Privacy Will Likely Dominate
Financial Services Legislation

Let there be no doubt that in 2001 privacy legislation will command top billing in the various state legislatures as well as the 107th Congress. Federal Trade Commission Chairman Robert Pitofsky indicated in mid-December that "I will be astonished if privacy is not a major issue within 90 days of Congress returning. . . . It will be as much a priority as election reform or hanging chads. From what I hear, the debate isn't on whether there should be more legislation but what is the best kind of legislation to have." Echoing this sentiment, the president of the Financial Services Roundtable, Steve Bartlett, told the American Banker that the most important task facing the financial services industry is to block additional laws that would rein in corporate use of customer information. He said, "Privacy is Numbers 1 through 10 " on the Roundtable's list of priorities for next year.

Integrated financial services firms are increasingly relying on detailed customer data as they implement customer relationship management strategies. However, privacy jitters and the subsequent threat of legislation that would restrict the flow of personally identifiable information across organizations could pose an obstacle. Already, sweeping federal privacy legislation imposes new limits on the use of personal financial information. The Financial Services Modernization Bill of 1999 (often referred to as the Gramm-Leach-Bliley Act) requires institutions to give consumers the opportunity to "opt-out" of any exchange of personal financial information with non-affiliated third parties. Shortly after passage of the bill, the Clinton Administration indicated that it preferred even stronger language that would give consumers the ability to opt-out of internal information sharing across affiliates. Numerous privacy laws have been introduced in state legislatures that would require the customer's explicit permission (an "Opt-In" approach) before data could be exchanged across affiliates. The privacy concerns are genuine and the legislative threat is immediate. The resulting restrictions could easily impair the flow of data about consumers, the lifeblood of relationship strategies.

Perhaps the leading authority on consumer attitudes toward privacy is Professor Alan Westin of Columbia University. In an article in the November/December 2000 issue of Public Perspective Westin observed that the "Harris-Westin surveys from 1978 to the present have found the driving factors behind privacy attitudes, both in general and in specific consumer areas, to be a combination of two orientations: the individual's level of distrust in institutions and fears of technology abuse." Yet, although some consumers view privacy as an absolute right, the majority do not. Most consumers consistently show a willingness to give up some information about themselves if they are comfortable with the requesting party, believe they will be treated fairly and perceive benefits in return. In Westin's words, "most consumers are shrewd privacy balancers."

Westin has used specific items from the Harris-Westin survey data to build a Distrust Index which correlates with the degree of consumer concern about threats to privacy. Using the Index, Westin found that the American public divides into three segments. About 25% of the population are "privacy fundamentalists": they place especially high value on privacy, generally reject the idea that businesses need personal information and favor strong federal and state laws to protect privacy rights. Another 55% of the population falls into the "privacy pragmatist" category. These people weigh the benefits and the risks of disclosing personal information and then decide whether they agree or disagree with specific information-gathering activities. The trust these individuals place in the particular institution or company involved plays a critical role in their decision. The third and final consumer segment comprises about 20% of the population who are "privacy unconcerned." These people have little problem providing their personal information to businesses or government agencies, see little need for new legislation to protect privacy rights and, generally, "don't know what the privacy fuss is all about."

Westin argues that "In the politics of privacy, the battle is for the hearts and minds of the Privacy Pragmatists. If most of them feel their personal information is being used fairly and properly by businesses, especially online, they join the Privacy Unconcerned to make up a 75% level of support for the existing rules and practices. But if most of the Privacy Pragmatists feel that information practices are intrusive or their information is being misused, they join the Privacy Fundamentalists to make up a majority seeking legislative or regulatory measures, or consumer boycotts."