Is it acceptable for a financial institution to share customer information with nonaffiliated third parties for marketing purposes?

The correct answer is that it is only acceptable under specific conditions set by the Gramm-Leach-Bliley Act (GLBA). The GLBA provides a framework for how financial institutions can handle customer information, particularly in regards to sharing it with nonaffiliated third parties.

Under the GLBA, financial institutions are required to provide customers with a privacy notice that explains their information-sharing practices. Customers must be given the option to opt-out of having their information shared with nonaffiliated third parties for marketing purposes. However, there are exceptions where financial institutions can share customer information without providing an opt-out, especially when the sharing is required for legal compliance, or if the information is shared with third parties to provide services that are directly related to the financial institution's transactions with the customer.

Therefore, the distinction is essential—while customers have rights to control their information, the GLBA also allows for certain permissible disclosures that don’t require customer consent. This balance is key to understanding compliance requirements in the financial sector.

The other choices do not fully encapsulate the conditions under which customer information can be shared as per the GLBA's stipulations.