N.Y. Lawmakers Weigh Tougher Privacy Strictures

ALBANY - The chairman of the New York State Assembly's Insurance Committee voiced support Tuesday for toughening the privacy provisions enacted in the Gramm-Leach-Bliley Act.

Assemblyman Alexander Grannis, a Democrat, told a committee hearing filled with bankers and insurance company representatives that Congress "knew what it was doing" when it invited states to enact tougher privacy controls.

The law, enacted in November, requires financial services companies to let customers block any sharing of their information with third-party firms. However, some lawmakers and the Clinton administration wanted to take this so-called "opt out" option further by barring information sharing with affiliated companies too.

A smaller number of privacy advocates have insisted that only the data of customers who have "opted in" by giving permission should be shared.

"We can't leave it up to the consumer to wade through all of the detail and all of the opt-out forms," Mr. Grannis said. "We need to look at some sort of uniformity for all institutions to adhere to."

He said one option would be to create a standard opt-in or opt-out form for financial institutions.

The public hearing, the first of two to be held in New York this week, was hosted by four committees interested in exploring ways to safeguard consumers' financial privacy. The Gramm-Leach-Bliley Act specifically stated that states may enact tougher and more complete privacy laws. Thirty-five privacy bills are pending in 22 states.

Michael P. Smith, president of the New York Bankers Association, said the new federal law and other law and voluntary practices have created a comprehensive safety net for consumers. He said further regulation could impair progress and unintentionally hurt consumers by driving up prices and reducing efficiency.

Assemblywoman Aurelia Green, chairwoman of the Banks Committee, asked if consumers would incur extra fees and costs if given broader rights to block information sharing. Mr. Smith replied: "Anytime there is compliance there has to be cost, and opt-in would considerably increase consumer expense."

What happens in New York may well influence the actions taken in other states. Additional federal legislation is also possible.

A Clinton administration official said Tuesday that the White House still solidly supports extending the law's privacy protections to information-sharing within financial holding companies.

Peter P. Swire, the administration's chief counselor for privacy, said President Clinton would propose legislation in "the coming weeks" that would require financial institutions to give customers the chance to block, or "opt out," of data transfers to affiliates. Modern financial companies have detailed information on debit card and other consumer transactions, he said, and the sensitive data they hold will only multiply as these companies are freer to merge with other banks, securities firms, or insurance companies.

The White House settled for less extensive protections last fall as part of the dealmaking to get Gramm-Leach-Bliley enacted, Mr. Swire said, but the President vowed to fight for further measures when he signed the bill in November and in his State of the Union speech in January. "We think more should happen," Mr. Swire said at a National Community Reinvestment Coalition conference. At the hearing in Albany on Tuesday, which will be followed by a hearing in New York City on Friday, Mr. Smith said New Yorkers "should be particularly heartened by the progress our industry has made in protecting consumers' privacy."

His trade group, along with the New York Clearinghouse, recently published a set of voluntary "best practices" guidelines for privacy that are more stringent than the federal law.

Assemblywoman Audrey Pheffer, a Democrat who chairs the Consumer Affairs Committee, asked if such guidelines should be codified in federal law "so there would be some means of enforcement?" Mr. Smith said no.

"It is our hope that banks, the same institutions that established these guidelines, adhere to them, but we would oppose some of the issues in the guidelines as federal laws," he said.

For example, he said, banks are allowed to block their telemarketers' numbers from appearing on "Caller ID" on people's home telephones, but the voluntary guidelines discourage this practice.

In further testimony on behalf of the New York Bankers Association, John C. Dugan, a partner in the Washington law firm of Covington & Burling, said Gramm-Leach-Bliley "is the most extensive regime of privacy legislation, and Congress tried to strike the right balance between consumers and financial institutions."

The New York Bankers Association asked the state lawmakers to reserve judgment until November, when banks must be in compliance with the provisions of Gramm-Leach-Bliley. Mr. Dugan emphasized the large scope of implementation, saying that 40,000 institutions will be required to send an estimated 500 million mailings by Dec. 31.

The committees also heard testimony from Gillbert T. Schwartz of the Financial Services Coordinating Council, a group representing several banking, insurance and securities trade associations.

"We do not believe that additional legislation is needed at this time," said Mr. Schwartz, a partner in the law firm of Schwartz & Ballen in Washington. "Another layer of requirements at the state level could prove disruptive and confusing to consumers and financial institutions."

Dean Anason contributed to this story.

For reprint and licensing requests for this article, click here.
MORE FROM AMERICAN BANKER