Certified Information Privacy Professional – United States (CIPP/US) — Question 144

What are banks required to do under the Gramm-Leach-Bliley Act (GLBA)?

Answer options

• A. Conduct annual consumer surveys regarding satisfaction with user preferences
• B. Process requests for changes to user preferences within a designated time frame
• C. Provide consumers with the opportunity to opt out of receiving telemarketing phone calls
• D. Offer an Opt-Out before transferring PI to an unaffiliated third party for the latter’s own use

Correct answer: D

Explanation

The correct answer is D because the Gramm-Leach-Bliley Act mandates that consumers must be given the opportunity to opt out before their personal information is shared with non-affiliated third parties. The other options, while related to consumer rights, do not specifically align with the core requirements set forth by the GLBA regarding the handling of personal information.