Right to Financial Privacy Act

The Right to Financial Privacy Act of 1978 (RFPA; codified at 12 U.S.C. ch. 35, § 3401 et seq.) is a United States federal law, Title XI of the Financial Institutions Regulatory and Interest Rate Control Act of 1978, that gives the customers of financial institutions the right to some level of privacy from government searches.

Before the Act was passed, the United States government did not have to tell customers that it was accessing their records, and customers did not have the right to prevent such actions. The Act came about after the United States Supreme Court held, in United States v. Miller 425 U.S. 435 (1976) (https://supreme.justia.com/cases/federal/us/425/435/), that financial records are the property of the financial institution with which they are held, rather than the property of the customer. The Act prescribes statutory damages of $100 per violation, and a number of different violations can be aggregated in a class action.

Under the RFPA, the FBI could obtain records with a national security letter (NSL) only if the FBI could first demonstrate the person was a foreign power or an agent of a foreign power. Compliance by the recipient of the NSL was voluntary, and states' consumer privacy laws often allowed financial institutions to decline the requests. In 1986, Congress amended RFPA to allow the government to compel disclosure of the requested information. The USA PATRIOT Act of 2001 amended the RFPA.