Why the Financial Privacy Law is Better than People Think Professor Peter P. Swire Ohio State University University of Minnesota Symposium February 9,

Slides:

Advertisements

Similar presentations

Consumer Protection Laws Dino Tsibouris (614)

Advertisements

The Future of Internet Banking By Michael Skiscim.

Medical Privacy in a Broader Privacy Context Professor Peter P. Swire George Washington Law School Former Chief Counselor for Privacy, U.S. Govt. HIPAA.

The United States, Privacy, and Data Protection Peter P. Swire Dutch Embassy Presentation January 19, 2001.

Privacy and the Internet Professor Peter P. Swire Ohio State University National Press Foundation February 14, 2001.

The Chief Privacy Officer for the U.S. Government Professor Peter P. Swire Ohio State University Visiting, George Washington University Privacy Officers.

Reflections on the White House Privacy Office Peter P. Swire U.S. Chief Counselor for Privacy, OSU College of Law, 2001-present CFP, March 8,

Is Confidentiality in Banking Outdated? Peter P. Swire Chief Counselor for Privacy United States Government.

HIPAA In Relation to Other Federal Laws Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP Glasser LegalWorks/HIPAA Conference.

Finding the Best of the Imperfect Alternatives for Privacy, Health IT, and Cybersecurity Peter Swire Moritz College of Law Wisconsin Symposium in Honor.

Research and Privacy Under HIPAA Professor Peter P. Swire Moritz College of Law Ohio State University National Academy of Science Panel on Science, Technology.

The Role of the Federal Government in Privacy Policy Professor Peter P. Swire The Ohio State University Center for American Progress The Privacy Symposium,

Online Profiling and Consumer Choice Peter P. Swire Center for American Progress Ohio State University ATL Hill Briefing April 28, 2008.

Mental Health Issues & Information Sharing Professor Peter P. Swire The Ohio State University NAAG Task Force on School Safety July 5, 2007.

Reflections on the White House Privacy Office Peter P. Swire Ohio State University Center for American Progress N.C. State Privacy Day January 29, 2008.

Lessons for Biometrics from SSNs & Identity Fraud Peter P. Swire Ohio State University National Academy of Sciences March 15, 2005.

The Need for Government-Wide Privacy Policy Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster, LLP DHS Privacy Advisory Committee.

The Strategy of Using Security to Protect Privacy Peter P. Swire Ohio State University Consultant, Morrison & Foerster, LLP Data Protection Commissioner.

What is the Obama Administrations Consumer Financial Protection Agency? The Consumer Financial Protection Agency, or CFPA, is a newly proposed independent.

Yukiko Ko Binding Corporate Rules – Global Implications Conference on Cross Border Data Flows and Privacy October 16, 2007.

1 Health Insurance Portability and Accountability Act of 1996 IS&C Expo October 16 & 17, 2002 John Wagner Governor’s Office of Technology.

Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.

© 2004 Property Casualty Insurers Association of America The Alphabet of Federal Legislation Kathleen Jensen Property and Casualty Insurers Association.

PRIVACY A Consumer Reporting Agency Perspective. Collect and Sell Information on People Credit Bureaus – Equifax, Experian & TransUnion – are CRA’s But.

REGULATION AND OPPORTUNITY JAY W. COAKLEY COAKLEY STRATEGIC SOLUTIONS LLC Overdraft Income.

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology

RISK MANAGEMENT FOR ENTERPRISES AND INDIVIDUALS Chapter 6 The Insurance Solution and Institutions.

Disclaimer This Presentation is provided “as is” without any express or implied warranty. This Presentation is for educational purposes only and does not.

© 2012 Cengage Learning. The Principal–Broker Relationship: Agency Chapter 20.

HIPAA Health Insurance Portability & Accountability Act of 1996.

Electronic Health Care Payments Eighth National HIPAA Summit Baltimore March 8, 2004 Peter Barry

©OnCourse Learning. All Rights Reserved.. The Principal–Broker Relationship: Agency ©OnCourse Learning. All Rights Reserved. Chapter 11.

REGULATION OF INTERNATIONAL REMITTANCES AND CENTRAL BANKS’ CO-OPERATION ON CROSS BORDER MOBILE PAYMENTS: FOCUS ON THE WEST AFRICAN MONETARY ZONE (WAMZ))

Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University

Citi REO Strategy & Community Relations September 15, 2009.

Four tips to mitigate Mobile fraud in the future.

Competition-Enhancing Enforcement in Privacy: A Remedy for the Anti-Privacy Market Chris Jay Hoofnagle Director, Information Privacy Programs UC Berkeley.

The Financial System Chapter 16.

“Privacy and the Future of Justice Statistics” Peter P. Swire Chief Counselor for Privacy OMB/OIRA National Conf.on Privacy, Technology & Criminal Justice.

Outsourcing Louis P. Piergeti VP, IIROC March 29, 2011.

HIPAA PRIVACY AND SECURITY AWARENESS.

Track II: Introduction and Overview of Financial Services and Information Technology Privacy Policy: Synthesizing Financial Services Industry Privacy David.

Bank On It 1. 2 Purpose Bank On It : Is an overview of banking services. Will help you build a positive relationship with banks, thrifts, and credit unions.

How Can We Deal with Risks from the Internet: Why Privacy Legislation Is Hot Right Now Professor Peter Swire Ohio State University/Center for American.

Investment Funds Conference “Collective Investment Funds in the Qatar Financial Centre – Confidence and Opportunity” November 26-27, 2007 Michael Webb.

Copyright 2010, The World Bank Group. All Rights Reserved. 1 GOVERNMENT FINANCE STATISTICS COVERAGE OF THE GFS SYSTEM Part 1 This lecture defines the concept.

Sharing Information With Affiliates and Third Parties F. Jay Meyer Vice President & Senior Counsel TD Bank, N.A. Portland, Maine.

Delineation Between General Government And Public Corporations Delineation Between General Government And Public Corporations Presentation Points IMF Statistics.

Lecture 2: Financial Markets and Institutions Financial Management.

© Grant Thornton LLP. All rights reserved. FASB Statement 157: Fair Value Issues Impacting Financial Services Webcast Wednesday, February 27 th, 2008 The.

Chapter 3 Banks and Other Financial Institutions © 2003 John Wiley and Sons.

Student Financial Assistance. Session 55-2 Session 55 Internet Privacy Laws.

CIBC Global Services © 2006, Echoworx Corporation Ubiquity of Security Compliance and Content Management Stephen Dodd Director – Enterprise Accounts.

© South-Western Publishing Slide 1 NEGOTIABLE INSTRUMENTS Types of Negotiable Instruments Presenting Checks for Payment Processing.

The Protection of Personal Information Bill 13 February

TODAY’S AGENDA 1.Budgeting Project review- they are due electronically tomorrow 2.Budgeting Quiz (DVD) and test questions afterwards 3.Ch. 10 Baking 4.Ch.

Rev August 2015 Privacy Policy Form FACTS What does Lyxor Asset Management SAS do with your personal information? Why? Lyxor Asset Management SAS maintains.

Laws and Regulations. Family Educational Rights and Privacy Act Children’s Online Privacy Protection Act Protection of Pupil Rights Amendment Health Insurance.

1 HIPAA’s Impact on Depository Financial Institutions 2 nd National Medical Banking Institute Rick Morrison, CEO Remettra, Inc.

Measurement of Production of Financial Institutions

Private Placement Regime in Japan

North Carolina Law Review Symposium

"Praise Temple Ministries" Privacy Statement "Praise Temple Ministries" is highly sensitive to the privacy interests of consumers and believes that the.

Eastern Mediterranean University

Current Privacy Issues That May Affect Your Credit Union

Electronic Services from a School's Perspective PESC Annual Conference on Standards in Higher Education Judith Nemerovski Flink Director of Student Financial.

Presentation transcript:

Why the Financial Privacy Law is Better than People Think Professor Peter P. Swire Ohio State University University of Minnesota Symposium February 9, 2002

Overview of the Talk n The Critiques of Gramm-Leach-Bliley n In praise of GLB n Two needed improvements: – Repeal the joint marketing exception – Better notice n Conclusion

Background n My experience as banking law and cyberlaw professor n Chief Counselor for Privacy, as GLB was enacted n Regs promulgated & Administration proposed stronger privacy protections n History of this in the paper

I. The Critiques n Industry critique – Expensive to comply – Accomplishes little n Privacy advocate critique – Illusion of privacy protection – Accomplishes little n My view: GLB privacy a flawed but significantly positive step

II. In Praise of GLB n Look at Fair Information Practices n Notice – Yes for affiliates and third parties – Fin. Institution responsible for stricter promises n Choice/Limit Secondary Use – Limits on transfer of account numbers – Opt out for 3d parties – But, key weaknesses

Fair Information Practices (cont.) n Access – Yes, in practice (you see your bank balance) n Security – Yes, in practice – New standards under GLB n Enforcement – Yes, up to $1 million/day and bank examinations

In Praise of GLB n Notice, choice, access, security, enforcement n Broad definition of covered financial institutions n State laws can be stricter – An engine for continued change – Possible state tort & contract suits

II. Secondary Use, Joint Marketing, and Affiliate Sharing n Fair information principles – Expect primary use of information, such as to process my checks – Dont expect secondary use of information, such as to tell my boss about my checks n GLB adopts formal approach – If crosses corporate boundary, more likely to be secondary use triggering choice

Some transfers arent secondary use n Principal/agent is OK – On behalf of the principal – Principal must assure confidentiality – Efficient -- allows principal to choose in-house or independent contractor for printing the checks

Joint marketing exception n Weak limit on secondary use – To any financial institution n Definition is broad – Notice to consumers n Notice is vague – Contractual promise of confidentiality n Enforcement not clear n Recipient can use it for any purpose

Joint marketing exception n Bait and switch n Promised as solution for small banks – Citi sells insurance & mutual funds through affiliates – Smallville Bank uses outside firms for that – Political demands for parity for Smallville Bank

The Bait and Switch n Chase uses joint marketing n 30 of 44 major online banks use it n Target.com as an example of the blending of retail and financial services:

Target.com: We may enter into agreements with other institutions to market products or services jointly between us … We may need to give a financial institution partner the following types of information: Identification and contact information (for example, name, address, and telephone number). Account transaction and experience information (for example, balance, purchase, and payment information).

Solutions on Joint Marketing n Repeal it. – Clinton Administration supported this. n Create a true small institution exception – We do this for other rules in financial services – Would not apply to large financial institutions who have the large and sensitive databases

III. Notices n Industry critique – Over 1 billion notices – Opt outs <5% – Many trees gave their lives for no purpose

Privacy Critique n Rep. LaFalce: Most financial institutions have employed dense, misleading statements and confusing, cumbersome procedures to prevent consumers from opting out. n College-level prose n Hard to compare institutions n Hard to opt out

Why Notices are Surprisingly Good n They help stop egregious practices – The history of U.S. Bank and the rest – Promises now legally enforceable n The biggest effect -- internal changes – Know your practices requirement – Chief privacy officers – Upgrade IT systems – Employees learn that privacy is part of their job description

Better Notices n Plain English notices on top – Proxy cards -- short, simple, action-oriented n Detailed notices about internal policies – Bank examinations to the detailed policies – Institutions are bound by the details – Can supplement disclosure requirements over time n Support for the 2-tiered approach at recent agency hearing

Concluding Thoughts n GLB is better at fair information practices than most have realized n Broad coverage n State laws and dynamic for updating n Thwarts egregious practices n Pushes internal procedures for improvement n In short, far more than many have seen