Although providers of online financial services and others are
taking steps to comply with new privacy laws, confusion over the Gramm-Leach-Bliley
Act extends to companies affected by the legislation and to the government agencies
enforcing it.
Meanwhile, privacy advocates say the law, also known as the Financial Services
Modernization Act of 1999, is actually a threat to privacy because companies
will now be more likely than ever to share information about consumers.
"The law is very weak," said Chris Hoofnagle, legislative counsel at the
Electronic Privacy Information Center (EPIC).
"It's not a privacy law. It's mainly a bank-insurance-brokerage house
consolidation package."
A D V E R T I S E M E N T
|
Broad Law
The Act, which took effect on July 1st, allows mergers between banks, insurers
and brokerages, but also requires a wide range of companies to notify consumers
of their information collecting and sharing practices, according to
U.S. Bureau of Consumer
Protection attorney Loretta Garrison.
"Because the law is fairly broad in the financial activities it covers,
there are a lot of companies that don't realize they're a financial
institution or financial services provider under this law," Garrison
told NewsFactor Network.
"We've been inundated by a wide variety of businesses trying to find out what they
need to do."
Garrison said lending, exchanging, trusting, investing for others, safeguarding,
insuring and providing financial investment or economic advising services
are all referred to as financial activities under the law.
A Federal Trade Commission (FTC) official
told NewsFactor that the law also requires enforcement by as many as seven
different federal agencies as well as every state attorney general,
because state-regulated insurance companies are also covered.
Privacy Pop-Ups
Response to the law has varied among large Internet providers of financial
information, though nearly all have taken some steps to comply.
Companies such as Yahoo! and AOL Time Warner recently notified online
financial services customers of their privacy policies with pop-up ads,
which automatically display information on the screens of Web site visitors.
Microsoft's MSN MoneyCentral updated its existing privacy policy to comply.
In addition to e-mail and other electronic notices, consumers can expect
to receive an average of 15 postal mail notices from insurers, brokerages
and other companies, according to EPIC's Hoofnagle.
Meant For Mergers
While legal experts urged all financial services companies to comply with the
act to be safe, Hoofnagle told NewsFactor he expects few companies will be
prosecuted.
"I think it's unlikely to see enforcement except where there are clear violations
of the act," he told NewsFactor.
Hoofnagle said the law protects information only from third-party, non-affiliated
sources -- allowing banks, brokerages and insurers to share consumer information
if they are affiliated.
"They don't need to go outside to non-affiliated sources," Hoofnagle said. "It's difficult
to find a third party, given the conglomerates of today. This provides no protection
for sharing within the corporate family or corporate umbrella."
Garrison agreed that the basic law of the Financial Services Modernization Act of 1999
was to allow banks and brokerages to merge, but said that "whenever there is disclosure
outside the exceptions, such as a third-party marketer, that company needs to
provide an opt-out notice."
July 17, 2001
See more news
Front Page
Talkback: 
Study: Online B2B Efforts Growing Slowly but Steadily
