(a) The Legislature finds and declares all of the following:
(1) The California Constitution protects the privacy of California citizens from unwarranted intrusions into their private and personal lives.
(2) Federal banking legislation, known as the Gramm-Leach-Bliley Act, which breaks down restrictions on affiliation among different types of financial institutions, increases the likelihood that the personal financial information of California residents will be widely shared among, between, and within companies.
(3) The policies intended to protect financial privacy imposed by the Gramm-Leach-Bliley Act are inadequate to meet the privacy concerns of California residents.
(4) Because of the limitations of these federal policies, the Gramm-Leach-Bliley Act explicitly permits states to enact privacy protections that are stronger than those provided in federal law.
(b) It is the intent of the Legislature in enacting this division:
(1) To ensure that Californians have the ability to control the disclosure of what the Gramm-Leach-Bliley Act calls nonpublic personal information.
(2) To achieve that control for California consumers by requiring that financial institutions that want to share information with third parties and unrelated companies seek and acquire the affirmative consent of California consumers prior to sharing the information.
(3) To further achieve that control for California consumers by providing consumers with the ability to prevent the sharing of financial information among affiliated companies through a simple opt-out mechanism via a clear and understandable notice provided to the consumer.
(4) To provide, to the maximum extent possible, consistent with the purposes cited above, a level playing field among types and sizes of businesses consistent with the objective of providing consumers control over their nonpublic personal information, including providing that those financial institutions with limited affiliate relationships may enter into agreements with other financial institutions as provided in this division, and providing that the different business models of differing financial institutions are treated in ways that provide consistent consumer control over information-sharing practices.
(5) To adopt to the maximum extent feasible, consistent with the purposes cited above, definitions consistent with federal law, so that in particular there is no change in the ability of businesses to carry out normal processes of commerce for transactions voluntarily entered into by consumers.
(Added by Stats. 2003, Ch. 241, Sec. 1. Effective January 1, 2004. Section operative July 1, 2004, pursuant to Section 4060.)
Last modified: October 25, 2018