Skip to main content
Your Right to Privacy - Opting Out of Data Sharing

Your Right to Privacy - Opting Out of Data Sharing

The Department of Attorney General wants you to know your rights. You can take steps to stop companies from sharing your personal information.

Have you ever looked at a travel website, then saw ads for flights on your Facebook page? That happens because of cookies.

How Cookies Work

Cookies are small files saved on your device. They are created when you visit a website. These files help companies learn what you do online. They use this to show you ads.

For example, a travel site may send a cookie to your browser. That cookie tells ad companies what you looked at. Later, you may see ads for flights.

Cookie Pop-Ups

Many websites show a pop-up about cookies. You may see:

  • Informational pop-ups – They tell you how cookies are used.
  • Opt-out pop-ups – They let you turn off some tracking.
  • Opt-in pop-ups – They ask if you want to allow tracking.

Look for ways to say “no” or turn off tracking.

How to Protect Your Information Online

You can take these steps:

  • Change your browser settings to block cookies.
  • Delete cookies you already have.
  • Turn off tracking in your browser.
  • Use ad blockers you trust.

Your Financial Information

Some companies, like banks and lenders, may share your personal data.

They must tell you how they use your data. They must also give you a way to say “no.”

To protect yourself:

  • Read mail from your bank or lender.
  • Follow steps to opt-out of data sharing.
  • Call the company if you have questions.
  • Make sure they received your opt-out request.
  • Choose another company if you are not happy.

What the Law Says

Although there are no Michigan laws in this arena, a federal law called the Gramm-Leach-Bliley Act requires financial companies to:

  • Tell you how they share your data.
  • Give you a chance to opt-out.
  • Keep your account numbers private.

But the law has limits. Some data can still be shared.

For example:

  • Public information can be shared.
  • Affiliated companies can share data with each other.

What Is a Financial Company?

A financial company can include:

  • Banks
  • Insurance companies
  • Credit card companies
  • Mortgage lenders
  • Tax services

Privacy Notices

You should get a privacy notice when you start with a company. You may also get one each year. This notice explains how your data is used.

Frequently Asked Questions About Your Right to Opt-Out of Allowing Financial Institutions to Share Your Information

1. Which “financial institutions” are covered by these laws?

According to the Federal Trade Commission, a “financial institution” includes banks, insurance companies, and investment businesses, as well as any other business “significantly engaged” in financial activities. “Financial institutions” may include:

Retailers that issue their own credit cards;

  • Banks;
  • Insurance companies;
  • Mortgage brokers;
  • Investment advisors;
  • Securities dealers;
  • Accountants and tax preparation services;
  • Lawyers and law firms (confidential client communications remain protected);
  • Car dealerships that lease cars on a "non-operating basis" for more than 90 days;
  • Businesses that print and sell checks for consumers;
  • Check cashing businesses; or
  • Businesses that operate travel agencies in connection with financial services.

2. What Notice is Required?

Financial institutions must supply consumers with an initial privacy statement. Consumers who have a continuing relationship with a financial institution are entitled to additional statements on a yearly basis.

3. How does the opt-out notice work?

The opt-out notice is separate from the privacy statement. It must state, among other things, that the financial institution will disclose, or reserves the right to disclose, nonpublic personal information about you to outside companies, if this is the institution's policy.

4. What is “nonpublic personal information?”

The rules give consumers only a limited right to block sharing of certain information. Consumers have no right to block sharing of information that is “publicly available.” This includes information the institution believes can be legally obtained from government records or “widely distributed” media.

5. What is an “affiliated company”?

Affiliated companies are individual companies that belong to the same corporate family. For example, an insurance company and a bank that are under the control of a third (parent) company would be affiliates, as would the parent company. Thus, neither the bank nor the insurance company would be required to permit you to opt-out of data sharing with the other company.

The Fair Credit Reporting Act does not give consumers the right to prevent affiliates from sharing “transaction and experience” information about a consumer. Transaction information can include a wide variety of data many consumers would consider very personal, such as credit card charges or checks written.

Proposed Personal Data Privacy Act

A bill has been introduced in the Michigan Legislature that would provide Michiganders with more safeguards related to the collection and use of their data. At least 20 other states have already enacted such laws, expanding the privacy rights of their residents.

The proposed Personal Data Privacy Act would do the following:

  • give consumers the right to opt-out of the sale or use of their personal data for targeted advertising by companies;
  • require companies to obtain the consumer’s consent before using certain sensitive personal data;
  • require companies to disclose the purpose of any consumer data sharing;
  • require companies to delete personal data obtained about a consumer upon their request; and
  • create a data broker registry.

For More Information

More information about the Personal Data Privacy Act can be found at this link (PDF).

The FTC's website contains various resources related to the Gramm-Leach-Bliley Act. Consumers may also call the Federal Trade Commission at 877-ID-Theft.

For more information about identity theft prevention, consumers should read the Attorney General's Consumer Alert entitled, Identity Theft Prevention.

If you have a complaint about a privacy notice or opt-out instructions, you may wish to file a complaint with the FTC.

Contact the Attorney General's Office

If you have questions, or would like to file a complaint, please contact the Attorney General's Consumer Protection Team at:

Consumer Protection Team
P.O. Box 30213
Lansing, MI 48909
517-335-7599
Fax: 517-241-3771
Toll-free: 877-765-8388
Online complaint form