WASHINGTON - Regulators on Wednesday defended their decision to delay implementing new privacy rules amid jeers from Capitol Hill.
The Treasury Department, Federal Reserve Board, and the other banking agencies were the latest to approve consumer privacy protections mandated by the Gramm-Leach-Bliley Act enacted last fall. Credit union regulators adopted similar rules Monday, and the Securities and Exchange Commission and Federal Trade Commission are expected to follow by the end of the week.
Under the rules, banks and other financial institutions must annually disclose their privacy policies and give customers the right to block, or "opt out" of, information sharing with third parties. As expected, the agencies set the effective date of the regulations for Nov. 13 but made compliance voluntary until July 1, 2001.
"I was a skeptic at first about the delay," Ellen Seidman, director of the Office of Thrift Supervision, said at the FDIC's board meeting. "But this is not just a situation where large, diversified financial institutions with complex computer systems and integration issues could have problems.
"There are other entities like small institutions that really don't quite understand that some things that they do are not exempt. It may well take them a while to figure that out."
Comptroller of the Currency John D. Hawke Jr. agreed. He said the delay enhances the Clinton administration's efforts to enact broader privacy protections because it shows that regulators are willing to work with the industry.
Several members of the Fed's Board of Governors, however, expressed reservations about the extension.
"I support [the final rule], but I think it is a bit of a close call on the question of timing," said Fed Vice Chairman Roger W. Ferguson Jr.
Governor Laurence H. Meyer asked the staff members presenting the rule if they had sought "an independent assessment of the claims of banks" that more time was needed to bring computer systems into compliance with the regulation.
Assistant General Counsel Oliver Ireland said that Fed staffers had consulted with institutions that filed comment letters, and referred to a specific letter from Citigroup that claimed a similar retooling of its systems following the merger of Citicorp and Travelers Group had taken 18 months. Mr. Ireland said the regulators' extension of the deadline was "on the short end" of what the commenters had requested.
The different rules have coincided in detail except in at least one key area: whether to send disclosure and opt-out notices to co-signers of loans. The FDIC and the National Credit Union Administration required that state-nonmember banks and credit unions send notices to co-signers and primary borrowers. The Fed and Office of the Comptroller of the Currency, however, said that state member banks and national banks only have to notify primary borrowers.
Yet lawmakers on Capitol Hill have been focused mainly on the eight-month postponement of implementation.
Rep. John J. LaFalce, the ranking Democrat on the House Banking Committee, defended the delay. He and eight fellow party members said in a letter Wednesday to regulators that it is reasonable given the complexity and strength of the rules.
Consumer activists blasted the decision. On Tuesday, a group of 16 privacy advocates, including the American Civil Liberties Union and the U.S. Public Interest Research Group, sent a letter to the major financial regulators arguing the industry has significant experience in providing disclosures and implementing opt-out policies under existing laws.
Rob Garver contributed to this article.
Editor's Note: Each link opens a new browser window. We do not control the content or availability of sites outside American Banker Online.