Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Privacy

How Private Is Your Financial Data? 64

Posted by Cliff from the does-your-bank-have-loose-lips dept.
Our bank, BankDirect, is mailing customers a 'Notice of your Financial Privacy Rights', containing the following text: 'We may disclose information about you to our affiliates. Here are the kinds of information and the source of that information: Information about your transactions and experience with us, such as: Name, address, account balances, account activity, types of accounts, transaction history, and payment history. Federal law allows us to disclose the information listed above with our affiliates. You do not have the right to opt out of the disclosure of this information...We may disclose information about you to our affiliates: 1) to provide you with information about additional products and services; and 2) to better serve you, to help us save you time and money, and to help you understand your specific needs.' Am I the only one who is bothered that my bank is ready to share my transaction history, including my salary (direct deposit) and payments to merchants (online bill pay)? More importantly, are there any banks that don't share (or sell) their customers' private information? I couldn't help but notice that BankDirect's web site has a different privacy policy, which reassuringly states 'We restrict access to nonpublic personal information about you to those employees who need to know that information to provide products or services to you.' Hmmm..."
This discussion has been archived. No new comments can be posted.

How Private Is Your Financial Data? More

How Private Is Your Financial Data?

Comments Filter:
  • ...because then they'd stop advertising to me, ever again! I only have forty nine cents in my bank account.
    • No no no... You would start getting more "road to wealth", multi-level marketing, and get rich quick scam - ahem, I mean scheme - material than you already do. You'd also get even higher rate interest card offers because at first glance, without looking immediately left of your bank balance for your credit score; they'd assume you were desperate for more cards.

  • Are you sure??? (Score:2, Insightful)

    by DiscoFreq ( 260884 )
    That mail must be fake...
    Or is the difference between the US and Europe in privacy rights THIS big?

    • Re:Are you sure??? (Score:3, Informative)

      by BigBir3d ( 454486 )
      It is that different from Europe.

      In the good ol' USA there is no real privacy.

      Anyone who expects to have privacy in the USA is a fool, especially given recent events [google.com] in the name of curbing 'terrorism.'

      The problem with this is, terror can be defined in too many different ways. I was watching something on TV with a rep from the Mothers Against Drunk Driving (MADD) saying how some drunk dude 'terrorized' a family.

      There is no real definition of terrorism being used in the USA. The term 'National Security' is also very generalized...

      I think the USA needs another political party; for 'the thinking citizen.' Expectations of privacy, human rights, social programs, and technology could be but a few of the major planks of said new political platform.

      • Re:Are you sure??? (Score:3, Insightful)

        by 4of12 ( 97621 )

        the USA needs another political party; for 'the thinking citizen.'

        I kind of agree, to some extent.

        The big parties are pretty well sold out and their purchasers aren't interested in having to buy out a third major party in addition to laying out money for the big two.

        Even looking at the minority parties, however, you'll find that many of them, while not yet corrupted by money, have caved into some kind of world view based on emotion or value judgements that are, from their perspective, non-negotiable.

      • Of course we all know that there is a right to privacy implied in the Constitution. In the biggest legal non sequitur of the 20th century, that right to privacy means you have the right to have an abortion, but of course, it does not give you a right to privacy.
    • Europe has a much higher sense of privacy for records and such. It has even caused problems for some U.S. businesses and exports. So f*ck you. ;-) (Actually, you'd be a model for our reforms if only...)

      In the US there are some specific guarantees of record rights. Usually it takes some bad happening for Congress to act. Back in 1988 video rental records were protected after conservatives irate at the leaking of Supreme Court nominee's video rentals. (We really should have gotten to see Justice Thomas's.) The Patriot Act may punch a hole in this. Read this. [epic.org]

      Serious protection for medical records has taken many years more. Weird priorities, huh?

      With bank data, the bank does have to worry, and worry a lot, about liability for mishaps resulting from misuse of your information. Unlike abstract emotional damages of releasing personal damage, laying a customer open to fraud or other exploitations would get the dollar signs ringing up in a hurry. I know, we'd most all prefer for them to stay hands off in the first place. But there are a lot of other holes in the dike as it is.

      On the other hand, Europeans tend to have less protection than Americans in things like free speech. So we get to complain more vocally about the things we don't like. :)

    • Our privacy laws (which are fairly new) were modelled after the privacy standards in the EU. And from interviews, letters and everything I've seen, our privacy commissioner [privcom.gc.ca] is great spokesperson for individual privacy rights in Canada.

      Specifically, thanks to a law that he pushed through, this statement in the letter (among others) would be illegal: You do not have the right to opt out of the disclosure of this information...

      What were they saying about Soviet Canuckistan?

  • Contradiction (Score:3, Interesting)

    by bwhaley ( 410361 ) <bwhaley@g m a i l . c om> on Tuesday November 26, 2002 @11:46AM (#4759080)
    BankDirect's web site has a different privacy policy, which reassuringly states 'We restrict access to nonpublic personal information about you to those employees who need to know that information to provide products or services to you.' Hmmm..."

    Wow. That seems like a glaring contradiction to me. How could they send out the e-mail you included above when their privacy policy is much more conservative? That seems like a lawsuit in the making...

    ----
    "For a number of years I have been familiar with the observation that the quality of programmers is a decreasing function of the density of go to statements in the programs they produce."
    - Edsger Djikstra
    • BankDirect's web site has a different privacy policy, which reassuringly states 'We restrict access to nonpublic personal information about you to those employees who need to know that information to provide products or services to you.' Hmmm..."

      Wow. That seems like a glaring contradiction to me. How could they send out the e-mail you included above when their privacy policy is much more conservative? That seems like a lawsuit in the making...

      No contradiction at all. Note the words "employees who need to know that information to provide products or services to you". They are telling you that if they want to try to sell you more products or services, they will give your information to the sales department. They don't say anything about giving it only to those people who need it to service your existing accounts.
  • The only way to keep your keep you financial data private, is to keep you in Gold in a safe deposit in a bank. Moreover Gold has intrinsic value as compared to paper money that has no intrinsic value.
    • Gold is only worth something as long as people demand it. Admittably Gold is worth something in the real world (electronics, beauty), but so are cigarettes. A good medium of exchange is
      1) Small enough to handle
      2) Split into small denominations
      3) Durable (If gold is useful in electronics, it means its less durable, like cigarettes that are smoked, and pigs that die)
      4) Most importantly, accepted as payment

      If people suddenly decided not to accept gold as payment, then you're stuffed. Diversity will save you. Keep some physical assests that dont depreciate much (or even get more valuable as time goes on), keep bundles of cash from US Dolalrs, Euros, Yen, Sterling, Brazillian currency, couple of middle eastern ones, austrailian, south africa and maybe Russian and keep gold, platinum, silver, oil and other valuable commodities in various locations arround the world (in case of nuclear attack/change of government).
    • Well, all I am saying the medium of transaction should retain it's value, and should not depreciate.

      If I earn X amount of dollar today, and I can purchase a Acura NSX, I should be able to purchase the NSX even after 10 years with he same amount of $X.

      The problem with paper money is that it has no intrinsic value, in 10 years time I would be lucky if I can purchase a Kia.

      The value of paper money is controlled by a few a econmists, and they can manipulate the value, to make someone richer and everyone else poorer. And we have seen this happening many a times in history.

      • Obviously you haven't researched the history books about the financial crash of 1920s. In 1920s the paper money was used to rip the people off more than half of their wealth.
    • Ammunition and pharmaceuticals. You can't go wrong with those two. And why trust the bank? You couldn't get at your assets at night, never mind weekends and holidays.

      Remember, if you can't either pack it or leave it within ten minutes, it owns you.

    • Paul Krugman wrote a nice article [mit.edu] about this "gold bug" in Slate a while ago. Whatever you may think of him personally, the article sets forth the considerations crisply.

      Anyone who feels paper money has no intrinsic value is encouraged to mail it to me. I'll pay the postage. And just try buying lunch with gold bullion. There are hardly any employed economists advocating gold or the gold standard, but it is worthwhile to discuss why these are inferior forms of money.

      Think of your paper money as shares of stock in America Inc. If you don't believe in American solvency, consider that the rest of the world does. Two thirds [usconsulate.org.hk] of American currency is in circulation overseas, and America attracts trillions in foreign investment. I'm bullish on it, and note that gold has been a consistently lousy investment since the 80's, underperforming even inflation by failing to appreciate at all [professionaljeweler.com] (the chart is not in constant dollars). Also, don't forget to deduct transportation or storage costs like that safe deposit box. Paper money did the same if you stuffed in under the mattress and failed to invest it in at least a passbook savings account or insured CD -- either of which handily outperformed gold.

  • Affiliates only (Score:5, Informative)

    by Lionel Hutts ( 65507 ) on Tuesday November 26, 2002 @11:48AM (#4759094) Journal
    See that word "affiliate" in there? That means, basically, other divisions of the same corporate family. If they have a broker-dealer unit, for example, that's not technically part of the bank, so its ads are sent to you by an "affiliate." It's pointless to try to regulate information sharing within a single business, and don't believe anyone who says they will.

    Nothing to see here, move along.

    • Re:Affiliates only (Score:5, Informative)

      by Col. Klink (retired) ( 11632 ) on Tuesday November 26, 2002 @12:02PM (#4759204)
      Affiliates do NOT have to be the same corporation. Affiliates are simply companies with which one business has a formal agreement with another.

      For example, Amazon has an "affiliate" program that allows website operators to get referral fees. All you need to do is fill out a form (and have a website). Amazon Affiliates are NOT part of the Amazon corporate structure.

      This was the major loophole in the Privacy Act that makes it meaningless. They are free to share any data they like with companies with which they have a business relationship with. But the "business relationship" was left undefined. If a agree to buy the names of all your customers, we would have a business relationship and the opt-out rules would not apply.

      Some states have additional limitations (which is why Verizon is suing the State of Washington, for example).

      • Re:Affiliates only (Score:5, Informative)

        by Lionel Hutts ( 65507 ) on Tuesday November 26, 2002 @12:32PM (#4759422) Journal
        Absolutely not.

        This requirement has nothing to do with the Privacy Act (and neither does the Verizon case, for that matter, though that's a different law too). This is from Regulation E of the Federal Reserve, which defines "affiliate" for banks in roughly the way the U.S. securities laws do: as a company controlled by, controlling, or under common control with another. The fact that Amazon uses the word in another sense is totally irrelevant.

        Once again, everyone, do your homework.

        • Regulation P (Score:4, Informative)

          by Lionel Hutts ( 65507 ) on Tuesday November 26, 2002 @12:39PM (#4759495) Journal
          I humbly apologize to the community: I meant Regulation P [bankersonline.com], of course, not Reg E. The definition of affitiate [bankersonline.com] I gave was, however, correct: it requires at least enough common ownership to constitute control. Amazon's "affiliates" are not Reg P affiliates.
          • You sound like you know what you're talking about, but should you really be discussing issues of a legal nature with the psuedonym "Lionel Hutts"? Perhaps you should find a more respectable identity to assume on Slashdot.

            Besides, it's Lionel Hutz [snpp.com].
            • I always get confused with that Lionel Hutz guy. I assumed I'd be taken seriously after he died.

              Seriously, I've been using this name, and spelling it this way, for too long to change now, and my firm would fire me very, very quickly if I used my real name. (I'm contractually barred from participating in any Internet "chat room," on any subject, even from home. How's that for enlightened Internet usage policies?)

          • From the link in the parent post:

            (a) Affiliate means any company that controls, is controlled by, or is under common control with another company.

            This doesn't mean just a company they own - it means any other company in the corporate structure. So if your bank is owned by a company that owns a retailer, the retailer legally has access to your financial transactions. It is very common for banks to own or be owned by credit card companies, stock brokers, lenders, etc. They may in turn own smaller companies that sell products and services that can be financed.

            The tree can get very large, which is why this regulation does not keep you safe. Who makes sure that some very small cousin company doesn't indiscriminanly sell mailing lists?

            • Despite the repeal of the most obnoxious part of the Glass-Steagal Act, we still have a separation between banking and "commerce": the only affiliates banks can have are certain finance-related companies. Unlike European banks, which own everything from car companies to grocery stores, U.S. banks can't sell anything but investment-type products. (The exception for merchant banking arms of financial services holding companies is not broad enough to create common control between a bank and a nonfinancial company.) And the companies they can own are heavily regulated, and almost certainly subject to Federal Reserve regulation as to their use of information they receive from bank affiliates.

              This means, yes, they can tell their credit-card arm, or their financial-planning subsidiary, about your bank account, but they definitely can't tell the rest of the world. I don't have a problem with that.

              Again, I wouldn't trust any regulatory regime that purported to forbid information sharing within a corporate group: it's just not meaningful to tell a single company (no matter how legally organized) that certain of its employees can't tell others something. We make rules like that only for very sensitive information, and generally just assume that the whole company knows, and must keep, any secrets anyone in it knows.
  • More importantly, are there any banks that don't share (or sell) their customers' private information?

    It used to be, the banker was like the grocer or barber: a member of the community. But now, the banks are just trying to squeeze as much money out of the consumer as possible. Not that long ago, we didn't have transaction fees, teller fees, atm fees, etc. The banks have been slowly adding fees over the years in their quest for cash. Of course they'll sell your info, if it'll make them a buck or two.

    And even if you do find an ethical bank who wont sell your information, your personal info [msnbc.com] will get out anyway.

    I guess the only safe way to save money nowadays is to stuff it in a mattress.


  • Banks are trustworthy institutions. Given that corporations want information and will do anything to get it; I would prefer that by my bank distributes accurate information in a documented way.

    In the current system, information is inferred and, it seems, simply made up. Why else wouyld we receive the totally irrelevent advertising that we do today? Some insignificant database somewhere has me listed as the wrong age, the wrong gender and with the wrong interests. At the moment this leads to me receiving catalogues for products I am not interested in (cosmetics, mainly, this month). For now, I can recycle these, but what if this information propogated and ended up somewhere important. I don't want the IRS, for example, kicking down my door claiming I've been lying on my tax returns just because they've got information that I am 40 years older than I really am.

  • Credit Unions (Score:5, Informative)

    by BigChigger ( 551094 ) on Tuesday November 26, 2002 @11:58AM (#4759174)
    while not a cure-all, seem a bit better on this front than a regular bank.

    Ditch your bank. Join a CU.

    BC
    • I second this. I've been a member of my credit union for over 25 years. When I complain, my credit union listens and they listen close. I currently audit credit unions as a living and have found that my credit union is not unique in that perspective. Credit unions are owned by the people who deposit their hard-earned money there. And believe me when I tell you that when a member has a valid complaint and lets the board of directors know about it as well as my state regulatory agency that regulates credit unions, shit does indeed roll downhill when there is wrongdoing. We have the power to yank a c.u.'s board and/or president and put a conservator in place to do right by the members, and though rare, it has happened.

      getting back to the original post of banks and their info sharing rules, though:
      there are very strict laws about who they may share data with and who they may not. your best bet is to contact your state regulatory agency for banking and find out if they are regulated at the state level or the federal level. then talk to the appropriate person at that agency about the rules this bank is trying to force down your throat.
      if it turns out that yes indeed they can stick it to you, then do the following.
      1) make an appointment with the bank president
      2) 20 minutes prior to the appointment, remove all deposits and close your account
      3) during the appointment, let the bank president know your displeasure and tell him to stick it up his ass with his policies

  • a few thoughts (Score:5, Interesting)

    by steve.m ( 80410 ) on Tuesday November 26, 2002 @12:00PM (#4759189) Journal
    Here in the UK, rival banks make it very easy to switch - all you do is sign once and they move all your direct debits, etc. for you (I get frequent offers but I'm happy with my bank right now, so I don't know how well that works)

    If you can't find a privacy friendly bank, or it's insanely hard to get all your banking services transfered, you could always randomize your spending habbits:

    1. Withdraw all your cash and pay for everything through the whole month in cash

    2. Withdraw all your cash and then pay it back in 2 days later. repeat.

    3. Pay for everything on a credit card, then clear it at the end of the month.

    4. Make frequent small withdrawls instead of weekly large withdrawls

    at least then, you'll be partly masking what you're upto and providing less valuable information to their 'partners'....
    • Part of the reason banks collect information on your spending and deposit habits is for your benefit, as well as for compliance with federal laws. For example, if I withdraw $200 a week, every week, for five years, and then suddenly there's a $7500 withdrawal, the bank can red-flag that and call to make sure someone hasn't stolen my credit card number. Or, if I'm getting $20000 wire deposits from a crooken bank, my bank can inform the FBI or whoever would be the appropriate authority. There's been plenty of news on the quality of the software that does the above testing, but even poor testing is probably better than none at all.

      So the reason you don't want to do the above is twofold. First, if the software is working correctly, it will get a really perverse idea of your "normal" usage, and fraudulent claims (or claims in error) might go unnoticed (even by you, if they're only for a few hundred bucks). Second, if the software isn't working correctly, you will get red-flagged every other week, which will make working with your bank a real PITA. Even worse, if you run into a lot of problems your bank may make a note on your record that you might be, for example, trying to launder money for some organization. So when your country's anti-terrorism organization shows up with a subpeona for suspicious account activity at a bank, your name might get on a whole bunch of lists that you really don't want to be on.

      I really think this is one of those slow-news-day articles, but even if it's not, you can just ask. Go into your branch office and discuss your concerns. Pin them down on what they mean when they say "affiliates." If they do give away your personal info for advertising purposes, ask them if you can opt out. This is not an uncommon question for banks at all. As part of my new account "package" (about 50 pamphlets), I got a privacy notice that described, both in legalese and plain English, the circumstances under which my information might be released. It contained a section specifically on advertising.

  • Yes, you are the only one (Score:3, Insightful)

    by bmetzler ( 12546 ) <bmetzler AT live DOT com> on Tuesday November 26, 2002 @12:15PM (#4759309) Homepage Journal
    If you have a problem with a bank sharing your information with others, then why not find another bank? Apparently others don't have a problem with the bank trying to serve them better.

    I don't see one problem with a bank sharing information. As long as they aren't sharing pin numbers or other information that would allow someone to steal my identity, even thing is fine.

    -Brent

  • Maybe not as bad as it sounds... (Score:4, Informative)

    by Mr_Person ( 162211 ) <mr_person@@@mrperson...org> on Tuesday November 26, 2002 @12:15PM (#4759311) Journal
    First of all, "affiliates" probably means companies with which the bank has a close relationship. For instance, many banks have outside companies do their data processing or do their online banking or bill pay services for them. There's really no way they could do these services without sharing your info.

    As for banks that don't share your information, have you considered trying a credit union? Unlike banks whose main concern is making money for the shareholders, a credit union's main concern is providing the best service to their members because it is run by the members for the members.
    • I've had accounts at Citibank and HSBC and IBM's local credit union, the credit union was by far the worst of the bunch, making up charges left and right, changing rules, fee schedules and pretty much anything they could, they're the only bank I have ever seen charge for your initial batch of checks, not only that, not telling you they would charge you for them
      • I'm sure your experience depends on the credit union you use. Of course the same goes for whatever bank you use, a lot depends on which bank it is. I haven't had any of the problems you mentioned with the local credit union I'm a member of.
      • Yea, my credit union does fun things to, (currently trying to fid another) If I use my debit card for 5 things in 1 day, and the last one causes it to go negative they charge you a 30 dollar fee for each of those.
        • If I use my debit card for 5 things in 1 day, and the last one causes it to go negative they charge you a 30 dollar fee for each of those.

          well, duh! a debit card is exactly that. it pulls money immediately from your account. either write a check or use a credit card if you want the purchase to float on borrowed funds.

  • They all do it. (Score:4, Informative)

    by FreeLinux ( 555387 ) on Tuesday November 26, 2002 @12:16PM (#4759318)
    As it states federal law says that they are allowed to do this. More worrisome is the list of "affiliates", which is usually included in these disclaimers. Most of the policies pose "affiliates" in such a way as to suggest that they are only internal departments and subsidiary companies. But, the fact is that affiliates also include marketing organizations and a lot more.

    In a few cases the banks actually have a subsidiary marketing company whose product is marketing lists. In these cases the information is shared with the "affiliates" for "legitimate business purposes" but, the "affiliates" then turn around and resell your information to anyone with the cash.

    Recently, I was contacted by a mortgage telemarketer, which I have never done business with. they had ALL of my data including transaction history. When I told them I wasn't interested and that their information was inaccurate they actually had the gall to ask me to correct the inaccurate data. The schmuck says, "We pay a lot of money to get this information and if we aren't getting the right information we need to know about it and you need to help us fix it.". Naturally, I advised him to get bent but it is still infuriating that ANYONE can get this information.

    The problem goes further too. It's not just marketing companies that are working against us. The government is as well. No, I'm not a conspiracy theorist.

    Few people realize that numerous government agencies provide personal information including your Social Security number to companies "with a legitimate business need for that information". They list examples of companies with legitimate business needs and the first example on the list is marketing companies.

    Of course it sucks! But, the genie is out of the bottle.

    • Re:They all do it. (Score:3, Insightful)

      by rodentia ( 102779 )

      No, I'm not a conspiracy theorist.

      No, you're not. You don't have to be. You are already considered more as consumer than citizen by your own elected representatives. Your role as economic mote is far more significant than your role in civic affairs. Your congressional representatives deliver *constituent service*; it is considered enlightened thinking that you are a consumer of government services. The HDTV mandates are designed to deliver you and yours to vital industries for the advancement of national technical infrastructure. Your data, your paycheck and your mortgage: just more product. Your vote is a lifestyle choice.

      Voila ici, the Market State.

      And in the twisted, twenty-first century, we're grateful for it.
    • In Illinois, the Secretary of State office handles all things motor vehicle related.

      Up until four years ago, they used to sell driver's license and vehicle registration info for cash to direct marketers. They've since stopped.

  • Can anyone speakto and provide pointers to any EU privacy laws? It's time for some citizen initiatives in the US.

  • I CAN believe this but I am angered by it. (Score:3, Informative)

    by krinsh ( 94283 ) on Tuesday November 26, 2002 @12:31PM (#4759409)
    and to help you understand your specific needs.

    I have a wife, and if necessary, a shrink for this purpose. I feel very much like this is one of those "we'll tell you what you can and cannot have or do, and you will like it".

    If I were you I'd find another bank right away and LET THEM KNOW why you are leaving them. Your private information is private and should remain that way.

  • Whoa there cowboy!!! (Score:4, Informative)

    by Picass0 ( 147474 ) on Tuesday November 26, 2002 @12:34PM (#4759439) Homepage Journal
    "'We may disclose information about you to our affiliates..."

    Typically a financial institution considers an affiliate to be another (smaller) bank owned by the same corporate parent. An affiliate may also be another company in the corporate structure. It does not necesarilly mean a 3rd party or independant company with a working relationship to the first company.

    That said, I still consider my financial (or any personal info of mine) to be mine, and I want the right to know when this information is being traded or sold, and the right to opt out.
  • There is probably a credit union in your area that would be able to meet all of your banking needs. At a credit union the scale of operations is quite a bit smaller and you stand a good chace of being able to actually know the names of all the people who have access of your personal information. In addition, as a member of a credit union you get to vote every year or two on retaining the chairman and board of directors. If you don't like them, you can actually have some say in changing things.

    Chances are that as an individual, you don't really need to resources of a national or international bank. Why take the overhead that goes along with it?

Slashdot Top Deals

And it should be the law: If you use the word `paradigm' without knowing what the dictionary says it means, you go to jail. No exceptions. -- David Jones

Close