Web sites have privacy policies that meet the Federal Trade Commission's five principles of fair information practice, according to a study released Tuesday by the four bank and thrift regulatory agencies.
The "Interagency Financial Institution Web Site Privacy Survey Report" also found that 100% of those banks collect some personal information from users, ranging from e-mail addresses to credit card and Social Security numbers, but only half allow users to bar the sharing of that information with the banks' affiliates or other third parties.
The survey covered 364 banks and thrifts -- the 50 largest institutions by asset size, plus 314 others selected at random -- with an on-line presence.
The news was slightly better on the issue of sharing customers' personal information with affiliates and third parties.
Under the pending financial modernization legislation, banks would be required to allow customers to opt out of information sharing with third parties, but not with the banks' own affiliates. Twenty-five of the 50 largest banks and thrifts currently offer an opt-out provision that extends not just to third parties but also to bank affiliates, but only two allow customers to exercise that choice on-line.
Fifteen institutions offer customers the option of barring their information from "secondary uses" within the bank itself, and four of those allow that choice to be made on-line.
The overall results represent an improvement over earlier surveys, indicating that bank privacy practices are evolving, said Julie L. Williams, chief counsel for the Office of the Comptroller of the Currency. "Banks are taking vigorous action to improve their policies," she said.