On Monday, the US House of Representatives debated House Resolution 5817, the amusingly named Eliminate Privacy Notice Confusion Act.
The Act would amend the Gramm-Leach-Bliley Act (GLBA) to relieve some financial institutions of some of their data privacy notification responsibilities. The amendment would not apply to data breach notification responsibilities. It would apply only to the basic annual notices describing privacy policies that financial institutions must send to customers every year, even if their privacy policies hadn't changed since the last notice. For example, it would exempt state-licensed institutions that are already subject to state privacy protection law.
Proponents for the Act say that the annual privacy notices are an unnecessary expense for financial institutions. Representative Edward Markey, a democrat from Massachusetts, disagreed. Marky participated in the passage of the original GLBA when it was passed in 1999, and claims to be partly responsible for the privacy rules that were included in GLBA then. During the proceedings about H.R. 5817 Monday, Markey warned that "There is a looming privacy catastrophe coming in this country" and criticized banks for claiming that the current rules about annual notifications are so onerous.
"The amount of information we get, at home from these banks -- massive, as you know," said Markey, in the proceedings. "You open up your mailbox every day and there's like 25 solicitations from financial institutions all across the country. They've got loads of money to do that; loads of money... but if you ask them to just provide a scintilla of information on what privacy rights they have in terms of protecting all of their family's secrets they have inside that financial information, the banks say 'Oh no, that's too expensive. We can't do that, how can you afford that?' "
After 40 minutes of discussion on Monday, the House Chair decided that they'd postpone further proceedings about H.D. 5817. In the meantime, tell us your opinions. Do you think that this Eliminate Privacy Notice Confusion Act is a necessary, legitimate measure? Do you think it's just an example of financial institutions pouting? What impact, if any, would there be on customers if they no longer received annual reminders about their data privacy rights and their financial institution's data privacy protection policies and practices? After all, this act would not eliminate breach notifications, which are surely more important.
Personally, no matter what they decide, I'd just like the notices to be typed in a font size that's large enough to read without a microscope and be slightly translated from "legalese" to English.
What does it say about an industry that is making money selling information on people that trust it enough to let them hold our money. I'm surprised that we haven't heard more about the privacy issues within banks and what they are doing with our information.
Very interesting. I think that he has a point. Banks do what they want to do. When it comes to revealing something that they have been dropping the ball on for years yes they are very reluctant. They don't want consumers to find out what is really going on with their privacy schemes. LOL! Yes I said schemes. I think that they will more than likely print it sooo small that you will need more than one magnifying glass to see it. They will not make it easy for consumers to see the dirt they are doing. Also it won't be written in English but in jargon that makes no sense and only speaks in circles.
I agree that it is absurd. The banks have tons of money when it comes to attracting new business but keeping current customers is just too expensive. We're seeing that a lot lately and I wonder if the bank execs feel that way in general. Do they not want other companies to service their account like they want to keep their business? This double standard is irritating at best. There used to be a feeling that the companies that you do business with wanted to keep your business and protect you as a customer, by telling us that we're too expensive to keep track of and that it's burdensome to inform us of their policies it doesn't make me feel wanted.
Sara, it is not surprising this happens. The "Data-Mining Industry" is stepping efforts "with the goal of preventing needless regulation or enforcement that could severely hamper consumer marketing and stifle innovation"..
Thank you! we really need good regulations, not just "Best Practices" to stop people mining data without our control.
I guess the ends justify the means @Henrisha. There's a focus on the financials here, and it actually has an impact on the end user. As these banks are all businesses it will always work in that way, for better or for worse.
Yes, it is absurd when they are only voting to end the act because of financial costs associated with having to implemented its terms. That said, maybe a modification is needed to set things in order and to make it more relevant.
I think financial insitutions instead of inundating people's mail with advertisement, should definatelly provide informaiton about their privacy rights. I think I want to know clearly how they are using my information and as you said explain it in a way that it easy to understand.
Well if the notification is through email, the argument is absurd and it shows bad intent of financial institutions. Moving forward, the regulatory authorities should perform audit of compliance with privacy laws and that too a thorough one so that privacy of customers is protected in spirit. Debating about notifications won't do good to any of us.
If the privacy rights notification is made on printed material annually, I won't support that because it is an unnecessary expense and also against the war against paper wastage. Fact is that most customers won't read it so it is an expense to the advantage of few. However, I am in favour of sending notifications through email as this won't cost much and the interested customers will be able to know their rights as well.
The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Please join us for the "IT Convergence Strategies: Why, When and How " to learn more about:
• 5 truths about infrastructure convergence today that go beyond the hype
• How to exploit the 4 phases of convergence maximum efficiency and agility
• Key milestones to plan for on the convergence journey
• Why integrated management is a critical component of convergence plans
• The importance of an open, modular approach, such as Dell’s active infrastructure, to building a converged data center
Enterprise Efficiency is looking for engaged readers to moderate the message boards on this site. Engage in high-IQ conversations with IT industry leaders; earn kudos and perks. Interested? E-mail: email@example.com
Dell's Efficiency Modeling Tool The major problem facing the CIO is how to measure the effectiveness of the IT department. Learn how Dell’s Efficiency Modeling Tool gives the CIO two clear, powerful numbers: Efficiency Quotient and Impact Quotient. These numbers can be transforma¬tive not only to the department, but to the entire enterprise. Read the full report
Now that TGen has broken new ground in genomic research by using Dell's storage, cloud, and high-performance computing solutions, the company discusses what will come next for it and for personalized medicine.
The Translational Genomics Research Institute wanted to save lives, but its efforts were hobbled by immense computing challenges related to collecting, processing, sharing, and storing enormous amounts of data.
There's a lot of hype about virtualization of networks, NaaS, and SDN, but there's a couple of proven applications that enterprises could adopt right now and potentially save money and improve operations.
Skype/Outlook UC integration means we're going to have competition and fragmentation of UC client architectures, but is that bad? Modern devices can support IM, email, voice, and video clients, so maybe it's the back end of UC we need to be worried about.
Workers are now used to portable device support throughout their everyday lives. We should be looking at the policy of providing fixed-desk devices to support stationary workers. Could portable support be smarter?
Input devices run the gamut, from the humble Missile Command-style trackball to advanced speech recognition. Unfortunately, these input devices can be used for evil as well as good. Case in point: mobile ads that want you to talk to them.
Enterprises want three things in storage systems: First is some speech-recognition way of capturing videoconference data for indexing; second is semantic/AI analysis of emails and IM for content indexing; third is a better system for managing hierarchical layers of storage.