|
|||||||
|
Federal Law Trumps California’s Privacy Laws On June 20, 2005 the Ninth Circuit Court of Appeals ruled that the Fair Credit Reporting Act (“FCRA”)[1] preempts California’s tough Financial Information Privacy Act, a consumer financial privacy law that has prohibited corporate sharing of private credit information.[2] The FCRA was amended in 2003 to permit financial institutions to share certain consumer information with their affiliates. California’s Financial Information Privacy Act,[3] adopted on December 12, 2003, prohibits "financial institutions" from sharing consumer information with others, including their affiliates, without a consumer “opt in” and an annual written notification to the consumer. The definition of "financial institutions" in the California law is deceptively broad, generally extending to any company that is in the field of banking, lending, investments or securities, insurance and the like. Thus, for example, the California law prohibited companies that market "financial" services from sharing private consumer data, and would prohibit a broker dealer or investment advisory firm from sharing private consumer data with its marketing affiliates. The Ninth Circuit decision remanded to the district court the question of how much of the California law is invalidated by virtue of federal preemption. Thus, it will be the district court that implements the changes to California’s law. Until the matter has been put to rest in the judicial process, financial institutions face legal uncertainty regarding their ability to share consumer information with their affiliates. For more information, contact:
This article was prepared with the assistance of Chris Rogers, law intern. [1] 15 U.S.C. §§1681 et seq. [2] American Bankers Ass’n v. Gould, 9th Cir., No. 04-16334, No. 04-16560 (filed June 20, 2005), 2005 U.S. App. LEXIS 11760. [3] Cal. Fin. Code §§4050-4060.
|
|||||||
