Answer:
Answer by Andy Zavoina:
Privacy notices are delivered when the relationship is established and annually thereafter. Constant reminders are not required and the use of an ATM does not denote a continuing relationship. That said, 216.9 does indicate that delivery via an ATM may be sufficient delivery in some instances.
This opinion may not be my employer's and should not be considered legal advice.
Answer:
Answer by Mary Beth Guard:
In the instance you described, a privacy notice need not be given at an ATM.
The provision Andy refers to in the privacy rule is to be used in a situation where a financial institution that operates an ATM will be collecting and sharing information on noncustomers outside the permissible exceptions. In that type of situation, the institution would have to provide its privacy notice, along with a right to opt out, to the noncustomer, prior to sharing the noncustomer's nonpublic personal information with nonaffiliated third parties outside the exceptions. Providing the privacy notice at the ATM is one method for giving the notice.
Obviously, this is an extremely rare scenario. Most institutions don't even share information about their CUSTOMERS -- much less noncustomers with whom they do business.
First published on BankersOnline.com 05/5/03
print
share