Feds push for improved privacy notices

Computerworld - Federal regulators today released a prototype privacy notice designed to make it easier for consumers to read about, understand and compare the privacy practices of banks and other financial institutions.

The simplified notice is part of a 365-page interagency report (download PDF) summarizing the first phase of a research effort launched in September 2004 to develop alternatives to today’s lengthy, dense and complex notices.

The report, by Washington-based Kleimann Communication Group, was commissioned by the Federal Trade Commission, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corp., the National Credit Union Administration, the Office of the Comptroller of Currency and the Securities and Exchange Commission. All of the agencies are responsible for enforcing the provisions of the Gramm-Leach Bliley Act of 1999.

The six agencies, together with the Office of Thrift Supervision, will fund a second phase of the project where the effectiveness of the prototype will be tested against a larger consumer base. “The agencies have deferred consideration of policy action with respect to financial privacy notices until the next phase of consumer testing is completed,” the regulators said in a statement today.

Loretta Garrison, an attorney with the FTC’s bureau of consumer protection, said the prototype was developed using consumer research gathered by Kleimann.

“What we’ve released is the result of the first phase of our research work,” Garrison said. “Essentially, what it was about was exploring in depth how consumers read notices and process complex information to develop a notice that was simpler and easier ... to understand and use.”

The prototype notice is intended for use by any financial institution and features four separate components. One explains in clear terms who the notice is from and informs the consumer that his personal information is being collected and used. Another component provides basic information about sharing practices in the financial industry, the kind of information collected and the laws governing any sharing.

A disclosure table outlines the seven basic reasons why a financial institution can share information, what each bank’s specific policies are in this regard and what consumers can do in terms of controlling such sharing. According to Garrison, such a table makes it easier for a consumer to compare privacy practices across different companies. An opt-out form allows consumers to opt out of sharing specific pieces of their information.

The prototype notice also features a so-called secondary frame that contains answers to frequently answered questions and provides more detailed -- and legally required -- information under Gramm-Leach Bliley.