NU Online News Service, Sept. 24, 4:47 p.m. — Washington

The Gramm-Leach-Bliley Financial Services Modernization Act is not working to protect consumers from the misuse of their financial information, says Mike Hatch, the attorney general of Minnesota.

“The act has confused consumers, provided a green light to the unauthorized sharing of personal financial data as part of misleading telemarketing campaigns, and is riddled with loopholes that exempt many business practices from any control,” Hatch said last week during a Senate Banking Committee hearing on privacy.

But John Dugan, an attorney representing the Financial Services Coordinating Council, Washington, disagreed, arguing that GLB strikes the right balance between protecting the privacy interests of consumers and preserving the clear consumer benefits resulting from the free flow of information in the economy.

Members of FSCC include the American Council of Life Insurers, the American Insurance Association, the Securities Industry Association and the American Bankers Association, all of Washington.

In his testimony, Hatch said that GLB, which allows consumers to opt out of certain types of information sharing by financial institutions, is ineffective in protecting privacy.

Consumers, he said, face the burden of looking for privacy notices, reading and understanding the notices, then taking affirmative action to halt the sharing of their personal information with third parties that are not affiliated with their financial institutions.

“This system is contrary to how consumers act in the marketplace and what consumers expect from government efforts to remedy the imbalance of power in the marketplace,” Hatch said.

Indeed, he said, even the most educated and persistent consumer would have a hard time deciphering statements in the opt-out notices sent to them by their financial institutions.

“The ineffectiveness of the notice and opt-out procedure has been thoroughly documented,” Hatch said.

He noted that states have tried to enact protections that go beyond those of GLB, but that these efforts have been strongly opposed by the financial services industry.

Nonetheless, Hatch said, state privacy bills continue to advance in state legislatures.

The Minnesota Senate, for example, has passed an opt-in bill, he said. But Hatch said some are trying to revise GLB in a way that would preempt state efforts to strengthen privacy protection.

That, he said, would be the death knell of meaningful reform.

Dugan agreed that opt-out rates among consumers have generally been low. But the low opt-out rates do not mean that GLB is not working, he insisted.

Rather, Dugan said, FSCC members believe the low opt-out rates demonstrate that consumers trust their financial institutions to share information in an appropriate way, or that consumers are less sensitive about privacy concerns than has been suggested.

He acknowledged that privacy notices can be improved. The problem, Dugan said, is that the notices must use legalistic terms suggested by the GLB regulations.

Still, he said, FSCC is working on a short-form notice.

Developing a short-form notice is a difficult project because institutions have different privacy practices that call for different types of disclosures, Dugan said.

Regarding state privacy protections, Dugan said that, while there was a rush of activity in the wake of GLB’s passage, the focus has diminished considerably over time.

FSCC, he said, believes this is due to an increased understanding that the GLB protections are substantial. In addition, Dugan said, states realize that it is not as easy as it first seems to adopt financial privacy restrictions without also causing unintended consequences that increase costs and deprive consumers of real benefits.

Nonetheless, Dugan said, any new financial privacy legislation should include a federal preemption to ensure a uniform national privacy standard.