notice whenever personal information is collected, the type of data collected and whether that information has been shared or will be shared with a third party. Additionally, this law requires that consumers have the option of choosing not to have their information collected or shared by banking institutions.

The ways in which consumers can inform the institution that they do not want their nonpublic information collected or shared can vary. Some examples of how this could happen include the following:

  • Obtaining an opt-out form, filling it in and providing it to the applicable financial institution
  • Calling the bank to request to opt out
  • Another specific method explained by the financial institution

The GLBA requires that the institution tell consumers how they can opt out of data collection. However, banks are still able to collect and share nonpublic information under certain circumstances, such as for preventing fraud or completing an authorized financial transaction. Still, because there are nuances to what banks can and cannot do under the GLBA, it is important that New Jersey bank owners and operators understand their legal obligations to avoid issues.