(a) Privacy obligation policy
It is the policy of the Congress that each financial institution has an affirmative and continuing obligation to respect the privacy of its customers and to protect the security and confidentiality of those customers' nonpublic personal information.
(b) Financial institutions safeguards
In furtherance of the policy in subsection (a), each agency or authority described in section 6805(a) of this title, other than the Bureau of Consumer Financial Protection, shall establish appropriate standards for the financial institutions subject to their jurisdiction relating to administrative, technical, and physical safeguards—
(1) to insure the security and confidentiality of customer records and information;
(2) to protect against any anticipated threats or hazards to the security or integrity of such records; and
(3) to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to any customer.
2010—Subsec. (b). Pub. L. 111–203 inserted ", other than the Bureau of Consumer Financial Protection," after "section 6805(a) of this title" in introductory provisions.
Effective Date of 2010 Amendment
Amendment by Pub. L. 111–203 effective on the designated transfer date, see section 1100H of Pub. L. 111–203, set out as a note under section 552a of Title 5, Government Organization and Employees.
Pub. L. 106–102, title V, §510, Nov. 12, 1999, 113 Stat. 1445, provided that: "This subtitle [subtitle A (§§501–510) of title V of Pub. L. 106–102, enacting this subchapter and amending section 1681s of this title] shall take effect 6 months after the date on which rules are required to be prescribed under section 504(a)(3) [15 U.S.C. 6804(a)(3)], except—
"(1) to the extent that a later date is specified in the rules prescribed under section 504; and
"(2) that sections 504 [15 U.S.C. 6804] and 506 [enacting section 6806 of this title and amending section 1681s of this title] shall be effective upon enactment [Nov. 12, 1999]."