60 Pages Posted: 6 Jan 2003
The financial privacy law passed by Congress in 1999 has been the target of scathing criticism. Financial institutions have complained about the high costs of the billions of notices sent to consumers, apparently to widespread consumer indifference. On the other side, privacy advocates have condemned the law as woefully weak.
Part III looks at the most hotly contested issue in the privacy debate, the rules for sharing personal information with affiliated entities and third parties. GLB establishes a basic rule that information can flow freely within a financial institution and to its affiliates. Customer choice - an opt out ability to prevent sharing - applies for transfers to non-affiliated companies. The article argues that an exception to that principle of customer choice, the "joint marketing exception" should be repealed. It then explores the knotty issue of how to handle data sharing in today's vast financial conglomerates, suggesting possible statutory modifications.
Part IV looks at the much-maligned notices that financial institutions have sent out in compliance with GLB. The critics have accurately complained about the legalistic and detailed language in the current notices. The critics have largely overlooked, however, important benefits from these notices. Publication of the notices and the new legal obligation to comply with them have forced financial institutions to engage in considerable self-scrutiny of their data handling practices. Many firms have hired a Chief Privacy Officer or made other institutional changes. The current notices, even in their imperfect form, have reduced the risk of egregious privacy practices. And improved notices, with a plain-language short form on top, would enhance accountability while also communicating far more clearly with ordinary customers.
In short, there are surprising merits of the GLB privacy provisions. Considerably more was accomplished in the Act than observers would have predicted in the spring of 1999 or than critics have recognized to date. Important flaws do exist, but specific and achievable changes in the statute and implementing regulation can go far toward reducing the magnitude of those flaws.
Keywords: financial services, banking regulation, privacy, Gramm-Leach-Bliley, financial privacy
JEL Classification: D18, D72, D78, D82, K22, K23
Suggested Citation: Suggested Citation