Opting out can help you avoid danger of identity theft
On the Money
From the June 1, 2007 print edition
Identity theft is a widespread and well-known problem.
Eight years ago, Congress enacted the Identity Theft and Assumption Deterrence Act, which created the federal crime of identity theft. The law was targeted toward any “means of identification” of another person, not distinctively identifiable information.
When it comes to financial information, there are even more protections available in the form of the Gramm-Leach-Bliley Act.
The key to combating identity theft is to protect your privacy. However, some information must be exchanged in order to do business.
The Gramm-Leach-Bliley Act applies to many types of financial institutions, banks, savings and loans, credit unions, insurance companies and securities firms. It even includes some retailers and automobile dealers that collect and share personal information about consumers to whom they extend or arrange credit.
The act contains three major components.
- Financial institutions are required to disclose the kind of information they collect and the types of businesses to which they may provide that information. This is contained in their “privacy notice.” Anytime you open a new account with a different financial institution, it must provide a copy of its privacy notice, and do so annually.
- The company must give you the opportunity to opt out or say “no” to information sharing under certain circumstances. Even consumers who aren’t technically customers of a financial institution — such as former customers or people who unsuccessfully applied for a loan or credit card — have the right to opt out of sharing information with outside companies.
- Third, the law requires that financial institutions describe how they’ll protect the confidentiality of your information.In other words, here’s a chance to protect yourself by just doing a little reading and, in the words of a related campaign, “just say no.”Unfortunately, privacy notices tend to be in very small print and not very appealing to read. Nevertheless, when reading the privacy notice, look for the following important features:
- The type of information it shares with other parts of the same company, likely to be described as “members of our corporate family” or “our affiliates.”
- The information it shares with other companies or organizations that are not part of the same corporate group, perhaps called “nonaffiliated third parties.”
- What information you can prevent your financial institution from sharing with other companies or organizations.
- How you go about opting out.
While the regulations say a financial institution isn’t required to list every type of information it may gather or share, or tell you the names of specific companies or organizations that may buy or receive your information, the privacy notice must describe the basic categories of information, and give examples.
On the other side, however, the Fair Credit Reporting Act limits your ability to stop selected information-sharing with affiliates. For instance:
- The information is needed to help conduct normal business.
- The information is needed to protect against fraud or unauthorized transactions, or is provided in response to a court order.
- The institution reasonably believes the information is “publicly available.” Publicly available information includes your name, address and telephone number as they appear in the telephone book, information about your home mortgage recorded in county records or information that would be found on your driver’s license. (That’s why you shouldn’t put your Social Security number on your driver’s license.)
- The information is used as part of a “joint marketing agreement.” That’s a situation in which two or more financial institutions agree to jointly offer, endorse or sponsor the same products or services.
- An affiliate of the firm may receive any information obtained from your transactions with that institution. Example: Your bank can give an affiliated insurance company details about your deposit accounts.
Even if you opt out, your bank still would be able to share some personal information with outside entities in certain circumstances. However, if you don’t opt out at all, your bank can sell information about you to any business or person.
Each institution may have its own unique opt-out procedure described in the instructions that come with your privacy notice. For example, call a certain telephone number, or complete a form and mail it to a specific address.
The rules allow banks to provide a single opt-out notice when two or more customers have a joint account. If the bank sends separate notices to two owners of a joint account and only one of them responds, the bank may continue sharing the other person’s information.
Financial privacy is important. Thanks to the Gramm-Leach-Bliley Act, you can have a say in how much of your information financial institutions may share w
© C. Stephen Guyer for American City Business Journals Inc. All rights reserved.