Computerworld - WASHINGTON -- In what may be more evidence of an emerging national backlash against "opt-out" financial privacy laws, California's San Mateo County this month approved a law requiring banks to get customer permission before sharing their data with third parties.
The federal Gramm-Leach-Bliley law allows financial services groups to share customer data unless the customer says no. But the law allowed states to set a tougher standard, by first requiring customer consent or "opt-in." And that's what has been happening in other locales. In June, voters in North Dakota overwhelmingly voted to tighten financial privacy laws (see story). Vermont officials have imposed similar restrictions.
Those separate actions for stronger privacy protections, from west to east, "show it is a movement across the country," said Ari Schwartz, a policy analyst at the Center for Democracy and Technology in Washington. He sees it as a signal to politicians "that this is something that people care about."
As part of the Gramm-Leach-Bliley law, customers received privacy notices explaining their rights. But the notices were criticized for being too complicated and difficult to understand.
The federal law, however, doesn't prevent states or local communities from imposing their own standards.
San Mateo County Supervisor Mike Nevin said his decision to spearhead the measure grew out of frustration with the California state legislature, which, in the face of heavy opposition from financial trade groups, failed to pass a proposal sponsored by state Sen. Jackie Speier, a Daly City Democrat, that would have required statewide opt-in rules.
"I wish the whole state and the country would have the same kind of opportunity for privacy," said Nevin. "With all the pluses that have come out of the computer and Information Age, one of the downsides is privacy."
The law, which could face a court challenge, takes effect Jan. 1, said Nevin.
Financial services groups have repeatedly opposed such measures, arguing that they will raise business costs to adapt systems that can comply with varying state and local privacy laws.
A Bank of America Corp. official said today that the San Mateo law could create problems with its ability to share information with affiliates and subsidiaries.
"Our customers don't have to worry about opting in or opting out, but even with that very strong privacy policy, we still have very deep concerns about this patchwork of laws," said Harvey Radin, a spokesman for the Charlotte, N.C.-based bank.
The San Mateo ordinance, Radin said, would prevent the sharing of customer data internally and with other lines of businesses, such as credit card operations. Adapting systems to comply with these laws, "would require a lot of additional systems infrastructure," he said.
Read more about Privacy in Computerworld's Privacy Topic Center.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
