1 / 19

“Why the Financial Privacy Law is Better than People Think”

“Why the Financial Privacy Law is Better than People Think” . Professor Peter P. Swire Ohio State University University of Minnesota Symposium February 9, 2002 . Overview of the Talk. The Critiques of Gramm-Leach-Bliley In praise of GLB Two needed improvements:

gram
Download Presentation

“Why the Financial Privacy Law is Better than People Think”

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. “Why the Financial Privacy Law is Better than People Think” Professor Peter P. Swire Ohio State University University of Minnesota Symposium February 9, 2002

  2. Overview of the Talk • The Critiques of Gramm-Leach-Bliley • In praise of GLB • Two needed improvements: • Repeal the joint marketing exception • Better notice • Conclusion

  3. Background • My experience as banking law and cyberlaw professor • 1999 -- Chief Counselor for Privacy, as GLB was enacted • 2000 -- Regs promulgated & Administration proposed stronger privacy protections • History of this in the paper

  4. I. The Critiques • Industry critique • Expensive to comply • Accomplishes little • Privacy advocate critique • Illusion of privacy protection • Accomplishes little • My view: GLB privacy a flawed but significantly positive step

  5. II. In Praise of GLB • Look at Fair Information Practices • Notice • Yes for affiliates and third parties • Fin. Institution responsible for stricter promises • Choice/Limit Secondary Use • Limits on transfer of account numbers • Opt out for 3d parties • But, key weaknesses

  6. Fair Information Practices (cont.) • Access • Yes, in practice (you see your bank balance) • Security • Yes, in practice • New standards under GLB • Enforcement • Yes, up to $1 million/day and bank examinations

  7. In Praise of GLB • Notice, choice, access, security, enforcement • Broad definition of covered “financial institutions” • State laws can be stricter • An engine for continued change • Possible state tort & contract suits

  8. II. Secondary Use, Joint Marketing, and Affiliate Sharing • Fair information principles • Expect “primary use” of information, such as to process my checks • Don’t expect “secondary use” of information, such as to tell my boss about my checks • GLB adopts formal approach • If crosses corporate boundary, more likely to be secondary use triggering choice

  9. Some transfers aren’t secondary use • Principal/agent is OK • “On behalf of” the principal • Principal must assure confidentiality • Efficient -- allows principal to choose in-house or independent contractor for printing the checks

  10. Joint marketing exception • Weak limit on secondary use • To any “financial institution” • Definition is broad • Notice to consumers • Notice is vague • Contractual promise of confidentiality • Enforcement not clear • Recipient can use it for any purpose

  11. Joint marketing exception • Bait and switch • Promised as solution for small banks • Citi sells insurance & mutual funds through affiliates • Smallville Bank uses outside firms for that • Political demands for parity for Smallville Bank

  12. The Bait and Switch • Chase uses joint marketing • 30 of 44 major online banks use it • Target.com as an example of the blending of retail and financial services:

  13. Target.com: “We may enter into agreements with other institutions to market products or services jointly between us … We may need to give a financial institution partner the following types of information: Identification and contact information (for example, name, address, and telephone number). Account transaction and experience information (for example, balance, purchase, and payment information).”

  14. Solutions on Joint Marketing • Repeal it. • Clinton Administration supported this. • Create a true small institution exception • We do this for other rules in financial services • Would not apply to large financial institutions who have the large and sensitive databases

  15. III. Notices • Industry critique • Over 1 billion notices • Opt outs <5% • Many trees gave their lives for no purpose

  16. Privacy Critique • Rep. LaFalce: “Most financial institutions have employed dense, misleading statements and confusing, cumbersome procedures to prevent consumers from opting out.” • College-level prose • Hard to compare institutions • Hard to opt out

  17. Why Notices are Surprisingly Good • They help stop egregious practices • The history of U.S. Bank and the rest • Promises now legally enforceable • The biggest effect -- internal changes • “Know your practices” requirement • Chief privacy officers • Upgrade IT systems • Employees learn that privacy is part of their job description

  18. Better Notices • Plain English notices on top • Proxy cards -- short, simple, action-oriented • Detailed notices about internal policies • Bank examinations to the detailed policies • Institutions are bound by the details • Can supplement disclosure requirements over time • Support for the 2-tiered approach at recent agency hearing

  19. Concluding Thoughts • GLB is better at fair information practices than most have realized • Broad coverage • State laws and dynamic for updating • Thwarts egregious practices • Pushes internal procedures for improvement • In short, far more than many have seen

More Related