Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 119th Congress · H.R. 8398 (Introduced in House) — To make improvements to title V of the Gramm-Leach-Bliley Act, and for other purposes. · Sec. 104

Sec. 104. Limits on use of consumer access credentials

387 words·~2 min read·/bill/119/hr/8398/ih/section-104·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Section 502 of the Gramm-Leach-Bliley Act ( 15 U.S.C. 6802 ), as amended by section 102(3), is further amended by adding at the end the following: A financial data aggregator or nonaffiliated third party may not use the access credentials of a consumer to access an electronic form of the consumer’s account at, or otherwise obtain an electronic form of nonpublic personal information of the consumer from, a financial institution unless— before the time that such access credentials are initially collected, the financial data aggregator or nonaffiliated third party provides a clear and conspicuous disclosure to such consumer that includes— how the financial data aggregator or nonaffiliated third party will use such access credentials; whether the financial data aggregator or nonaffiliated third party will disclose such access credentials to a third party not affiliated with the financial data aggregator or nonaffiliated third party; and a notification of— the risks to privacy and security of nonpublic personal information associated with use of access credentials to obtain nonpublic personal information held by a financial institution; and the practices of the financial data aggregator or nonaffiliated third party to ensure the privacy and security of nonpublic personal information obtained using access credentials; and the consumer is given the opportunity to direct that such access credentials not be used to access the consumer’s account at, or otherwise obtain nonpublic personal information of the consumer from, the financial institution.
A financial institution may not deny a disclosure request from a financial data aggregator or a nonaffiliated third party using the access credentials of a consumer if the consumer— has received the disclosure described in paragraph (1)(A); and has been given the opportunity to direct that such access credentials not be used, as described in paragraph (1)(B). Notwithstanding paragraphs
(1)and (2), when complying with this subsection, a financial institution, financial data aggregator, or nonaffiliated third party shall comply with any requirements of section 1033 of the Consumer Financial Protection Act of 2010 ( 12 U.S.C. 5533 ) with respect to the use of the access credentials of a consumer to access an electronic form of the consumer’s account at, or otherwise obtain an electronic form of nonpublic personal information of the consumer from, a financial institution. . This section shall take effect 1 year after the date of enactment of this Act.
Connectionstraces to 2
Citation graph
cites case law
Sec. 104
Limits on use of consumer access credentials
U.S.C.§ 6802
U.S.C.§ 5533
Cites 2Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.