Skip banner
HomeHow Do I?Site MapHelp
Return To Search FormFOCUS
Search Terms: personal w/5 information w/5 privacy, House or Senate or Joint

Document ListExpanded ListKWICFULL format currently displayed

Previous Document Document 182 of 261. Next Document

More Like This
Copyright 1999 Federal Document Clearing House, Inc.  
Federal Document Clearing House Congressional Testimony

July 21, 1999

SECTION: CAPITOL HILL HEARING TESTIMONY

LENGTH: 3430 words

HEADLINE: TESTIMONY July 21, 1999 BRANDON BECKER HOUSE BANKING AND FINANCIAL SERVICES FINANCIAL INSTITUTIONS AND CONSUMER CREDIT UNIONS FINANCIAL PRIVACY

BODY:
WRITTEN STATEMENT OF BRANDON BECKER ON BEHALF OF THE SECURITIES INDUSTRY ASSOCIATION ("SIA") BEFORE THE SUBCOMMITTEE ON FINANCIAL INSTITUTIONS AND CONSUMER CREDIT OF THE COMMITTEE ON BANKING AND FINANCIAL SERVICES OF THE UNITED STATES HOUSE OF REPRESENTATIVES HEARINGS ON THE FINANCIAL SERVICES ACT OF 1999 (H.R. 10) JULY 21, 1999 Madam Chairwoman and Members of the Subcommittee, my name is Brandon Becker. I am a partner at the law firm of Wilmer, Cutler & Pickering and practice here in Washington. I was formerly Director of the Division of Market Regulation at the Securities and Exchange Commission and was responsible for the SEC's program to oversee securities professionals and markets. Today I am appearing on behalf of the Securities Industry Association ("SIA")(1) to present its views on customer privacy in the financial services industry. SIA appreciates this opportunity because SIA and its member-firms have long considered customer financial privacy to be an issue of utmost importance. Madam Chairwoman, we commend you and the other Members of the Subcommittee for holding these hearings, which fill an important gap in the record concerning financial modernization. As you know, when the SIA wrote to Speaker Hastert this past June, to support the House's financial modernization legislation, we called for hearings such as these. Therefore, we very much appreciate your prompt consideration of these issues. As I will explain in more detail, SIA believes that H.R. 10's privacy provisions, within the context of the bill's overall financial modernization provisions, represent a workable, market- based approach for bolstering privacy protection. As SIA Senior Vice President Steve Judge stated on enactment of H.R. 10, "The privacy provisions attached to H.R. 10 build upon the industry's long-standing policy of respecting and protecting its customers' privacy." Indeed, we believe that the carefully crafted privacy requirements in H.R. 10 should preempt possible state legislation in this field. SIA looks forward to working with Congress as it moves to enact H.R. 10, which will bring about the financial modernization that SIA believes is needed for the benefit of consumers and the U.S. economy as a whole. THE BEST PROTECTION AGAINST THE MISUSE OF CUSTOMER INFORMATION IS THE COMPETITIVE MARKET. The first and most important point to underscore today is that, long before H.R. 10 and its privacy provisions were even proposed, securities firms were deeply concerned with meeting their customers' expectations about how their personal, financial information will be handled. Indeed, it would be impossible for a securities firm to prosper for long in today's competitive marketplace if it were to gain a reputation for misusing its customer's information or allowing others to do so. A firm that uses customer information in ways customers find objectionable quickly will lose investor confidence -- and market share as well. Furthermore, securities firms have a strong proprietary interest in protecting their customer data. Securities firms invest substantial resources to develop relationships with their customers, and firms therefore treat the data they gather as a valuable asset. Consequently, firms protect information zealously and do not carelessly let other firms gain access to this valuable information. Thus, the best and most dependable constraint on the misuse of customer information by financial services firms is the operation of the competitive marketplace. And because securities firms face these strong market incentives to protect the privacy of their customers' data, they are continually examining ways to ensure that their treatment of personal information meets the expectations of their customers. Especially today, as the financial industry is undergoing rapid structural changes and addressing emerging technological advances such as the World Wide Web and online trading, securities firms are reviewing and strengthening their privacy practices to ensure that they remain current both with emerging technology and consumer expectations. Charles Schwab and many other securities firms, for example, educate investors about their privacy policies through privacy practices statements that are accessible from their homepages on the World Wide Web. Indeed, the Federal Trade Commission recently concluded that, based on its survey of online privacy practices, the American business community as a whole is responding to market pressures by adopting privacy policies, and that no further Internet legislation is needed at this time. Furthermore, SIA is itself pursuing several initiatives to promote privacy in the securities industry. For example, SIA recently established a board-level committee that will be devoted specifically to addressing privacy issues. The committee will educate SIA's member firms about privacy issues and will work with firms to develop the most effective means for meeting their customers' privacy expectations. H.R. 10 WOULD REINFORCE THESE MARKET INCENTIVES BY PROVIDING CONSUMERS MORE INFORMATION ABOUT PRIVACY PRACTICES SO THEY CAN MAKE INFORMED DECISIONS ABOUT FINANCIAL SERVICES COMPANIES. The second major point is that SIA supports the privacy provisions of H.R. 10 in the context of financial modernization legislation because the privacy provisions take a market-based approach for protecting consumer privacy. Instead of imposing a set of new, "one-size-fits-all" regulatory burdens, the privacy provisions of H.R. 10 promote privacy by enhancing consumer choice and thereby bolstering the operation of competitive market forces. Let me be more specific. By requiring financial institutions to disclose their privacy policies to consumers, the bill promotes market incentives. Consumers will be armed with specific information that will enable them to select those firms whose privacy policies comport with their wishes. The choices that customers make in response to this flow of information resulting from the disclosure provisions will reward those securities firms that honor consumer preferences and punish those that do not. This provision thus gives consumers the ultimate ability to "opt- out" of information-sharing practices that they do not like: The bill empowers consumers to vote with their feet and take their business to financial services firms that meet their privacy expectations. In addition, H.R. 10 affords consumers an additional "opt-out" opportunity by permitting them to prevent information-sharing with non-affiliated third parties. This provision protects customers' expectations and reassures them that they have control over the use of their personal information without unduly hindering responsible business practices. Some customers might not expect or desire that their personal, financial information will be shared with non-affiliated third parties. The opt-out provision provides the customer the opportunity to make an educated decision about whether he or she wishes the firm to provide his or her information to non-affiliates. At the same time, the requirement does not unduly restrict firms' ability to share information provided by customers who wish to receive benefits that arise from such sharing. ADDITIONAL PRIVACY OBLIGATIONS BEYOND THOSE CONTAINED IN H.R. 10 ARE UNNECESSARY AND ULTIMATELY WOULD HARM CONSUMERS. SIA does not believe that any additional regulation of personal, financial information is needed beyond the privacy provisions of H.R. 10. Indeed, the privacy requirements and exceptions contained in the bill were carefully crafted to reflect two important principles that militate against additional privacy regulations. First, customers' privacy interests are already protected by a broad array of regulatory requirements, common law principles, and market pressures. Second, any additional regulatory obligations could harm consumers by restricting firms' legitimate uses of customer financial information in ways that benefit customers. On the first point, it is important to emphasize that, wholly apart from the privacy provisions of H.R. 10, consumers already enjoy legal protection against the misuse of their personal, financial information. A broad set of common law principles, statutory provisions, and administrative regulations impose on securities firms duties to protect private information that customers entrust with them. For example, securities firms owe their customers a common law duty of loyalty, which among other things requires firms to put the interests of the investor ahead of their own. Thus, a firm that intentionally discloses, or otherwise makes use of, a customer's confidential information to benefit itself at the expense of the customer may violate its agency duties to the client and face liability for any resulting damages. Similarly, securities firms are heavily regulated by industry self-regulatory organizations ("SROs") such as NASD Regulation, and these organizations have enforceable regulations in place that would cover the misuse of confidential information by their members or affiliated persons. Most generally, NASD-R Conduct Rule 2110 provides, " a member, in the conduct of his business shall observe high standards of commercial honor and just and equitable principles of trade." This general provision would reach unauthorized disclosure, or other misuses, of confidential information benefiting a securities firm at the expense of an investor. Other SROs maintain similar rules that would reach abuses of confidential information by their members. Thus, it is important to recognize that Congress need not address in H.R. 10 all potential types of misuse of customer information in the financial services industry. Other safeguards do exist. SIA supports H.R. 10 as a workable supplement to those safeguards. The second reason that Congress should not add to the regulatory obligations in H.R. 10 is that such modifications would harm consumers. Indeed, as I will explain, securities firms gather and share personal information about their customers for many legitimate purposes that benefit consumers both directly and indirectly. In enacting privacy legislation, Congress should be careful not to hamper inadvertently these legitimate uses of customer information. A few examples will illustrate the point. Securities firms are required to gather information about their clients in order to meet SRO "suitability" rules. Those rules require that firms recommending securities to retail customers must have a reasonable basis for recommending the securities, based on information disclosed by the customer. Thus, firms routinely gather financial information about their customers to satisfy that obligation, including information about the customer's financial and tax status, investment holdings, and investment objectives. Restricting the ability of securities firms to gather and use this information would hamper the effectiveness of these suitability rules, which, after all, were designed to protect consumers. Furthermore, information sharing is essential for one of the principal consumer benefits associated with the recent trend towards diversified financial firms that H.R. 10 seeks to promote: the ability of a single firm to offer a package of products tailored to meet a customer's individual needs. Customers who come to a diversified financial firm expect to gain access to and receive offers for a variety of products and services under a single brand name. Indeed, many investors come to diversified firms precisely because such firms give the investor opportunities to benefit from the diversified offerings of an integrated firm. Information sharing among affiliates also promotes customer convenience and lower costs. For example, an asset management firm may introduce customers to an affiliated broker-dealer for the execution of a securities trade. Before it can execute the trade, however, the broker-dealer necessarily needs to obtain information about the customer. By obtaining the information directly from its affiliated asset management firm, the broker- dealer is able to avoid the administrative costs and needless delays associated with contacting the client directly. The savings may then be passed on to investors in the form of lower fees and commissions. In short, diversified financial firms must, to meet customer expectations and offer greater financial opportunities to customers, share customer information with affiliated entities in the same corporate family. Restricting the sharing of information among affiliates would impede these beneficial uses of personal information and impose needless costs on consumers. Indeed, restricting the flow of information from one affiliate to another reflects the sort of outdated thinking that this financial modernization bill is designed to eliminate. An opt-out requirement for interaffiliate sharing of information, for example, would confuse consumers and effectively defeat efforts by firms to promote a "one firm" identity and bring convenient, one-stop shopping to their customers through corporate branding and advertising. An opt-out restriction would require a financial institution to send customers an ambiguous, confusing message with respect to product offerings from affiliates sharing a common name. At the same time that customers are presented with a "one firm" brand image, they will be asked whether they wish to opt-out of receiving information on products and services that have been designed to meet their financial goals. Furthermore, restrictions on information sharing among affiliates would impose significant administrative costs on diversified financial services firms. Those firms build and operate their back office computer systems to achieve efficiencies in processing, storing, and retrieving information. Different arms of a diversified firm typically will share these systems. An opt- out right that applies to the internal sharing of information among affiliates would effectively prohibit the use of shared computer systems and require firms to incur substantial development costs to develop and maintain stand-alone back office systems for each of their affiliates, leading to duplicative costs and inefficiencies. Finally, restricting the sharing of information among affiliates could make it more difficult for securities firms to meet regulatory requirements. For example, Congress has recognized that broker-dealers face risks from the activities of affiliated companies, and that broker-dealers therefore must carefully monitor the activities of their affiliates. In the Market Reform Act of 1990, Congress granted the SEC authority to obtain from a broker-dealer information about affiliated companies. The temporary risk assessment rules that the SEC adopted under this authority contemplate that broker-dealers will use information from all available sources -- obviously including the affiliate companies themselves -- to assess their financial exposure. Congress must be careful not to let privacy regulation interfere with other important market safety measures that call for the sharing of information. BECAUSE H.R. 10 ALREADY IMPOSES COMPREHENSIVE DISCLOSURE OBLIGATIONS, CONGRESS SHOULD AMEND THE BILL TO PREEMPT STATE LAWS THAT ATTEMPT TO REGULATE THE USE OF PERSONAL FINANCIAL INFORMATION IN THE FINANCIAL SERVICES INDUSTRY. Because additional privacy regulation is unnecessary and could be harmful to consumers, Congress should amend H.R. 10 to preempt state laws that attempt to regulate the use of personal financial information by firms in the financial services industry. By enacting H.R. 10 with its current privacy provisions that promote the dissemination to consumers of information they need to select firms with appropriate privacy policies, Congress will ensure that consumers are equipped to make informed and effective choices about the handling of their personal, financial information. The comprehensive disclosure obligations of H.R. 10, in other words, make further federal or state intervention superfluous, because the market incentives reinforced by the legislation will ensure that firms implement effective and efficient privacy policies. There is a very real danger, however, that states will enact additional, more burdensome regulations that would undermine the market-based approach that Congress has taken in H.R. 10. Indeed, several states are considering such proposals today. In today's national market for financial services, however, firms cannot reasonably comply with 50 different, and sometimes conflicting, standards for privacy protection. It would be impractical, for example, for a financial services firm to establish specialized computer programs and information-handling practices tailored to individual privacy requirements in each of the 50 states. Thus, the state that adopts the most restrictive privacy regulations will, in effect, set the policy for the nation, because national financial services firms will have to conform their nationwide operations to that state's regulations. Congress should not let individual states override its judgment that, with H.R. 10's comprehensive information disclosure provisions in place, further privacy regulations are unnecessary. Congress therefore should amend H.R. 10 to preempt state laws that attempt to regulate the use of personal financial information in the financial services industry. TWO PROVISIONS OF H.R. 10 SHOULD BE MODIFIED TO AVOID CREATING UNINTENDED AND UNNECESSARY REGULATORY BURDENS. Although the SIA supports the privacy provisions in H.R. 10 as part of Congress's financial modernization initiative, two of its specific provisions need modification. It is also crucial that Congress not alter the exceptions in the legislation that are carefully tailored to ensure that the disclosure and opt-out provisions do not impede standard and appropriate industry practices. The first provision requiring modification is the language in section 501 describing the congressional purpose behind the privacy provisions. We believe this language has the potential to be misconstrued as providing a basis for a private cause of action under state common or statutory law. The language could be read, however inappropriately, to create liability for any practice that might be deemed inconsistent with a standard of conduct that Congress might be perceived to have established through this language. Furthermore, the language might be construed to grant regulators broad power to engage in the very type of micromanagement of privacy practices that the bill itself successfully avoids. Congress should modify this provision to preclude such unintended legal consequences. Second, language in section 503 requiring annual notification about privacy policies is unduly burdensome and unnecessary. This confusingly drafted provision would appear to require a firm to make annual privacy disclosures even to customers that are inactive and that do not otherwise receive any regular notices from the firm. Indeed, a firm would be required to send these additional and costly notices to customers every year even if the firm's privacy policy has not changed since the customers last received such notice. Congress should modify or eliminate this annual disclosure requirement. Once customers have received notice of a company's privacy policies, they are able to make an informed choice about whether to do business with the company, and that should be the end of the company's notice obligations. Little purpose is served by inundating customers with subsequent, identical notifications from companies with whom the customers are already doing business. In conclusion, I would again like to thank the Subcommittee, on behalf of SIA, for providing this important opportunity to share our views on the privacy provisions of H.R. 10. SIA believes that prompt enactment of financial services modernization is essential for the nation's growth and the enhancement of consumer services. Within that overall context of reform, SIA believes that, notwithstanding the existing protections for consumer privacy interests, the H.R. 10 privacy provisions are an acceptable way forward to address both business concerns and consumer expectations. If enacted, however, we believe these provisions should be the exclusive national standard for privacy protection in the financial services industry. We thank you against for this opportunity. I look forward to addressing any questions you may have.

LOAD-DATE: July 24, 1999




Previous Document Document 182 of 261. Next Document


FOCUS

Search Terms: personal w/5 information w/5 privacy, House or Senate or Joint
To narrow your search, please enter a word or phrase:
   
About LEXIS-NEXIS® Congressional Universe Terms and Conditions Top of Page
Copyright © 2002, LEXIS-NEXIS®, a division of Reed Elsevier Inc. All Rights Reserved.