The correct answer is C. After disclosing information-sharing practices to customers and after giving them an opportunity to opt out.
Reference: The IAPP textbook, U.S. Private-Sector Privacy, 4th Edition, 2024, Section 9.3.2 The GLBA Privacy Rule: "In addition, other than for defined exceptions, a financial institution may also share consumer information with nonaffiliated companies and other third parties, but only after disclosing information-sharing practices to customers and providing them with the opportunity to opt out."
The Gramm-Leach-Bliley Act seeks to protect consumer financial privacy. Its provisions limit when a "financial institution" may disclose a consumer's "nonpublic personal information" to nonaffiliated third parties. The law covers a broad range of financial institutions, including many companies not traditionally considered to be financial institutions because they engage in certain "financial activities." Financial institutions must notify their customers about their information-sharing practices and tell consumers of their right to "opt-out" if they don't want their information shared with certain nonaffiliated third parties. In addition, any entity that receives consumer financial information from a financial institution may be restricted in its reuse and redisclosure of that information.
Note: While the GLB Act does not require you to provide an opt-out notice if you
only disclose NPI to affiliates, if you share certain information with your
affiliates, you may have an obligation to provide an opt-out notice under the Fair
Credit Reporting Act. That opt-out notice must be included in your GLB privacy
notice
A financial institution may also share consumer information with nonaffiliated companies and other third parties, but only after disclosing information-sharing practices to customers and providing them with the opportunity to opt out. IAPP 9.3.2 (page 233). The correct answer is C.
Correct Answer is C. information with nonaffiliated companies and other third parties, but only after disclosing information-sharing practices to customers and providing them with the opportunity to opt out.
https://www.ftc.gov/business-guidance/resources/how-comply-privacy-consumer-financial-information-rule-gramm-leach-bliley-act
"If you share their NPI with nonaffiliated third parties outside of three exceptions (see "Exceptions"), you must give your consumers and customers an "opt-out notice" that clearly and conspicuously describes their right to opt out of the information being shared. An opt-out notice must be delivered with a privacy notice, and it can be part of the privacy notice."
https://www.ecfr.gov/current/title-12/chapter-X/part-1022/subpart-C
Example. A consumer has a homeowner's insurance policy with an insurance company. The insurance company furnishes eligibility information about the consumer to its affiliated creditor. Based on that eligibility information, the creditor wants to make a solicitation to the consumer about its home equity loan products. The creditor does not have a pre-existing business relationship with the consumer and none of the other exceptions apply. The creditor is prohibited from using eligibility information received from its insurance affiliate to make solicitations to the consumer about its home equity loan products unless the consumer is given a notice and opportunity to opt out and the consumer does not opt out.
§ 1022.21 Affiliate marketing opt-out and exceptions.
(i) It is clearly and conspicuously disclosed to the consumer in writing or, if the consumer agrees, electronically, in a concise notice that you may use eligibility information about that consumer received from an affiliate to make solicitations for marketing purposes to the consumer;
(ii) The consumer is provided a reasonable opportunity and a reasonable and simple method to “opt out,” or prohibit you from using eligibility information to make solicitations for marketing purposes to the consumer; and
Hey boats. Love your responses in general, but I think you're off here. You're (correctly) addressing a situation in which the third party is *affiliated*. Here, the prompt states the the third party is *not* affiliated.
The answer is C. That financial institution must provide consumers the right to opt out of having their nonpublic personal information shared with nonaffiliated third parties (subject to significant exceptions, such as joint marketing agreements between other financial institutions, and processing of consumer transactions) but in any case, must provide a privacy notice to disclose this. There is no right of a consumer to be afforded an opportunity to opt-in under GLBA.
Consumers must opt-in before a financial institution may share financial information with a non-affiliated third party. A is right answer. Can someone confirm?
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
twiny
3 months, 2 weeks agoBhimesh
8 months, 3 weeks agoBhimesh
8 months, 3 weeks agoZ1682009
10 months, 3 weeks agojjjrbm
1 year, 1 month agoAmbulocetus
1 year, 4 months agoBoats
1 year, 7 months agoBoats
1 year, 7 months agoFDFDSFDSF
1 year, 4 months ago[Removed]
1 year, 7 months agoSupp2023
1 year, 8 months ago