State Roundup: December 2, 1999 ?
	
	
	
	
	
	
	
	
	Thoroughly Modern Privacy Problems 

?????Even before the federal Financial Services Modernization Act was signed 
into law, some state regulators could see signs of trouble. Unsure that the 
bill would provide adequate privacy protections for financial records, states 
began hashing out the issue, investigating consumer privacy and launching 
committees dedicated to exploring options. Those efforts have proven 
fruitful. With privacy advocates lamenting the final results in S. 900, the 
pressure is seeping into the states to protect personal information. However, 
there are precious few that foreshadowed the federal government's game of 
catch to the states on the issue of privacy. Now, privacy advocates are 
bombarding state capitals, urging them to take action that the federal 
government didn't. 
?????What didn't happen at the federal level was an opt-in policy for sharing 
of consumer information. The legislation, which provided a legal framework 
for financial services megamergers, permits banks to share their customers' 
information with other businesses, such as brokerages, insurance firms and 
telemarketers. To reveal customers' personally-identifiable information with 
outside partners, the financial institutions must provide consumers the 
opportunity to "opt-out" of the sharing arrangement. This means that bank 
customers would need to notify a bank that they are against the disclosure of 
their personal information; if they don't alert the bank, their information 
would automatically be up for grabs. An amendment, introduced by Sen. Paul 
Sarbanes, D-MD, secures the right of states to pass stricter 
information-sharing regulations. While privacy advocates are satiated by the 
provision, they would have preferred language that required consumers to 
opt-in to all information-sharing practices. Now, they hope to see that type 
of policy enacted in the states. 
	Building A Framework

?????There are a handful of states that already had begun work in the privacy 
arena. One is Minnesota, which catapulted itself into the national privacy 
spotlight in June when Attorney General Mike Hatch launched an investigation 
and lawsuit against U.S. Bank for giving out personal financial information 
to a telemarketing company. The telemarketers, after calling customers and 
inquiring whether they wanted additional information about bank services, 
charged the customers for the services. Hatch alleged that the bank released 
the information for $4 million plus commissions, some of which he said were 
gained by disclosing deceptive information. Under the settlement, the bank 
donated over $2 million to charities around the state and agreed to make 
refunds to Minnesota customers who were victims of the scheme. It also 
enacted an opt-out policy, among other penalties. Minnesota was one of the 
most outspoken opponents of the federal legislation, saying that it "was even 
weaker than the settlement we got," according to Hatch's press secretary, 
Leslie Sandburg. 
?????Consumers Union's David Butler called Minnesota "as proactive as any 
state at this point" for their prosecution of U.S. Bank, but added that "this 
is still a relatively new debate at the state level." 
?????Some observers anticipate that with the passage of the federal "bank 
bill," states may become more alert to the issues at hand. "This will force 
states to look directly at the issue," said Brett Hester, the National 
Governors' Association's economic development policy analyst. John Ryan, of 
the Conference of State Bank Supervisors, agreed. "It's a hot issue, an 
easily political issue," he said. "You have elected officials who may want to 
make an issue out of this." Minnesota, taking advantage of the Sarbanes 
amendment, will introduce legislation next session to the tune of protecting 
consumer privacy. 
?????Also at the fore is Massachusetts' Lieutenant Gov. Jane Swift, R, and 
Gov. Paul Cellucci. In a recent speech, Swift railed against the federal 
legislation, saying that both Congress and the administration missed out on a 
historic opportunity to ensure privacy protections. "Now that the federal 
government has determined that states should decide some privacy issues for 
their citizens," Swift said, "we in Massachusetts are pleased to be at the 
forefront of this crucial national debate." At the crux of the 
administration's plan is the establishment of an opt-in system that requires 
businesses to seek consumers' consent before they sell or share information. 
"Governor Cellucci and I don,t think that this is too much to ask," she 
added. 
?????The legislation's initiative grew out of a quality-of-life commission 
established by the governor. The group determined that privacy was one of the 
hottest issues, and from that grew the omnibus legislation that has been sent 
to five different legislative hearings and two public hearings, explained 
John Ziemba, deputy general counsel and deputy director of the Office of 
Consumer Affairs. Most committees are still looking at the legislation, and 
will wrap-up their investigations next year, as the Massachusetts legislature 
completes its two-year term. 
?????While Massachusetts remains one of the few states specifically targeting 
financial privacy, a host of others are joining the bandwagon in the hopes of 
ensuring consumer protection in other high-tech areas. New York Attorney 
General Eliot Spitzer joined the group of state attorneys general upset with 
the weak protections in the federal bank bill, but it wasn't the first time 
he had entered the arena. He had ushered through a spam bill * allowing 
consumers the right to opt-out of receiving unsolicited, bulk e-mail * and a 
bill that would prohibit Web site owners from tracking consumer information 
unless users consented to the actions, said spokeswoman Christine Pritchard. 
Now the focus has turned to reforming the Fair Credit Reporting Act, which, 
among other things, would provide consumers the right to receive one free 
credit report each year to determine its accuracy. And Spitzer also has 
promoted a bill on identity theft, declaring that if a consumer's identity 
has been stolen to obtain anything of value, the customer, and not just the 
credit card company, is deemed a victim and can seek reimbursement. 
	Honing In On The Hot Topics

?????Identity theft, perhaps because of the personal stories that result from 
it, is one of the hotter privacy issues in the states, and Arizona is working 
on a law making it a crime to steal a personal password. Rep. Jeff 
Hatch-Miller, R, who chairs the state's Internet study commission, said that 
legislators are just beginning to understand the new level of concern being 
raised by citizens with respect to their right to privacy. The group has 
established a subcommittee looking into additional privacy legislation that 
may be needed with the understanding that the rules must seek a balance 
between protecting consumers and businesses alike. 
?????"Arizona is a fairly conservative state," Hatch-Miller said. "We're 
friendly to business here. To the extent possible, I think we'll promote 
private solutions, as we do prefer them to government solutions." 
?????Hatch-Miller added that one of the newest areas of concern is 
information from customer convenience cards, such as those given out by 
grocery stores to determine sale prices, being sold to outside marketers. 
California already has seen legislation introduced that would bar the sale of 
that information, and its legislature's Joint Task Force on Personal 
Information and Privacy continues to look at that, as well as all issues 
surrounding privacy. Sen. Jackie Speier, D-San Francisco/San Mateo, is 
expected to soon drop a bill complementing the Financial Services 
Modernization Act that would prohibit the sharing of personal information 
among affiliate companies in different sectors. Although because of the 
strong banking lobby and the political difficulties surrounding the issue, 
staffers say they still don't know what form the bill will take. 
?????That seems to be a familiar refrain in such discussions, as many elected 
officials grapple with the growing number of privacy concerns that 
technological advances have ushered in. Many legislators looking to the 
federal government for guidance on the matter have been thrown an unexpected 
duty with the results in the financial services act, but observers say they 
will take the ball and run with it. "I think what will happen is you'll see 
legislation in areas where there may be problems," predicted Neal Osten, 
director of the commerce and communications committee for the National 
Conference of State Legislatures. *by Stephanie Lash