The Gramm-Leach-Bliley Act is not working to protect consumers from the misuse of their financial information, says Mike Hatch, the attorney general of Minnesota.
“The act has confused consumers, provided a green light to the unauthorized sharing of personal financial data as part of misleading telemarketing campaigns and is riddled with loopholes that exempt many business practices from any control,” Hatch said during a Senate Banking Committee hearing on privacy last week.
But John Dugan, an attorney representing the Washington-based Financial Services Coordinating Council disagreed, arguing that GLB strikes the right balance between protecting the privacy interests of consumers and preserving the clear consumer benefits from the free flow of information in the economy.
Members of FSCC include the American Council of Life Insurers, the American Insurance Association, the Securities Industry Association and the American Bankers Association, all of Washington.
In his testimony, Hatch said GLB, which allows consumers to opt out of certain types of information sharing by financial institutions, is ineffective in protecting privacy.
Consumers, he said, face the burden of looking for privacy notices, reading and understanding them, and then taking affirmative action to halt the sharing of their personal information with third parties that are not affiliated with their financial institutions.
“This system is contrary to how consumers act in the marketplace and what consumers expect from government efforts to remedy the imbalance of power in the marketplace,” Hatch said.
Indeed, he said, even the most educated and persistent consumer would have a hard time deciphering statements in the opt-out notices sent to them by their financial institutions.
“The ineffectiveness of the notice and opt-out procedure has been thoroughly documented,” Hatch said.
He noted that states have tried to enact protections that go beyond those of GLB, but these efforts have been strongly opposed by the financial services industry.
Nonetheless, Hatch said, state privacy bills continue to advance in state legislatures.
The Minnesota Senate, for example, has passed an opt-in bill, he said, but noted that some are trying to revise GLB in a way that would preempt state action to strengthen privacy protection.
That, he said, would be the death knell of meaningful reform.
Dugan noted that opt-out rates among consumers have generally been low. But this does not mean that GLB is not working, he insisted.
Rather, Dugan said, FSCC members believe the low opt-out rates demonstrate that consumers trust their financial institutions to share information in an appropriate way, or that consumers are less sensitive to privacy concerns than has been suggested.
He acknowledged that privacy notices can be improved. The problem, Dugan said, is that the notices must use legalistic terms suggested by the GLB regulations.
Still, he said, FSCC is working on a short-form notice, which is a difficult project considering that institutions have different privacy practices that call for different types of disclosures.
Regarding state privacy protections, Dugan said that while there was a rush of activity in the wake of GLBs passage, the focus has diminished considerably over time.
FSCC, he said, believes this is due to an increased understanding that the GLB protections are substantial. In addition, Dugan said, states realize that it is not as easy as it first seems to adopt financial privacy restrictions without also causing unintended consequences that increase costs and deprive consumers of real benefits.
Nonetheless, Dugan said, any new financial privacy legislation should include a federal preemption to ensure a uniform national privacy standard.
Reproduced from National Underwriter Life & Health/Financial Services Edition, September 30, 2002. Copyright 2002 by The National Underwriter Company in the serial publication. All rights reserved.Copyright in this article as an independent work may be held by the author.