NU Online News Service, May 7, 11:05 a.m. — Washington
Life insurance companies are strongly opposing an Internet privacy bill that they say could effectively destroy online sales of insurance.
The legislation, S. 2201, was introduced by Senate Commerce Committee Chairman Ernest F. Hollings, D-S.C., and could be “marked up” — voted on by the committee — as early as the week of May 11.
The legislation would establish strict rules governing the collection and disclosure of “sensitive” personal information?including name, address, phone number, health, race, political party, religious belief, sexual orientation, Social Security number or financial data?by Internet service providers or operators of commercial Web sites.
Under S. 2201, Internet service providers and commercial Web site operators would be barred from collecting or disclosing personal information from users unless they provide “clear and conspicuous notice” to the users.
Providers and Web site operators would have to obtain the users’ consent before collecting and disclosing information about health, race, and other “sensitive” issues.
In addition, S. 2201 requires providers and operators to give users “robust” notice of the opportunity to opt-out of information gathering and to give users access to all the personal information about them.
The legislation would allow private lawsuits against providers and operators for violations of the act, in addition to vesting the states and the Federal Trade Commission with enforcement authority.
In recent testimony before the Commerce Committee, John C. Dugan, an attorney representing the Financial Services Coordinating Council, Washington, said S. 2201 would have a disproportionate impact on financial institutions.
In effect, he said, the legislation creates an opt-in standard for sensitive information. While this is not an issue for most types of businesses, Dugan said, it is central to the business of insurance companies, banks and securities firms.
By restricting any use of personal information by the financial institution, he said, the legislation creates a new and unnecessary roadblock between all companies and their customers.
Dugan contrasted S. 2201 with the Gramm-Leach-Bliley Act’s privacy provisions. The GLB provisions, he said, apply only to disclosures.
Since the S. 2201 provisions also apply to use, it would in effect require financial institutions to contact customers and obtain permission before engaging in core business activities involving personal information, Dugan said.
This would amount to a de facto prohibition on responsible information sharing by financial institutions that benefits customers, he said.
Dugan added that the private right of action provision would lead to abusive class-action lawsuits against financial institutions.
Indeed, he said, because financial institutions handle sensitive information as part of their core business, they would become the new target of choice for the plaintiffs’ bar.
“This is both unfair and unnecessary,” Dugan said.
He said that unlike most online businesses, financial institutions are already heavily regulated, and regulators have broad powers to punish violations of the law.
Members of the FSCC include the American Council of Life Insurers, the American Insurance Association, the American Bankers Association and the Securities Industry Association, all of Washington.