Links in “Privacy”

While not having to send out an annual privacy notice may sound like a good idea on the surface, the hoops a bank would have to jump through to comply with CFPB requirements suggest that nobody at the CFPB has ever actually worked in a bank. [12/11/14]

The CFPB has finally allowed financial institutions to step into the 21st century and post their annual privacy notice online, instead of mailing it. But don’t put those stamps away just yet; there are a few caveats. In this video, AffirmX’s SVP and In-House Counsel Jane Pannier discusses those caveats and helps you determine whether they apply to your institution. [11/21/14]

The credit union trade associations are gearing up for a last ditch effort to push credit union bills through the Senate that have already passed the House. These include a bill to require annual privacy notices only if there has been a change and a bill to provide access to the Federal Home Loan Bank system for privately insured credit unions. [11/6/14]

How should you walk the line between protecting your member’s information and satisfying information requests by law enforcement and the courts? Understanding the information sharing requirements and limitations under the SAR safe harbor provisions and the Right to Financial Privacy Act can help. [10/29/14]

Yes, the CFPB has issued a final rule that permits credit unions to post their annual privacy notices on their website instead of mailing them directly to their members. However, you need to be aware that there are conditions that must be met before you can take advantage of this option. [10/23/14]

The CFPB has finalized a new rule which allows companies that meet certain requirements to post privacy notices online instead of mailing them annually to consumers. The final rule, which will be effective when published in the Federal Register, will require credit unions to notify their members when the notice is available. [10/21/14]

ABA sends a petition to the FCC requesting an exemption from the Telephone Consumer Protection Act's restrictions on automated calls to mobile devices, such as calls informing consumers of potential fraud detected on their account or potential breaches of the consumer's personal information. [10/14/14]

Even a bank the size of Wells Fargo can overlook the small details. For example, the regulations require the definition section of a bank's privacy policy to italicize the information that is specific to it (see this). But scroll down to WF's definitions section on its online privacy policy, and sure enough: no italics. If that can happen to a bank with a compliance staff the size of a small army, doesn't that make your Friday a little bit better? [10/10/14]

In a letter to the CFPB, CUNA expresses concern about the reputational harm that credit unions could face as a result of permitting consumers to post narrative descriptions of their complaints that could contain “inaccuracies, exaggerations and even intentionally false information.”  In addition, CUNA points out that privacy concerns may not allow credit unions to provide the details necessary to adequately respond to a consumer’s complaint. [9/23/14]

Due to recent data breaches, legislators are evaluating reasonable expectations for effected institutions in protecting consumers' privacy and financial security. A key point of discussion has been whether free credit monitoring for effected consumers should be required of financial institutions following a data breach. Though it is currently up to the discretion of the institution, that may not be the case for long. [8/29/14]