Financial Privacy Rules Seen as Just Beginning of Fight
New U.S. financial privacy rules that took effect Sunday mark a milestone for the financial industry and consumers, but they are by no means the final word in the heated privacy debate.
Sunday was the deadline for U.S. banks, brokers, insurers and a host of other companies providing financial services to be in compliance with new privacy protections included in a landmark 1999 banking law.
The law for the first time requires financial firms to tell customers how their personal information is collected and used, and allow them to block some of it--such as account balances, account numbers or spending records--from being sold to outside companies, including telemarketers.
To meet those mandates, financial firms have for months been sending out a flood of mailings--estimates range from 500 million to a billion in all--detailing their privacy policies and their customers’ new “opt-out” rights.
The rules had been scheduled to kick in last November, but regulators decided the industry needed more time to comply.
“At this point we’re generally very pleased with the industry’s response,” said John Byrne, senior counsel at the American Bankers Assn. Still, he said, “For most of us, it’s just beginning.”
In part, that’s because banks and others will now have to send out new privacy notices every year and keep track of customers who choose to opt out.
The Sunday deadline did not apply to consumers, who may exercise their new opt-out rights at any time, generally through a return mailing or a call to a toll-free number. If they do not, they are assumed to agree to the dissemination of their data.
The industry effort has drawn sharp reaction from consumer groups and some lawmakers, who say the notices have generally been legalistic and hard to understand. Some critics are pressing for far tougher curbs on the sharing of financial data.
“Unfortunately, what the law has done is create a great deal of cynicism in the minds of a lot of Americans, because they now understand it doesn’t allow them to protect some of their most important financial information,” said Travis Plunkett, legislative director for the Consumer Federation of America.
“We think it is a glance in the right direction, but it needs to be improved dramatically,” he said.
Critics say the curbs also should apply to information shared within increasingly diversified conglomerates. For example, they would block a bank from sharing information about its clients with a brokerage unit owned by the same parent.
Some consumer advocates also say the onus should be on companies to get customers’ explicit consent before releasing personal data.
Industry groups say that’s unworkable, would snarl millions of routine transactions such as loan processing and would cost consumers money in the end. They have fiercely--and so far, successfully--fought tougher laws in Congress and at the state level.
“Anyone trying to push through legislation today is doing it for purely political reasons, because we don’t even know how this current law is going to work out yet,” the ABA’s Byrne said. He urged customers with questions about the new privacy rules to contact their financial institutions.
“The bottom line is, [now] the consumer is clearly in the driver’s seat,” he said. “Every bank is prepared to respond to the tough questions and every bank is prepared to defend their own practices.”
But the CFA’s Plunkett said growing public concern about privacy issues in an increasingly wired economy could not be held back indefinitely.
“I think it’s inevitable that in the next year or two we’re going to see stronger privacy protections at either the state or federal level,” he said.
“The financial industry has the muscle to stop laws for a while, but eventually the water is going to break the dam.”
