17 CFR 248.12 - Limits on sharing account number information for marketing purposes.

prev | next
§ 248.12 Limits on sharing account number information for marketing purposes.

(a)General prohibition on disclosure of account numbers. You must not, directly or through an affiliate, disclose, other than to a consumer reporting agency, an account number or similar form of access number or access code for a consumer's credit card account, deposit account, or transaction account to any nonaffiliated third party for use in telemarketing, direct mail marketing, or other marketing through electronic mail to the consumer.

(b)Exceptions. Paragraph (a) of this section does not apply if you disclose an account number or similar form of access number or access code:

(1) To your agent or service provider solely in order to perform marketing for your own products or services, as long as the agent or service provider is not authorized to directly initiate charges to the account; or

(2) To a participant in a private label credit card program or an affinity or similar program where the participants in the program are identified to the customer when the customer enters into the program.

(c)Example - Account number. An account number, or similar form of access number or access code, does not include a number or code in an encrypted form, as long as you do not provide the recipient with a means to decode the number or code.

This is a list of United States Code sections, Statutes at Large, Public Laws, and Presidential Documents, which provide rulemaking authority for this CFR Part.

This list is taken from the Parallel Table of Authorities and Rules provided by GPO [Government Printing Office].

It is not guaranteed to be accurate or up-to-date, though we do refresh the database weekly. More limitations on accuracy are described at the GPO site.


United States Code
Statutes at Large

Title 17 published on 16-Dec-2017 03:45

The following are ALL rules, proposed rules, and notices (chronologically) published in the Federal Register relating to 17 CFR Part 248 after this date.

  • 2013-04-19; vol. 78 # 76 - Friday, April 19, 2013
    1. 78 FR 23638 - Identity Theft Red Flags Rules
      GPO FDSys XML | Text
      SECURITIES AND EXCHANGE COMMISSION, COMMODITY FUTURES TRADING COMMISSION
      Joint final rules and guidelines.
      Effective date: May 20, 2013; Compliance date: November 20, 2013.
      17 CFR Part 162