I know how you open your mail.
I'm betting that it's like this at your house. The mail gets stacked some place. Maybe you leave it in the box, or put it on a table by the door, or haul it into the kitchen or den to keep it together till you open it.
Wherever you open your mail, you probably do it standing up and near a wastebasket. You ditch the obvious pitches that don't interest you. You open envelopes to make sure you know what's inside, whether it's a bill, an invitation, or a letter from your sister. And you probably throw away all the stuffer material - those offers for vacation packages, really swell watches that take your pulse, and anything with really tiny type.
Then you set all the important mail aside to deal with later. That's where you've probably got that bank privacy notice.
Now, if you're saying "Huh?!" about now, we need to talk. Because that means you probably threw that notice away, along with your ability to take just a little control of the way your bank shares your personal information with other institutions.
Here's the deal. The Financial Services Modernization Act of 1999 (also called the Gramm-Leach-Bliley Act), directs financial institutions to develop policies and procedures to safeguard your records and your privacy, to tell you about how they do that, and to give you some, very limited control about who they can share your personal information with.
The law requires that all this developing and telling has to be done by the first of July. After that, you get privacy notice once a year, and any time you start a new financial relationship
But you haven't seen the notices because you've been throwing them away. You've probably gotten more than ten of them, from banks, credit cards companies, loan companies, credit unions and more. The American Bankers Association estimates that you'll receive eighteen separate notices. And you probably threw them all away.
The notice is supposed to tell you what kind of information they gather about you and how they do that. It's supposed to tell you who they share information with outside their corporate family.
Don't expect to understand this just by reading, though. The notices are very hard to understand. Sentences average around 25 words. Sentence structures are complex. But there are no penalties for being hard to read.
This stuff is written by lawyers and their purpose isn't to write clear and compelling prose. Their purposes are to comply with the law, protect their clients and keep their clients options open. Look, they know they're going to be sued. It's the American way. Their job is to make it more likely that their client is the one who comes out the winner.
They don't expect you to read the notice. In fact, I figure that there are only three kinds of people who read these things. First, of course, there are the folks who read everything. That's because they read everything.
Then, there are the privacy advocacy zealots. They're often referred to as "watchdog" groups and that's their job. They watch. And they bark when they see something that might be harmful to privacy rights. It's an important and necessary job, but it requires reading lots of documents like those privacy notices.
And, of course, there are the class action attorneys. They're digging around in the prose like a pig hunting truffles, looking for the key the lawsuit that will make them millions. You'll hear more from them in the years to come.
So, as a public service, here's my condensed English language version of your privacy notice, along with a recommendation.
You're being told that you're the folks who have your account are swell folks who care for your privacy and have policies and procedures in place to safeguard it. I mean, really, would you expect them to say anything else?
Then they're telling you whether they share information with other "non-affiliated" institutions. If they don't (many small banks don't) that's it. If they do, they give you a way to stop them from sharing your personal information with those folks.
It's not much. They can share just about anything with their affiliates. According to the official regulations, "affiliate" means any company that controls, is controlled by, or is under common control with another company. That can be quite a few organizations. Big banks, it turns out, have lots of that meet the definition.
Then, there are some kinds of things you don't get a say in. If you've got a 401(K) plan, the law considers your employer, not you the customer. So it's the employer who gets the say about information sharing..
So it's not much. But it's something. And it's more than you used to have. Mostly, checking the Opt-Out box can keep your financial records from being shared with outside marketing firms. Those marketing firms might not be covered by the privacy law.
So here's my recommendation. Check the Opt-Out box and send the notice back. That will do two things.
First, you'll be doing all you can to limit the ways your financial institution shares your personal information with others. That, I think, is a good thing in and of itself.
Second, you'll be sending a message that your privacy and the way your personal information is handled matters to you. In other situations, Opt-Out programs usually don't get many takers. The Direct Marketing Association, for example, has had a program for years that lets you have your name remove your name from the mailing lists that US businesses trade amongst each other.
With all the folks who rave about how they hate "junk mail," you'd think lots of folks would take the opportunity to have it all stop. But in thirty-five years of operation, no more than three percent of Americans have opted out.
I'm not a privacy fundamentalist, my friend. I don't think there's some grand corporate conspiracy to gather all our personal information and use it against us. I recognize some of the technical difficulties that come with programs that give you and me even greater control over how businesses use our information.
But I think we can do better, too. Countries like England and Denmark have had far more stringent privacy legislation for years and their businesses seem to do OK. I'd like to see the US moving that way. But the only way that will happen is if we opt for the little bit of control we can have now.
Check the Opt-Out box. Send the notice back.
This feature appeared on 4 June 2001
