|As you may know, the Gramm-Leach-Bliley Act was signed by President Clinton in 1999. Federal Agencies with regulatory authority were empowered to adopt and implement rules setting forth which entities are subject to the act and how to comply with its provisions. In the case of motor vehicle dealerships, finance companies and collection agencies, the Federal Trade Commission (FTC) is the regulatory agency with enforcement authority. The FTC issued a Final Rule on Privacy of Consumer Financial Information in May, 2000. The FTC’s Final Rule became effective on November 13, 2000. Full compliance with the Act and the Rule are required by July 1, 2001.|
The stated purpose of the Act and Rule is to ensure that “financial institutions” respect the privacy of their customers and protect the security and confidentiality of “nonpublic personal information” collected when an individual obtains a “financial product or service.” The FTC chose to retain a broad definition of “financial institution.” For example, the definition of “financial institution” encompasses retail sellers of goods if they assist consumers in obtaining credit or extend credit themselves. A motor vehicle dealership is also a financial institution if it, in the regular course of its business, leases motor vehicles on a nonoperating basis for longer than 90 days.
Like the definition of financial institution, the FTC also adopted broad definitions for “financial products or services” and “nonpublic personal information”. The definition of “financial products and services” includes the financial institution’s evaluation of information collected in connection with an application by a consumer for a financial product or service, even if the application ultimately is rejected or withdrawn.
It also includes the distribution of information about a consumer in obtaining a financial product or service. In some cases, the only product or service offered is the funding of the loan, directly or indirectly. In other cases, the product or service is the processing of payments, sending account-related notices and responding to consumer inquiries.
“Nonpublic Personal Information” means any personally identifiable financial information that is provided by a consumer to a financial institution, the results from any transaction with the consumer or any financial service performed for the consumer or information otherwise obtained by the financial institution. Examples of “nonpublic personal information” include:
Simply put, a motor vehicle dealer or his related finance company is required to comply with the notice and opt out requirements
under the act and the rule if it:
Full Compliance with the act and the FTC’s final rule by July 1, 2001 means that you have established a system for providing an
initial notice to all new customers, have mailed the initial notices to all of your existing customers (those with whom you have a
continuing relationship) and have afforded them the opportunity to opt out of any disclosures which are not otherwise permitted
by law. In addition to complying with the notice and opt out requirements, your dealership and each of your affiliated entities must be capable of tracking whether an individual has opted out of a disclosure and following the opt out instructions. You must also have procedures and policies in place to ensure that nonpublic personal information is safeguarded and kept in a confidential manner.
Motor vehicle dealerships that fail comply with the Gramm-Leach-Bliley Act and the FTC’s rule may be subject to FTC enforcement actions under the FTC act for engaging in an unfair and deceptive act or practice, including a cease and desist order and the imposition of substantial civil penalties. A violation of the FTC act is also a violation of most state unfair and deceptive acts and practices statutes under which a successful consumer is often entitled to either recover damages or rescind the transaction. In many cases motor vehicle dealerships may also end up paying attorney's fees and minimum and/or treble damages or defending a class action lawsuit.
The Boston-area AutoMax group owes $925,000 in restitution and fines after settling accusations of misrepresenting vehicles, warranty and service contract coverage, and fees.