| | |
§10-306.__Privacy of consumer financial information |
|
| | | A credit services organization shall comply with the | | provisions of the federal Gramm-Leach-Bliley Act, 15 United | | States Code, Sections 6801 et seq. (1999) and the implementing | | federal Privacy of Consumer Information Regulation, 16 Code of | | Federal Regulations, Part 313 (2001) adopted by the Federal Trade | | Commission. |
|
| | | Sec. A-4. 9-A MRSA §11-122 is enacted to read: |
|
| | | §11-122.__Privacy of consumer financial information |
|
| | | Merchants who enter into rental purchase agreements with | | consumers shall comply with the provisions of the federal Gramm- | | Leach-Bliley Act, 15 United States Code, Sections 6801 et seq. | | (1999) and the implementing federal Privacy of Consumer | | Information Regulation, 16 Code of Federal Regulations, Part 313 | | (2001) adopted by the Federal Trade Commission. |
|
| | | Sec. B-1. 9-B MRSA §161, sub-§1, as amended by PL 1997, c. 398, Pt. L, | | §6, is repealed. |
|
| | | Sec. B-2. 9-B MRSA §161, sub-§1-A is enacted to read: |
|
| | | 1-A.__Definitions.__As used in this chapter, unless the | | context otherwise indicates, the following terms have the | | following meanings. |
|
| | | A.__"Affiliate" has the same meaning as in section 131, | | subsection 1-A. |
|
| | | B.__"Credit union authorized to do business in this State" | | has the same meaning as in section 131, subsection 12-A. |
|
| | | C.__"Customer" means any person as that term "person" is | | defined in section 131, subsection 30 who utilized, attempts | | to utilize or is utilizing any service of a financial | | institution authorized to do business in this State or a | | credit union authorized to do business in this State or for | | whom a financial institution is acting or has acted as a | | fiduciary in relation to an account maintained in the | | person's name. |
|
| | | D.__"Financial institution authorized to do business in this | | State" has the same meaning as in section 131, subsection | | 17-A. |
|
| | | E.__"Financial records" means the originals or copies of | | records held by a financial institution authorized to do | | business in this State, a credit union authorized to do | | business in this State or their affiliates pertaining to a | | customer's relationship with the financial institution, | | credit union or affiliate and includes information derived | | from such records. |
|
| | | F.__"Nonpublic personal information" means: |
|
| | | (1)__Personally identifiable financial information; and |
|
| | | (2)__Any list, description or other grouping of | | customers and publicly available information pertaining | | to them that is derived using any personally | | identifiable financial information that is not publicly | | available. |
|
| | | G.__"Personally identifiable financial information" means | | any information: |
|
| | | (1)__Provided by a customer to a financial institution | | authorized to do business in this State or a credit | | union authorized to do business in this State to obtain | | a financial product or service; |
|
| | | (2)__Resulting from any transaction involving a | | financial product or service between the financial | | institution authorized to do business in this State or | | a credit union authorized to do business in this State | | and the customer; or |
|
| | | (3)__Otherwise obtained about a customer in connection | | with providing a financial product or service to that | | customer. |
|
| | | H.__"Supervisory agency" means: |
|
| | | (1)__The Federal Deposit Insurance Corporation; |
|
| | | (2)__The Office of Thrift Supervision; |
|
| | | (3)__The Federal Home Loan Bank Board; |
|
| | | (4)__The National Credit Union Administration; |
|
| | | (5)__The Federal Reserve Board; |
|
| | | (6)__The Office of the Comptroller of the Currency; |
|
| | | (7)__The Bureau of Banking within the Department of | | Professional and Financial Regulation; |
|
| | | (8)__The Office of Consumer Credit Regulation within the | | Department of Professional and Financial Regulation; |
|
| | | (9)__The Bureau of Insurance within the Department of | | Professional and Financial Regulation; |
|
| | | (10)__The Securities Division within the Department of | | Professional and Financial Regulation; and |
|
| | | (11)__The United States Securities and Exchange | | Commission. |
|
| | | Sec. B-3. 9-B MRSA §161, sub-§2, as amended by PL 1999, c. 127, Pt. A, | | §21 and c. 218, §1, is further amended to read: |
|
| | | 2. Exemptions. This chapter does not prohibit: |
|
| | | A. The preparation, examination, handling or maintenance of | | any financial records by any officer, employee or agent of a | fiduciary | | this State or credit union authorized to do business in this | | State having custody of such records or the examination of | | such records by a certified public accountant engaged by the | fiduciary | | an independent audit; |
|
| | | B. The examination of any financial records by, or the | furnishing of financial records by a fiduciary | | institution authorized to do business in this State or | | credit union authorized to do business in this State to, any | | officer, employee or agent of a supervisory agency for use | solely in the exercise of hisas an | | officer, employee or agent; |
|
| | | C. The publication of data furnished from financial records | relating to customers wherecannot | | identified to any particular customer or account; |
|
| | | D. The making of reports or returns required under the | United States Internal Revenue Code, chapter | | including the submission of information concerning interest | | earned on accounts, investigatory activity authorized by the | | United States Internal Revenue Code and any use to which the | | reports or returns would be subjected once submitted; |
|
| | | E. Furnishing information permitted to be disclosed under |
|
| | | the Uniform Commercial Code concerning the dishonor of any | | negotiable instrument; |
|
| | | F. The exchange in the regular course of business of credit | information between a fiduciary | | authorized to do business in this State or credit union | authorized to do business in this State and other fiduciary | | financial institutions or credit unions or commercial | | enterprises, directly or through a consumer reporting | | agency; |
|
| | | G. Any disclosure of financial records made pursuant to | | section 226; |
|
| | | H. The examination of the financial records authorized by | | Title 36, section 112 or section 176-A, subsection 4; |
|
| | | I. Any disclosure of financial records made pursuant to | | Title 22, section 16, 17 or 4314; |
|
| | | J. Any disclosure of financial records made under the | | Federal Currency and Foreign Transactions Reporting Act, | | Public Law 91-508, 31 United States Code, Section 5311, et | | seq., as amended; |
|
| | | K. The examination or furnishing of any financial records | by a fiduciary | | business in this State or credit union authorized to do | | business in this State to any officer, employee or agent of | | the Treasurer of State for use solely in the exercise of | | that officer's, employee's or agent's duties under Title 33, | chapter 41; or |
|
| | L. The exchange of financial records between a fiduciary | | financial institution authorized to do business in this | | State or credit union authorized to do business in this | | State and a consumer reporting agency or between or among a | fiduciary | | this State or credit union authorized to do business in this | | State and its subsidiaries, employees, agents or affiliates | as | 15 United States Code, Chapter 41. |
|
| | | M.__The sharing of customer financial records, including | | nonpublic personal information to the extent permitted by the | | federal Gramm-Leach-Bliley Act, 15 United States Code, Sections | | 6801 et seq. (1999) and the applicable implementing federal | | Privacy of Consumer Financial Information Regulation adopted by | | the Office of the Comptroller of the Currency, 12 Code of Federal | | Regulations, Part 40; the Office of Thrift Supervision, 12 Code | | of Federal Regulations, Part 573; the |
|
| | | Federal Reserve System, 12 Code of Federal Regulations, Part | | 216; the Federal Deposit Insurance Corporation, 12 Code of | | Federal Regulations, Part 332; the National Credit Union | | Administration, 12 Code of Federal Regulations, Part 716; | | the Securities and Exchange Commission, 12 Code of Federal | | Regulations, Part 248; or the Federal Trade Commission, 16 | | Code of Federal Regulations, Part 313 (2001). |
|
| | | Sec. B-4. 9-B MRSA §162, first ¶, as amended by PL 1997, c. 537, §1 and | | affected by §62, is further amended to read: |
|
| | | A fiduciary | | this State or credit union authorized to do business in this | | State or its affiliates may not disclose to any person, except to | | the customer or the customer's duly authorized agent, any | financial records relating to that customer of that fiduciary | | financial institution or credit union unless: |
|
| | | Sec. B-5. 9-B MRSA §163, as amended by PL 1999, c. 197, §1, is | | further amended to read: |
|
| | | §163. Subpoena, summons, warrant or court order |
|
| | | 1. Service. A fiduciary | | do business in this State or credit union authorized to do | | business in this State shall disclose financial records under | | section 162 pursuant to a subpoena, summons, warrant or court | | order that on its face appears to have been issued upon lawful | | authority only if the subpoena, summons, warrant or court order | is served upon the customer prior to disclosure by the fiduciary | | financial institution or credit union. The agency or person | | requesting the disclosure of financial records shall certify in | writing to the fiduciary | | the fact that the subpoena, summons, warrant or court order has | | been served upon the customer. The court for good cause shown | | may delay or dispense with service of the subpoena, summons, | | warrant or court order upon the customer. The court shall delay | | or dispense with service of the subpoena, summons, warrant or | | court order upon the customer upon notice by the Attorney | | General, the Attorney General's designee or the District Attorney | | that service upon the customer would not be in the public | | interest. A subpoena, summons or warrant issued in connection | | with a criminal proceeding or state or federal grand jury | | proceeding, a request for information by the Department of Human | | Services for purposes related to establishing, modifying or | | enforcing a child support order or a trustee process lawfully | | issued need not be served upon the customer. |
|
| | | Sec. B-6. 9-B MRSA §164, as amended by PL 1991, c. 824, Pt. A, §11, | | is further amended to read: |
|
| | | 1. Violation. Any officer or employee of a fiduciary | | financial institution authorized to do business in this State, | | credit union authorized to do business in this State, affiliate, | | or consumer reporting agency who intentionally or knowingly | | furnishes financial records in violation of this chapter commits | a civil violation and shall be | not more than $1,000 | | institution authorized to do business in this State or credit | | union authorized to do business in this State that intentionally | | or knowingly furnishes financial records in violation of this | | chapter or intentionally or knowingly allows an affiliate to | | furnish financial records in violation of this chapter commits a | | civil violation and is subject to a civil penalty of not more | than $10,000 per violation. Any fiduciary | | authorized to do business in this State or credit union | | authorized to do business in this State or any agent or employee | of a fiduciary | | disclosure of financial records in good-faith reliance upon the | | certificate of agency or person requesting the disclosure, that | | the provisions of section 163 requiring prior notice to the | customer have been complied with, shallbe | customer for the disclosures and shallbe | | civil penalties under this section. |
|
| | | 2. Inducing violation. Any person who intentionally or | | knowingly induces or attempts to induce any officer or employee | of a fiduciary | | this State, credit union authorized to do business in this State | | or consumer reporting agency to disclose financial records in | | violation of this chapter commits a civil violation and is | subject to a civil penalty of not more than $1,000 | | violation. |
|
| | | Sec. B-7. 9-B MRSA §241, sub-§12 is enacted to read: |
|
| | | 12.__Privacy of consumer information.__A financial institution | | authorized to do business in this State or a credit union | | authorized to do business in this State must comply with the | | provisions of the federal Gramm-Leach-Bliley Act, 15 United | | States Code, Sections 6801 et seq. (1999) and the applicable | | implementing federal Privacy of Consumer Financial Information | | Regulation adopted by the Office of the Comptroller of the | | Currency, 12 Code of Federal Regulations, Part 40; the Office of | | Thrift Supervision, 12 Code of Federal Regulations, Part 573; the | | Federal Reserve System, 12 Code of Federal Regulations, Part 216; | | the Federal Deposit Insurance Corporation, 12 Code of Federal | | Regulations, Part 332; the National Credit Union Administration, |
|
| | | 12 Code of Federal Regulations, Part 716; the Securities and | | Exchange Commission, 12 Code of Federal Regulations, Part 248; or | | the Federal Trade Commission, 16 Code of Federal Regulations, | | Part 313 (2001). |
|
| | | Sec. C-1. 24-A MRSA §212, as amended by PL 1991, c. 885, Pt. E, §23 | | and affected §47, is further amended to read: |
|
| | | §212. Rules and regulations |
|
| | | Subject to the applicable requirements and procedures of the | | Maine Administrative Procedure Act, Title 5, chapter 375, | subchapter II, the superintendent may make, promulgate | amend and rescind reasonable rules and regulations | | administration or effectuation of any provisions of this Title or | of the following | extent administered or enforced by the superintendent: Title 5, | chapter 501; Title 32, section 13773; and Title 39-A, sections | 357, 403 and 404 |
|
| | | Sec. C-2. 24-A MRSA §2203, sub-§3, as enacted by PL 1997, c. 677, §3 | | and affected by §5, is amended to read: |
|
| | | 3. Exception. This | | in rules adopted by the superintendent pursuant to section 2220, | | this chapter does not apply to insurance transactions arising out | | of workers' compensation, medical malpractice, fidelity, | suretyship,, property or casualty | | insurance or information collected from public records for the | | purpose of title insurance. |
|
| | | Sec. C-3. 24-A MRSA §2220, as enacted by PL 1997, c. 677, §3 and | | affected by §5, is amended to read: |
|
| | | The superintendent may adopt rules to carry out the purposes | | of this chapter and the privacy protection provisions of the | | federal Gramm-Leach-Bliley Act, 15 United States Code, Sections | | 6801 et seq. (1999). Rules adopted pursuant to this chapter are | major substantive | | chapter 375, subchapter II-A. |
|
| | | Sec. D-1. 32 MRSA §10313, sub-§1, ¶J, as enacted by PL 1985, c. 400, | | §2, is amended to read: |
|
| | | J. Has failed reasonably to supervise sales representatives | | if a broker-dealer, or employees if an investment adviser; | or |
|
| | | Sec. D-2. 32 MRSA §10313, sub-§1, ¶K, as amended by PL 1989, c. 542, | | §25, is further amended to read: |
|
| | | K. Has failed to pay the proper filing fee, but the | | administrator shall vacate any order under this paragraph | when the deficiency has been corrected. |
|
| | | Sec. D-3. 32 MRSA §10313, sub-§1, ¶L is enacted to read: |
|
| | | L.__Has failed to comply with the privacy provisions of the | | federal Gramm-Leach-Bliley Act, 15 United States Code, | | Sections 6801 et seq. (1999) and the implementing Regulation | | S-P, federal Privacy of Consumer Financial Information | | Regulation, 17 Code of Federal Regulations, 248 (2000) | | adopted by the United States Securities and Exchange | | Commission. |
|
| | | Sec. E-1. 30-A MRSA §3964-A, sub-§4 is enacted to read: |
|
| | | 4.__Privacy of consumer financial information.__A pawnbroker | | that is a financial institution as defined by 16 Code of Federal | | Regulations, Part 313.3(k)(1) (2001) must comply with the | | provisions of the federal Gramm-Leach-Bliley Act, 15 United | | States Code, Sections 6801 et seq. (1999) and the implementing | | federal Privacy of Consumer Information Regulation, 16 Code of | | Federal Regulations, Part 313 (2001) adopted by the Federal Trade | | Commission. |
|
| | | Sec. E-2. 32 MRSA §6146 is enacted to read: |
|
| | | §6146.__Privacy of consumer financial information |
|
| | | A check cashing business or foreign currency exchange business | | shall comply with the provisions of the federal Gramm-Leach- | | Bliley Act, 15 United States Code, Sections 6801 et seq. (1999) | | and the implementing federal Privacy of Consumer Information | | Regulation, 16 Code of Federal Regulations, Part 313 (2001) | | adopted by the Federal Trade Commission. |
|
| | | Sec. E-3. 32 MRSA §6162 is enacted to read: |
|
| | | §6162.__Privacy of consumer financial information |
|
| | | A cash-dispensing machine operator shall comply with the |
|
| | | provisions of the federal Gramm-Leach-Bliley Act, 15 United | | States Code, Sections 6801 et seq. (1999) and the implementing | | federal Privacy of Consumer Information Regulation, 16 Code of | | Federal Regulations, Part 313 (2001) adopted by the Federal Trade | | Commission. |
|
| | | Sec. E-4. 32 MRSA §11018 is enacted to read: |
|
| | | §11018.__Privacy of consumer financial information |
|
| | | A collection agency or repossession company that is a | | financial institution as defined by 16 Code of Federal | | Regulations, Part 313.3(k)(1) (2001) shall comply with the | | provisions of the federal Gramm-Leach-Bliley Act, 15 United | | States Code, Sections 6801 et seq. (1999) and the implementing | | federal Privacy of Consumer Information Regulation, 16 Code of | | Federal Regulations, Part 313 (2001) adopted by the Federal Trade | | Commission. |
|
| | | Sec. E-5. 33 MRSA §528 is enacted to read: |
|
| | | §528.__Privacy duties of settlement agents |
|
| | | A settlement agent shall comply with the provisions of the | | federal Gramm-Leach-Bliley Act, 15 United States Code, Sections | | 6801 et seq. (1999) and the implementing federal Privacy of | | Consumer Information Regulation, 16 Code of Federal Regulations, | | Part 313 (2001) adopted by the Federal Trade Commission. |
|
| | | Emergency clause. In view of the emergency cited in the preamble, | | Part C of this Act takes effect when approved and Parts A, B, D | | and E of this Act take effect on July 1, 2001. |
|
| | | This bill amends the laws governing the various providers of | | financial services regulated by the Department of Professional | | and Financial Regulation to ensure that the laws governing the | | privacy of personal information furnished to those individuals or | | entities are consistent with the provisions of the federal Gramm- | | Leach-Bliley Act and the implementing regulations adopted by the | | Office of the Comptroller of the Currency, the Office of Thrift | | Supervision, the Federal Reserve System, the Federal Deposit | | Insurance Corporation, the National Credit Union Administration, | | the Federal Trade Commission and the Securities and Exchange | | Commission. The bill further provides that if an entity is | | required under federal law to comply with the Gramm-Leach-Bliley | | Act and the implementing federal regulations and it fails to do | | so, that failure to comply is also a violation |
|
| | | of state law, which the agencies within the Department of | | Professional and Financial Regulation may enforce. |
|
| | | Part A amends the Maine Consumer Credit Code to require | | creditors other than financial institutions or credit unions to | | comply with the privacy provisions of the federal Gramm-Leach- | | Bliley Act and the implementing regulations adopted by the | | Federal Trade Commission. Failure to do so is a violation of the | | Maine Consumer Credit Code. |
|
| | | Part B amends the banking laws of the State to permit the | | sharing of information by financial institutions and credit | | unions authorized to do business in this State to the same extent | | permitted under the federal Gramm-Leach-Bliley Act. It also | | clarifies the law with respect to sharing consumer or commercial | | financial records between financial institutions, and with their | | subsidiaries and affiliates, as is the existing practice within | | the industry. It further provides that the failure to comply | | with the privacy provisions of the federal Gramm-Leach-Bliley Act | | and the applicable implementing federal regulations adopted by | | the federal banking regulators constitutes an anti-competitive or | | unfair practice. Part B also increases the penalties for | | intentional and knowing violations of the confidentiality | | provisions of Chapter 16 of the banking laws of the State and | | imposes liability upon the institution itself for such | | violations. |
|
| | | Part C amends the Maine Insurance Code to parallel the model | | privacy law adopted by the National Association of Insurance | | Commissioners and to authorize the Superintendent of Insurance to | | adopt rules governing the privacy of consumer information as is | | required by the federal Gramm-Leach-Bliley Act and provides that | | such rules are routine technical rules. |
|
| | | Part D amends the Revised Maine Securities Act to provide that | | the failure of a licensed broker-dealer, sales representative or | | investment adviser to comply with the privacy provisions of the | | federal Gramm-Leach-Bliley Act and the implementing regulations | | adopted by the United States Securities and Exchange Commission | | constitutes grounds for disciplinary action including license | | suspension or revocation. |
|
| | | Part E amends the statutes governing various other types of | | financial service providers such as check cashers and foreign | | currency exchangers, collection agencies and repossession | | companies, operators of cash dispensing machines, pawnbrokers and | | mortgage settlement agents to require these businesses to comply | | with the privacy requirements of the federal Gramm-Leach-Bliley | | Act when they meet the definition of "financial institution" | | under the regulations promulgated by the Federal Trade | | Commission. |
|
|
