Gramm-Leach-Bliley Act

Overview

Penalties

Key Articles & Sections

• § 6802 Privacy Notices and Opt-Out Rights
  Financial institutions must provide clear privacy notices and allow customers to opt out of information sharing with nonaffiliated third parties.
  Read full text →
• § 6801 Protection of Nonpublic Personal Information
  Financial institutions have an obligation to respect customer privacy and protect the security of nonpublic personal information.
  Read full text →
• 16 CFR Part 314 Safeguards Rule (FTC)
  Requires comprehensive information security programs including risk assessments, access controls, encryption, MFA, and incident response.
  Read full text →
• § 6821-6827 Pretexting Protections
  Prohibits obtaining customer financial information through false pretenses, fraudulent statements, or impersonation.
  Read full text →

Platforms We Track Subject to GLBA

Recent Changes Related to GLBA

• Apr 20, 2026 Chime Medium
  Chime updated the Bancorp Bank privacy notice on April 20, 2026, reverting it to an older 2017 version from the 2025 version. A key change is that The Bancorp now states it does NOT engage in joint m…
  View change record →
• Apr 19, 2026 Robinhood Low
  Robinhood updated their Privacy Policy on April 19, 2026 by adding a single sentence that appears to be a navigation menu listing their product and service offerings. Before this update, this navigat…
  View change record →
• Apr 19, 2026 Coinbase Low
  Coinbase updated their fee schedule on April 19, 2026, adding a customer support chat feature to the page. The page now includes a 'Need more help?' section with a link to start a chat with a virtual…
  View change record →
• Apr 19, 2026 Coinbase Low
  Coinbase made a minor formatting update to their Privacy Policy on April 19, 2026. The only change was the removal of an extra space before the word 'Basic' in a sentence describing data used for Ver…
  View change record →
• Apr 19, 2026 Google Medium
  Google updated its Privacy Policy on April 19, 2026, adding a new section specifically addressing U.S. state privacy law requirements. The new text explicitly states that Google does not sell your pe…
  View change record →
• Apr 19, 2026 Google High
  Google updated its Terms of Service on April 19, 2026, making several notable changes to how it describes its obligations to users. The country version shifted from Cambodia to United States, the war…
  View change record →
• Apr 18, 2026 Credit Karma Low
  Credit Karma updated their privacy policy on April 18, 2026, with a minor change to their navigation menu. The word 'Tax' was replaced with 'Free Credit Karma Tax' in the product listing within the d…
  View change record →
• Apr 18, 2026 Credit Karma Low
  Credit Karma updated their Terms of Service on April 18, 2026, making a small change to their navigation menu. The word 'Tax' was replaced with 'Free Credit Karma Tax' in the product listing area. Th…
  View change record →
• Apr 18, 2026 Webull Low
  On April 18, 2026, Webull made a minor update to the navigation or header section of their Privacy Policy page, adding a 'WEBTRADE' label and removing a 'New Version' tag from the Desktop App listing…
  View change record →
• Apr 18, 2026 Webull Low
  Webull updated their Terms of Service navigation on April 18, 2026, adding a 'WEBTRADE' label and removing the 'New Version' tag from the Desktop App section. The core content of the terms themselves…
  View change record →

Official Source

View official regulation text →