47.69 CONSUMER PRIVACY.
    Subdivision 1. General requirements. To protect the privacy of customers using electronic
financial terminals, including any supporting equipment, structures or systems, information
received by or processed through such terminals, supporting equipment, structures or systems
shall be treated and used only in accordance with applicable law relating to the dissemination and
disclosure of such information. The person establishing and maintaining an electronic financial
terminal, including any supporting equipment, structures or systems, shall take such steps as
are reasonably necessary to restrict disclosure of information to that necessary to complete the
transaction and to safeguard any information received or obtained about a customer or that
customer's account from misuse by any person staffing an electronic financial terminal, including
any supporting equipment, structures or systems.
    Subd. 2. Rulemaking. The commissioner shall have the authority by rule to require each
person operating pursuant to sections 47.61 to 47.74 to supply information to customers using
electronic financial terminals of the person's consumer protection policies including the rights
and liabilities of the consumer and protection against wrongful and unnecessary or accidental
disclosure of confidential information.
    Subd. 3. Liability. Every financial institution using an electronic financial terminal shall
maintain reasonable procedures to minimize losses from unauthorized withdrawals from its
customers' accounts by use of an electronic financial terminal. After a customer makes a bona fide
deposit or payment at an electronic financial terminal and has received a receipt, any loss due to
theft or other reason shall not be borne by the customer; provided, loss due to the nonpayment or
dishonor of a check, or other order for payment, deposited at an electronic financial terminal shall
be governed by the applicable provisions of chapter 336. A financial institution shall be liable for
all unauthorized withdrawals unless the unauthorized withdrawal was due to the loss or theft of
the customer machine readable card, including a debit card, in which case the customer shall be
liable, subject to a maximum liability of $50, for those unauthorized withdrawals made prior to the
time the financial institution is notified of the loss or theft. With respect to debit card transactions,
this subdivision applies to unauthorized withdrawals made from an electronic financial terminal
or from an electronic point-of-sale terminal operated by a retailer, described in section 47.61,
subdivision 3 , paragraph (b), clause (3). The limitation on liability is effective only if the issuer
is notified of unauthorized charges contained in a bill within 60 days of receipt of the bill by
the person in whose name the card is issued. For purposes of this subdivision, "unauthorized
withdrawal" means a withdrawal by a person other than the customer without actual authority
to initiate the withdrawal and from which the customer receives no benefit. The term does not
include any withdrawal that is: (1) initiated by a person who was furnished with the card by the
customer, unless the customer has notified the financial institution involved that transfers by that
person are no longer authorized; (2) initiated with fraudulent intent by the customer or any person
acting in concert with the customer; or (3) initiated by the financial institution or its employee.
    Subd. 4. Limitation on use of Social Security number. No person's Social Security number
shall be used as the personal identification number or as any code to activate any electronic
financial terminal.
    Subd. 5. Remedies. Any customer of a financial institution may bring a civil action against
any person violating any subdivision of this section in the district court in the county of the
alleged violator's residence or principal place of business or in the county wherein the alleged
violation occurred. Upon adverse adjudication, the defendant shall be liable for actual damages,
or $500, whichever is greater, punitive damages when applicable, together with the court costs
and reasonable attorneys' fees incurred by the plaintiff. The court may provide such equitable
relief as it deems necessary or proper, including enjoining the defendant from further violations. If
the unauthorized withdrawal was due to the negligent conduct or the intentional misconduct of
an operator or person establishing and maintaining an electronic financial terminal other than a
financial institution or agent of a financial institution, that operator or person establishing and
maintaining an electronic financial terminal or its agent is liable and subject to a civil action
under this subdivision by the financial institution considered liable under subdivision 3 that has
reimbursed the customer.
    Subd. 6. Transaction receipt. Every financial institution using an electronic financial
terminal shall provide its customers a receipt or record of each transaction initiated at the terminal,
and shall provide its customers a transaction statement at least quarterly specifying types, dates,
and amounts of all electronic financial terminal transactions for the previous statement period.
History: 1978 c 469 s 9; 1986 c 444; 1987 c 349 art 1 s 10; 1995 c 202 art 2 s 12,13;
1998 c 295 s 1