Banks' ability to retain their reputations as guardians of trust may depend on the evolving Internet concept of a "privacy architecture," said an International Business Machines Corp. information security expert.
Related to the more technical underpinning of a security architecture, which many corporations are building into their technology infrastructures, the privacy architecture would combine technology with a set of policies for handling and protecting sensitive personal data, said Mark Greene, IBM vice president of security, privacy, and trust.
"This is just starting. It is something that will play out over the next several years," Mr. Greene said in a speech last week to a conference sponsored by the Banking Industry Technology Secretariat and American Banker.
He said banks and perhaps other organizations stand to gain by solidifying their image as trusted parties, which in turn could help promote growth in electronic commerce. Failure to seize the initiative and be self-policing, he said, could invite counterproductive legislative meddling.
"We agree that trust is a fundamental franchise of banking," Mr. Greene told an audience of 100 at the "Securing the Future of E-Commerce" seminar. "Convey that trusted image on the issue of privacy, and you win. If you don't, you can argue that all is lost."
IBM, which has made a major commitment to security architectures and is selling a wide range of systems and services around data encryption and public key infrastructures, has become something of a privacy crusader. Mr. Greene quoted its chief executive officer, Louis Gerstner, as saying that privacy issues "grow exponentially in a digital economy with a billion connected users."
On the privacy front, IBM has supported private-sector initiatives such as TRUSTe, the Online Privacy Alliance, and the Council of Better Business Bureaus' BBBOnline program. He said these can strike an appropriate balance for protecting consumer rights on the Internet. He contended that the outcome would be far more favorable than if libertarian crusaders for absolute anonymity on the Net had their way.
The Banking Industry Technology Secretariat, a division of the Bankers Roundtable familiarly known as BITS, is trying to help banks with a related balancing act, said Chase Manhattan Corp. senior vice president Gary Roboff.
Having established themselves over time as "trusted intermediaries," he said, banks have also evolved into "intense users of information."
Chairman of the BITS research and communications steering committee, Mr. Roboff said banks must come out with "A pluses" on both aspects of their information practices. To that end, BITS is developing what it calls a "decisioning tool," a spreadsheet that banks can use to assess the impact of a given set of policy initiatives and outcomes emanating from the public or private sector.
"Most banks have not addressed their systems to understand the full range of privacy implications" on business processes, Mr. Roboff said.
"If we lose (the trust legacy), we have lost a lot as an industry," he said. "At the same time, we have to be able to use the information we have in the right ways."
Mr. Greene said the BITS program, which is to be presented to the organization's board in early April, is "a very good start."