[Congressional Record Volume 144, Number 111 (Friday, August 7, 1998)]
[Extensions of Remarks]
[Page E1603]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




         INTRODUCTION OF FINANCIAL SERVICES PRIVACY LEGISLATION

                                 ______
                                 

                         HON. EDWARD J. MARKEY

                            of massachusetts

                    in the house of representatives

                        Thursday, August 6, 1998

  Mr. MARKEY. Mr. Speaker, today I am introducing two bills which are 
aimed at addressing the confidentiality of personal financial 
information, the ``Securities Investors Privacy Enhancement Act of 
1998'' and the ``Depository Institution Customers Financial Privacy 
Enhancement Act of 1998.''
  Today, the legal and regulatory walls are breaking down that 
previously have restricted or limited affiliations between banks, 
securities firms, and insurance companies. This makes sense in light of 
the trends currently taking place in our economy: globalization, rapid 
technological change, and demonopolization. But the great truth of the 
Information Age is that the new telecommunications technologies that 
financial services giants use to create and market stocks, bonds, 
insurance policies, and loans to homes and businesses have a certain 
Dickensian quality to them: we have the best of wires and the worst of 
wires.
  Electronic commerce can allow corporations to become more efficient 
and workers more productive. But this same technology can avail 
financial services conglomerates of the opportunity to track personal 
information, compile sophisticated, highly personal consumer profiles 
of peoples' buying habits, hobbies, financial information, health 
information, and other data.
  As a consequence, as our nation moves to allow securities, insurance 
companies, and banks to affiliate, we must recognize that the resulting 
conglomerates will have virtually unprecedented access to the most 
sensitive personal and financial information, and they will be largely 
free to share this information among the various affiliates or even 
sell it to others. The companies say this will produce ``synergies'' 
that will benefit the consumer. But it may also facilitate intrusions 
into personal privacy.
  What will this brave new world look like?
  When a husband dies, will the life insurance company tip off the 
securities affiliate to cold call the grieving widow as soon as she's 
received the check from her deceased husband's insurance policy in 
order to try and sell her stocks and bonds?
  Will a bank deny a consumer a loan, because information it's obtained 
from its affiliated medical insurance company indicates that he or she 
has cancer?
  Will a bank share or sell information about a consumer's credit car 
or check purchases with affiliated or non-affiliated parties?
  The answer is yes. These companies will exploit their access to 
consumer personal information whenever they see a business advantage in 
doing so. The consequences for consumers can be disasterous. Just a few 
months ago, for example, the SEC signed a consent decree with 
NationsBank for making misrepresentations to their bank customers that 
the risky derivative securities their operating subsidiary was going to 
try to sell them were as safe as CDs. According to the consent decree:

  NationsBank assisted registered representatives in the sale of the 
Term Trusts by giving the representative maturing CD lists. This 
provided the registered representatives with lists of likely 
prospective clients. Registered representatives also received other 
NationsBank customer information, such as financial statements and 
account balances. These NationsBank customers, many of whom had never 
invested in anything other than CDs, were often not informed by their 
NationsSecurities registered representatives of the risks of the Term 
Trusts that were being recommended to them. Some of the investors were 
told that the Term Trusts were as safe as CDs but better because the 
paid more. (unquote)
  In reality the ``Term Trusts'' that NationsSecurities was selling the 
public consisted of funds that invested in risky derivatives that 
largely have lost value for investors. We need to protect the public 
against the type of abuses of bank customers' privacy that this episode 
has so dramatically exposed. Moreover, a letter I recently received 
from the SEC indicates that a proposed rule to strengthen privacy 
protection has been languishing before the NASDR for over a year 
without action and that the proposed rule may need to be strengthened. 
In addition, the SEC letter indicates that there are gaps in SEC 
authority to protect the privacy of mutual fund investors and 
investment adviser customers. The legislation I am introducing today 
would address problems in each of these areas.
  I think we should all be able to agree that consumers have a right to 
know when personal information is being collected about them. They 
should receive adequate and conspicuous notice whenever any personal 
information collected is intended to be reused or sold for marketing 
purposes. And, most importantly, they should have the right to say 
``NO'' and to curtail or prohibit the use or resale of their personal 
information.
  Current law provides consumers very little protection for their 
private financial records. The Right to Financial Privacy Act applies 
only to the federal government. The Fair Credit Reporting Act applies 
only to consumer reports provided by consumer reporting agencies. It 
generally exempts a bank's disclosure of its customers' account 
records. Moreover, a 1996 amendment to that Act has weakened the 
restrictions on transfers of financial information among persons 
related by common ownership or control. State law is also inadequate, 
because the vast majority of states lack laws which establish any 
meaningful restrictions on banks disclosing customers' records to non-
governmental entities. Only seven states--Alaska, Connecticut, 
Illinois, Louisiana, Maine, and Maryland--have financial privacy 
statutes that forbid disclosures of confidential financial information 
to private as well as governmental entities. One state--California--has 
a statute constitutional guarantee of private that has been interpreted 
by the courts to apply to a bank's disclosure of customer financial 
records. Some states have recognized common law doctrines that 
recognize some privacy protection for financial records, but only seven 
states have adopted the common law doctrine of implied contract of 
confidentiality in the context of bank-customer relations. 
Unfortunately, the scope of the duties imposed by such implied 
contracts of confidentiality are unclear.
  The two bills I am introducing today, the ``Securities Investors 
Privacy Enhancement Act of 1998'' and the ``Depository Institution 
Customers Financial Privacy Enhancement Act of 1998'' would help 
reverse this unfortunate trend. These twin bills would give investors 
in stocks and bonds, mutual funds, clients of investment advisors, as 
well as depository institution customers, and other consumers of other 
affiliates of financial services companies the privacy protections they 
deserve. The bills would establish under federal law the principle that 
financial services institutions generally must provide notice to the 
consumer of when information is being gathered about them, disclosure 
whenever the institution intends to offer such information to any other 
person, and a requirement for the express written consent of the 
consumer if the information is to be transferred or sold to any other 
person.
  I urge my colleagues to support these two bills, and I look forward 
to working with all interested parties to secure their enactment.

                          ____________________