Four federal finance agencies have issued rules that force banks to tell customers when their personal data has been exposed.
The regulations, published Wednesday, arise from the agencies' interpretation of several provisions of the Gramm-Leach-Bliley Act. Those provisions call on financial institutions to prevent unauthorized access and use of customer information and to address any such incidents that do occur.
"We do expect our institutions to follow this guidance," said David Barr, a spokesman for the Federal Deposit Insurance Corporation, or FDIC, one of the agencies involved. "Whenever we examine institutions, we will look at...whether they have these consumer safety measures in place."
The finance industry and the data collection industry are reeling from the fallout of several recent high-profile data leaks. In late February, financial services giant Bank of America alerted government workers that backup tapes containing their sensitive data had gone missing. In addition, data brokers LexisNexis and ChoicePoint have revealed large-scale data leaks.
The latest government rules say that if a bank becomes aware of "an incident of unauthorized access to sensitive customer information," the institution should investigate. They also require the company to notify account holders quickly if it's "reasonably possible" that the personal details will be misused.
The regulations apply to banks and savings and loan institutions, and not to credit unions, which fall under a different agency, the National Credit Union Administration. The regulations only cover nonpublic consumer information, not details on businesses or commercial accounts.
The rules were established after a period of public comment. They partly resemble California's Security Breach Information Act, which requires all companies to notify consumers when sensitive personal information may have been compromised.
Others that helped author the regulations include two agencies that are part of the U.S. Treasury Department: the Office of the Comptroller of Currency and the Office of Thrift Supervision.
The Board of Governors of the Federal Reserve System also helped issue the guidelines.
The stuff that banks and other financial institutions are selling is basically "trust". People trust their bank to handle all of their life savings responsibly. Yet when it comes to the technological side of fuflfilling these expectations they fail again and again, instead of taking advantage of their traditional role as suppliers of "trust" and expanding their business to new territories usin technology.
Teechnologies such as micropayments could have become a reallity if financial institutions would have decided to invest in them. By not investing in such technologies they risk losing some of their business to others in the future. And by failing to invest enough in making the technology they currently use they risk eroding their image as entities that can be trusted, and perhaps lose some of their current business, as the internet enables more and more business to be done without the actual exchange of real money.
The two telecom carriers will carry a next-generation iPad running on the fast, next-generation wireless technology, sources tell The Wall Street Journal.
Google creates an animated doodle that features a boy, a girl, Google's search engine, and a jump rope. But might there be darker, more analytical, more troubling interpretations to this tale?
Hamza Kashgari's tweets of an imaginary conversation with the Prophet Mohammad are viewed as blasphemous by the Saudi Arabian government. Now he faces trial with a possible death sentence.
The Silicon Valley online payments startup grew by 1,000 percent last year and is hopeful it can repeat that level of growth this year. To do that, it's had to move away from its early friends-and-family roots and embrace small businesses.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
Teechnologies such as micropayments could have become a reallity if financial institutions would have decided to invest in them. By not investing in such technologies they risk losing some of their business to others in the future. And by failing to invest enough in making the technology they currently use they risk eroding their image as entities that can be trusted, and perhaps lose some of their current business, as the internet enables more and more business to be done without the actual exchange of real money.