Gramm–Leach–Bliley Act (GLBA, 1999)

1) Link to the Text of the Act
Read the statute (15 U.S.C. § 6801 et seq.)

2) Why It Was Done
GLBA was enacted to modernize financial services by repealing parts of the Glass–Steagall Act (1933), allowing banks, securities firms, and insurance companies to affiliate. It also added consumer financial privacy protections.

3) Pre-existing Law or Constitutional Rights
The Glass–Steagall Act had separated commercial and investment banking since the Great Depression. GLBA dismantled that separation and introduced new privacy obligations.

4) Overreach or Proper Role?
Supporters said it reflected modern financial realities and promoted efficiency. Critics argue it contributed to the 2008 financial crisis by enabling risky consolidation. Privacy advocates see GLBA as too weak in protecting consumer data.

5) Who or What It Controls

• Financial institutions (banks, lenders, insurance companies, investment firms)
• Consumers (gain rights to privacy notices and opt-outs for data sharing)
• Federal regulators (oversee compliance)

6) Key Sections / Citations

• 15 U.S.C. § 6801: Protection of nonpublic personal information
• 15 U.S.C. § 6802: Obligations of financial institutions (privacy notices, opt-out)
• 15 U.S.C. § 6803: Disclosure of privacy policies
• Safeguards Rule (FTC) requires security of customer information

7) Recent Changes or Live Controversies

• Enforcement of GLBA privacy rules remains fragmented among agencies
• Debates continue about whether GLBA’s opt-out model is outdated in the era of big data
• Cybersecurity breaches at financial institutions highlight gaps in protection

8) Official Sources

• U.S. Code – Title 15, Chapter 94
• FTC – Gramm–Leach–Bliley Act
• FDIC – GLBA Overview

• Finance
• Banking
• Privacy
• Consumer Protection
• Insurance