Center for Policy Alternatives
CPA - Header Photo

Financial Privacy

Almost nine million Americans were victims of identity theft in 2006, at a cost of $56.6 billion.1
Between July and December of 2004 alone, 3.6 million households were victims of identity theft.2 According to a report commissioned by the First Data Corporation, 6.8 percent of adults have been victims of some sort of identity theft, including credit card or bank account fraud, or the creation of new accounts using the victim’s personal information.3 The average victim lost $6,383 and spent 40 hours to resolve the problem.4
Financial institutions routinely share private information about their customers, but Americans are largely unaware of the practice.
Seventy-three percent of Americans believe that banks are barred by law from selling personal information without expressed permission.5 Those Americans are wrong—financial institutions routinely sell private information about their customers.
The sharing of private information makes individuals vulnerable to identity theft.
Easy access to private financial information leads to identity theft. For example, when Charter Pacific Bank sold 3.6 million valid credit card numbers and transaction records without customers’ consent, the result was $44 million in fraudulent charges for Internet pornography.6
The sharing of private information results in unwanted marketing and consumer profiling.
When financial institutions sell information about clients, those clients are harassed with calls and letters for unwanted services. More insidious is the danger that private information will be used to compile data “profiles” that can be used by marketers to determine prices for goods and services to individual customers. For example, individuals who are profiled—including those with spotless credit records—may be assessed higher interest rates based on financial information that is not included on credit reports.7
Federal law makes it easy for companies to legally sell customers’ private financial information.
Federal law allows financial institutions to share their customers’ nonpublic account information with nonaffiliated companies if they give customers the opportunity to “opt out” of this information sharing. In other words, customers lose their privacy unless they affirmatively sign and return a notice. These “opt out” notices are easily mistaken for junk mail, and are often written in confusing language that encourages customers to take no action, thus allowing their information to be shared.
States are permitted to regulate the transfer of information from financial institutions to nonaffiliated companies.
The financial services industry argues that the Fair and Accurate Credit Transactions Act (FACTA), signed into law by President Bush in December 2003, preempts state financial privacy laws—but that is not true. In 2005, the federal Ninth Circuit Court of Appeals upheld the “opt in” provision of the California Financial Information Privacy Act that requires companies to ask for their customers’ explicit written permission before sharing or selling private information with nonaffiliated businesses.8
States are acting to protect consumer financial privacy and reduce the incidence of identity theft.
While California’s law is the most comprehensive, nine other states (AK, CT, IL, LA, ME, MD, NM, ND, VT) have enacted similar financial privacy “opt in” laws.
Financial privacy legislation has strong support among liberals and conservatives.
Sixty percent of Americans believe that banks and credit card companies pose the greatest threat to personal privacy. Eighty-two percent believe that the right to privacy has been lost or is under serious attack. Eighty-three percent have a negative view of companies collecting personal information about individuals, including what they buy, credit histories, and income. Concern about privacy spans the ideological spectrum—68 percent of conservatives and 69 percent of liberals want the government to do more to address personal privacy issues.9

This policy summary relies in large part on information from U.S. PIRG and Consumers Union.

Endnotes
  1. Better Business Bureau and Javelin Strategy & Research, “Update to the Federal Trade Commission’s Identity Theft Survey Report,” January 2006.
  2. U.S. Department of Justice, “3.6 Million U.S. Households Learned They Were Identity Theft Victims During a Six Month Period in 2004,” April 2006.
  3. First Data Corporation, “New Identity Theft Survey Reveals Latest Count of Victims, Need for Greater Protection,” May 17, 2005.
  4. “Update to the Federal Trade Commission’s Identity Theft Survey Report.”
  5. Joseph Turow, Lauren Feldman, and Kimberly Meltzer, “Open to Exploitation: American Shoppers Online and Offline,” Annenberg Public Policy Center of the University of Pennsylvania, June 1, 2005.
  6. Congressional Testimony by Edmund Mierzwinski, Consumer Program Director, U.S. Public Interest Research Group, to Senate Banking, Housing and Urban Affairs Committee, June 26, 2003.
  7. Ibid.
  8. American Bankers Association v. Gould, 412 F.3d 1081 (9th Cir. 2005) (Only the sharing-with-affiliates provision was struck down following remand to the U.S. District Court).
  9. CBS News/New York Times, “Poll: Privacy Rights Under Attack,” October 2, 2005.
Updates