FTC Testimony Addresses Views About Financial Privacy

In testimony yesterday before a House Subcommittee considering the federal banking agencies' proposed Know Your Customer rules, David Medine, speaking for the Federal Trade Commission, outlined the Commission's views about financial privacy, including the importance of taking consumers' privacy concerns into account when establishing mechanisms to prevent crimes such as money laundering and fraud.

"We live in a burgeoning information economy. ... It is not surprising to learn that, of all the types of information collected about them, American consumers view their financial information as most sensitive, indeed as sensitive as their medical histories," said Medine, Associate Director for Financial Practices in the Commission's Bureau of Consumer Protection, in delivering the Commission's testimony. "As custodians of sensitive financial information, banks must strike a balance between addressing their customers' privacy concerns and guarding against fraud and other criminal uses of banking services."

The FTC testimony before the House Committee on the Judiciary's Subcommittee on Commercial and Administrative Law notes that the proposed rules, announced last December by the Federal Reserve Board, the Office of the Comptroller of the Currency, the Office of Thrift Supervision, and the Federal Deposit Insurance Corporation would, among other things, require banks to establish procedures to ascertain the identity of their customers and the sources of funds deposited in their accounts, and to monitor patterns in their customers' banking activities to identify suspicious transactions. "Based on the comments thus far submitted on the proposed rules, it appears that some consumers are concerned with the unauthorized disclosure of their personal financial information to any third party, including the government," the testimony states.

The Commission has extensive experience in addressing consumer protection issues that arise in the financial services industry and the testimony discusses two of the Commission's statutory mandates that are particularly relevant: (1) the Commission's authority to enforce the Fair Credit Reporting Act ("FCRA"); and (2) the Commission's new consumer protection role under the Identity Theft and Assumption Deterrence Act of 1998.

The FCRA regulates consumer reporting agencies, also known as credit bureaus, and establishes important protections for consumers with regard to the privacy of their sensitive financial information. It limits the disclosure of consumer credit reports only to entities with specified "permissible purposes" (such as evaluating individuals for credit, insurance, employment, or similar purposes) and under specified conditions (such as certification from the user of the report). In these ways, the FCRA operates generally to limit disclosure of consumer reports primarily to instances where a consumer initiates a transaction, such as an application for credit, employment, or insurance. The FCRA also provides consumers with certain rights in connection with the information maintained by consumer reporting agencies.

In addition to its responsibilities under the FCRA, the Commission has a new, important role to play in combating identity theft, a practice that goes to the heart of personal financial privacy. Identity theft occurs when an individual appropriates another's name, address, Social Security number, or other identifying information to commit fraud. The recently enacted Identity Theft and Assumption Deterrence Act of 1998 makes identity theft a federal crime and authorizes the Commission to serve as a central clearinghouse to receive complaints from, and provide information to, victims of identity theft. Specifically, the Act requires the Commission to establish procedures to (1) log the receipt of complaints by victims of identity theft; (2) provide these victims with informational materials; and (3) refer complaints to appropriate entities, including the major national consumer reporting agencies and law enforcement agencies.

The testimony also highlights the Commission's efforts on Internet commerce. The Commission has been involved in addressing online privacy issues for almost as long as there has been an online marketplace and has held a series of workshops and hearings on such issues, including the special privacy concerns raised by the online collection of financial information.

"The public response to the Know Your Customer proposals highlights the tension between potential regulatory initiatives and privacy concerns. The Commission is pleased to serve as a resource as this Subcommittee and others consider how to strike the proper balance between these important competing interests," the testimony concludes.

The Commission vote to approve the testimony was 4-0.

Copies of the full text of the testimony and information about the Fair Credit Reporting Act, the Identity Theft and Assumption Deterrence Act, and online privacy are available from the FTC's web site at http://www.ftc.gov and also from the FTC's Consumer Response Center, Room 130, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580; 202-FTC-HELP (202-382-4357); TDD for the hearing impaired 1-866-653-4261. To find out the latest news as it is announced, call the FTC NewsPhone recording at 202-326-2710.