Bill Would Curb Banks’ Data Sharing

Leading Democratic lawmakers have reached agreement on legislation that would give California consumers the power to prevent banks from selling or trading their personal information.

The compromise by Sen. Jackie Speier (D-Hillsborough) and Assemblyman Joe Nation (D-San Rafael), who had pushed rival protection plans, could pave the way for lawmakers to put a privacy bill on the desk of Gov. Gray Davis before the Legislature adjourns at month’s end. Davis pledged in his State of the State address to sign a privacy bill this year.

“If you do not want your information shared, sold or otherwise used, you have that right,” Nation said.

Banks, insurers, credit card companies and other financial services firms, however, remain firmly opposed to the new measure, and the lawmakers acknowledged that they still lack the votes to get it through the Assembly.

“They are a very powerful force in this building,” Speier said of the financial firms’ clout in the state Capitol.

A recent federal law that broke down some of the traditional barriers between financial institutions in hopes of creating a more vibrant marketplace of services already requires banks and other firms to let consumers “opt out” of having their information shared or sold.

But the federal law does not cover much of the information sharing within huge conglomerates, which has become increasingly common because of consolidation. And the cumbersome notices now being sent out have been widely criticized by consumer groups, which contend that the notices are intentionally misleading and designed to end up in the wastebasket.

The compromise bill, SB 773, would increase privacy protections by requiring firms to send consumers simple, clearly written notices--not the legalese now favored by banks and insurers, which she said requires a graduate degree to comprehend. The notices would have to be approved by the attorney general’s office.

If a firm wanted to share a California customer’s financial information within the “family of companies” in its corporate umbrella, or with another firm, it would have to first send that customer the state-sanctioned opt-out notice.

And if a firm wanted to share a customer’s information with a third party for non-financial purposes, it would first have to obtain the customer’s written consent--a stricter, “opt-in” standard. The bill also increases penalties for identity theft, the growing crime of stealing a person’s financial information. Consumer and privacy-rights groups, which have been pushing for tougher protections on financial data for several years, lauded the compromise measure as a significant step forward.

“No one should have their personal financial information, their credit card numbers, their spending habits, sold to the highest bidder without their consent,” said Betsy Imholz of Consumers Union.