Sectors Show United Front In On-Line Data Privacy

The banking, securities, and insurance industries are banding together to fight tighter regulation of customer data collected on- line.

Existing federal and state statutes on fair credit reporting, fraud, and information sharing among affiliates sufficiently safeguard consumers, financial industry leaders said Monday.

"We reject the notion that we aren't doing enough to protect confidential information about our customers," said John J. Byrne, senior federal legislative counsel at the American Bankers Association.

The ABA and other banking groups held a press briefing Monday with the Securities Industry Association and the American Insurance Association to warn more regulation will choke off the growth of Internet commerce.

The groups also were aiming to preempt negative publicity expected today from a Commerce Department symposium on privacy. The department plans to explore the private sector's efforts to police itself on Internet privacy protection during a forum scheduled for today and Wednesday.

Though the Clinton administration has supported the industry's request for self-regulation, recent calls for additional government controls are making private-sector executives nervous.

"We want business to lead the way, but there is a growing sense that industry is moving too slowly," said a Commerce Department spokesman. "The biggest thing keeping on-line commerce from reaching its full potential is people's feeling that privacy isn't protected."

On June 4, Federal Trade Commission Chairman Robert Pitofsky complained that "industry self-regulation simply has not worked." Treasury Under Secretary John D. Hawke Jr. also warned recently that the banking industry will face unwanted legislation unless it does a better job of protecting customer data.

The biggest fears, privacy advocates said, are that the data will be sold to outside parties without people's permission or be easily accessible to criminals.

Mr. Byrne admitted the industry has not adequately informed customers about the privacy protections that exist.

Much of the recent controversy was generated by press reports about data brokers who illegally obtained customer data from bank employees. When illegal activities occur, banks can fire employees, the government can prosecute for fraud, and individuals can sue for damages, he said.

Some privacy advocates have suggested that trade groups fine violators of industry guidelines or strip them of their membership. But Marc Rotenberg, executive director of the Electronic Privacy Information Center, said industry groups are not capable of policing members.

"They will support self-regulation right up to the point where it requires hard work," he said.

Mr. Rotenberg, who favors creation of a federal privacy regulator, said businesses should be required to get permission from customers before sharing information collected over the Internet with their affiliates. Currently, most financial services industry guidelines do the opposite - forcing customers to make a written request to "opt out" of any cross- marketing arrangements.

Industry officials also worry that they will be required to hire outside auditors to certify that they are complying with privacy standards. Those measures are expensive and unnecessary, industry officials said.

Fear of losing customers offers the best protection for confidential data. "Any firm will tell you that protecting customer privacy is just good business," said Kristen Roesser, a lobbyist for the Securities Industry Association.

For reprint and licensing requests for this article, click here.
MORE FROM AMERICAN BANKER