Many SF CUs Not Aware of Law's Effect

The San Francisco City and County Board of Supervisors passed a financial information privacy ordinance on Dec. 16, 2002, and Mayor Willie Brown signed it Dec. 20. Bit one month later many CUs remain unaware of it or mistakenly believe it doesn't apply to them.

The Credit Union Journal asked several CUs in San Francisco how they are preparing to comply with the ordinance- which goes into effect in January 2004 and requires financial institutions to give consumers "notice and meaningful choice" of how their personal information is shared or sold-only to find many were unaware of its existence.

"I don't know anything about it, but I haven't caught up with my reading lately," said one CU manager.

"I haven't heard of it before, but it sounds like it won't affect us, because we are a small credit union," said another.

Barry Kane, vice president of government affairs for Northern California branches of Patelco Credit Union, said the latter sentiment is a dangerous assumption, as small CUs often use third parties to communicate with members.

"Credit unions work in a cooperative atmosphere. And as a cooperative, there are shared ATM networks and mailing houses that mail statements," he said.

Patelco, based in San Francisco, is the third largest CU in California and 10th largest in the United States with 195,000 members and $2.6 billion in assets. Kane is based in Sacramento, where he is working with members of the state legislature to ensure a balance between the interests of consumers and financial institutions in privacy legislation.

Seeking A Good Compromise

"We are working with the California Credit Union League to find privacy policies we can live with. We want to protect our members' privacy-we have never sold information and we don't intend to-but we need to make this work for everyone," he said.

Kane said he believes the San Francisco Board of Supervisors might have passed the ordinance to push the state legislature into action. Privacy bills have been defeated in Sacramento the last two years, leaving a vacuum that some local governments have tried to fill.

"It would have been better if the Board of Supervisors had waited," he said. "Private ordinances will cause large financial institutions that operate in several cities to have to tailor themselves differently in each city."

Lynn Athens, president and CEO of Spectrum FCU, said she is aware of the new ordinance, but for now, the $92- million, 12,300-member credit union is in "wait-and-see" mode.

"There is a lot of potential out there; things are very unsure," Athens said. "There is potential for federal action, potential for state action and potential for court action."

"We have nearly a year to see what takes place," she continued. "It is obvious the state is serious about doing something, and we are following Jackie Speier's bill. When it gets closer to January, and if it looks like the (local San Francisco) ordinance really is going to go into effect, then we'll examine it closer and look at our cost of compliance."

State Bill Is Back

California State Senator Jackie Speier reintroduced privacy legislation-S.B. 1 - in the first week of January. As of press time, the bill's initial hearing was scheduled for Jan. 15.

The bill is expected to be discussed and voted on in relatively quickly before the looming debate over California's budget deficit takes over, Kane said.

Most local ordinances won't work, or will not be implemented due to numerous lawsuits, Kane believes. The Bay Area cities of San Mateo and Daly City moved the effective date of their respective local privacy ordinances from January 2003 to January 2004, and both ordinances are tied up in court.

Attorneys for the National Credit Union Administration are examining the San Francisco ordinance but declined comment when contacted by The Credit Union Journal.