There is no question that the privacy debate will intensify over the next few months.

The financial services industry believes that the current regulatory proposals provide adequate and appropriate consumer protection and should be given a chance to work. However, powerful forces are advocating much stricter legislation, both at the federal and state levels.

To date this "debate" has been decidedly one-sided. The industry has been slow to mobilize and ineffective in presenting an aggressive response. Consequently it has been put on the defensive.

This is an uncomfortable and untenable position. It is also unfortunate given the industry's history as a trusted guardian of customer information and the significant investments it has made to safeguard privacy.

We expect the industry to become far more engaged in this debate over the next few months. Institutions have invested heavily in complementary financial services businesses, data mining technology, and customer relationship management systems. Severe restrictions on their ability to use and share customer information with affiliated companies will lower the return on these investments.

The negative implications of additional information-sharing restrictions on the financial services industry are clear. However, most agree that this argument will have little impact on the various policymaking bodies considering more restrictive legislation.

Rather, the industry will attempt to show the consumer benefits of appropriate information sharing - better information, lower prices, tailored product solutions, and so on.

Hopefully these consumer-focused arguments will help to reshape the policy debate. Currently, however, many of these benefits are theoretical, and will be difficult to support with credible empirical data.

Weighing that fact against consistent (albeit one-sided) research showing a vast majority of consumers do not want their financial information shared with either external or internal parties, politicians are likely to take the easy road: approve tighter restrictions, regardless of the severe unintended consequences.

There is another argument that does not rely on theoretical quantitative analysis for support: Severe limitations on internal information sharing are anticompetitive and restrict consumers' right to choose.

"Privacy advocates" claim that legislation requiring customers to "opt-in" before information can be shared with affiliated parties allows consumers the ultimate choice.

While this may sound logical, it is not practical. The operational, systems, legal, and marketing costs of installing, communicating, monitoring, and enforcing an opt-in requirement would diminish and possibly destroy the consumer benefits of appropriate information sharing among affiliated companies.

More important, opt-in legislation would eliminate a critical competitive choice for many smaller banks and highly focused financial institutions that have not based their future success on extensive cross-company information sharing.

Under current regulatory proposals, these institutions could promote a "privacy pledge" to gain a competitive advantage and (if the research is even close to correct) capture significant shares of attractive markets.

At the same time large, diversified financial companies would be given the opportunity to "walk the walk" and not just "talk the talk". They would be forced to create tangible customer value as a result of their information-sharing practices in order to protect and expand their core customer franchises and maximize shareholder return.

Additional information-sharing restrictions would remove this potential competitive distinction.

This type of competition would allow consumers to decide which institutions offer the benefits that are most important to them. If we still believe that vigorous competition ultimately benefits consumers, unduly restricting individual institutions' competitive options would have significant negative implications for the market as a whole.

From a competitive perspective, opt-in legislation would not merely level the playing field; it would force all competitors to run the same play.

The competitive implication of privacy regulation is one of a number of strategic issues that financial services companies must resolve before developing extensive and expensive compliance programs. They must determine the importance of customer information sharing to the company's current and future success; identify the sources and uses of customer information today project how these will change over the next few years; and create practical contingency plans to respond quickly if new legislation is passed.

Then and only then should managers invest the resources to implement the communications, systems and training programs to comply with regulatory mandates and achieve specific business objectives.

In short, management must approach consumer privacy more as a business than a compliance issue. The business issues are complex, the regulatory situation is fluid, and the investment required potentially sizable. Consequently, managers must act now to develop proactive business plans and implementation programs to avoid making short-term decisions and investments that will have long-term negative implications.


Mr. Johannsen is the president and chief executive officer of Furash & Co., a Washington financial services consulting firm.

Subscribe Now

Access to authoritative analysis and perspective and our data-driven report series.

14-Day Free Trial

No credit card required. Complete access to articles, breaking news and industry data.