BofA Says It Will Halt Data Sales

Amid a growing national debate over financial privacy, Bank of America said Friday it would stop sharing information about its customers with telemarketers and third-party companies hoping to sell products or services.

Two rival banks, Wells Fargo and U.S. Bancorp, responded with more modest proposals to terminate information-sharing agreements with vendors that hawk nonfinancial products, ranging from roadside assistance programs to travel discounts.

The tighter policies--which some privacy advocates dismissed as inadequate--come as banks struggle to combat a growing backlash from regulators, legislators and consumers over the peddling of private customer information to outside companies.

Late Thursday, a congressional committee dealt a setback to banks by voting to add new privacy protections to a sweeping financial-modernization bill.

And on Wednesday, the Minnesota attorney general sued U.S. Bancorp for selling customer information to a telemarketer accused of deceptive practices.

Earlier this week, the nation’s top banking regulator, John D. Hawke Jr., called such telemarketing deals “seamy.”

“Consumers feel that their personal information is out of their control,” said Beth Givens, project director of the Privacy Rights Clearinghouse, a San Diego consumer group. “And they want the control back.”

Bank of America--the nation’s largest bank with 30 million customers--said its new policy was partly in response to customer complaints about its previous practice of disclosing such personal information as telephone numbers, Social Security numbers and bank accounts numbers to outside companies.

“We’ve listened to our customers regarding third-party marketers, and we are moving as quickly as possible to put these additional measures in place,” said Bank of America President Ken Lewis.

Despite the new bank policies, customers expressed outrage Friday that their personal information had been sold or shared without their consent.

“How dare they?” said Linda Kay, a Bank of America customer from Hollywood. “I’m not surprised that companies would want this kind of information, but I was stunned by what [the bank was] giving out.”

Most banks allow customers to block their personal information from being shared with marketers or with affiliates by calling or writing and requesting to “opt out” of future offers.

Consumer advocates welcomed the changes, but called for tougher, clearer privacy policies.

“It’s a good first step, but they need to go further,” said Ed Mierzwinski, consumer program director at U.S. Public Interest Research Group.

Givens said banks should never disclose customer information to an outside company or affiliate unless they first receive permission from the customer.

Under Bank of America’s new policy, the bank will continue to work with outside marketing companies, but in the future, all product offers--whether they come from Bank of America or an outside company--will be handled internally by the bank, according to Pat Phillips, president of the bank’s card services. That way, he said, customer information will remain confidential unless the customer responds to the offer.

“This puts customers in the driver’s seat,” Phillips said.

To implement the new policy, Bank of America will be modifying or terminating existing contracts with outside firms, including an agreement with MemberWorks, the telemarketer involved in the U.S. Bancorp lawsuit.

Under the bank’s previous policy, Bank of America shared customers’ names, addresses, phone numbers, Social Security numbers and other personal information with third-party companies, which were allowed to make offers directly to customers. In some cases, the bank--which collected a percentage of every sale--also disclosed information about customers’ account numbers, which enabled outside firms to automatically debit or charge customer accounts.

California regulators expressed concern Friday about the disclosure of account numbers and Social Security numbers.

“What’s the purpose of that?” asked Herschel Elkins, senior assistant attorney general for California. He said the state was also concerned to learn that some California banks had been working with MemberWorks, which was accused in Minnesota of misleading consumers and charging customers for services they did not request.

Union Bank of California said Thursday that it had suspended its contract with MemberWorks. Officials at Wells Fargo said they did not know if MemberWorks was among its vendors.

Officials at MemberWorks did not return phone calls.

All of the banks said they do not believe their information-sharing arrangements violated any laws.

The banks also said they would continue to share customer data with their own affiliates and subsidiaries, when required by law, or with certain service providers, such as credit card-processing companies or check printers.