Big Banks Put Senior-Level Execs on Privacy Watch

Article excerpt

Amid spreading concern about consumer privacy and its enforcement, most of the nation's largest banks are appointing "privacy czars" to steer them clear of controversy.

At least seven major banking companies have recently named senior-level executives to hone and supervise privacy policies. Three of the posts have been created within the past seven months.

Banks have always emphasized the sanctity of customer information, but the new jobs are turning a spotlight on concerns once swept aside in smallprint disclosures.

Bank executives tie their renewed preoccupation with privacy to the rise of on-line commerce and to how easy it has become to share data electronically. The Clinton administration has urged all companies to post privacy policies on their Internet sites, and some banks have taken this a step further, instituting systematic rules about how data must be handled.

"If there was anything that pushed me, it was the Internet," said John B. McCoy, chief executive officer of Bank One Corp., describing his decision this year to name a senior executive for privacy.

Mr. McCoy, whose company has been more aggressive than most in trying to establish itself on the Internet, said he aimed to avoid any practice that might spook customers about what the bank knows.

"If you go to Amazon.com, the third time you show up they are asking you whether you have read any novels by so-and-so," Mr. McCoy said in a telephone interview.

Mr. McCoy's choice was Julia F. Johnson, who previously managed the bank's Community Reinvestment Act programs.

"My first job is understanding what our practices are, how we collect and secure information," said Ms. Johnson, whose title is director of information policy and privacy.

She relies on people from each of the company's business lines. They describe the ways they use available information, how they share it within the company, and how they "protect information that may be shared with a vendor or processor," she said.

Fears of hacking and other computer crimes are part of the story; another dimension is the worry that overzealous marketers could cross ethical lines.

Privacy executives said in interviews that their jobs are meant to send a message, within their companies and to the public. People want to know that their banks are taking action on this issue, not simply reacting to crises or complaints.

"I'm at the corporate level to give privacy visibility," said Pamela Flaherty, senior vice president in charge of privacy for Citigroup Inc. Her company is training all its employees in privacy policies and procedures.

Many executives are still feeling their way into these jobs.

"These are brand new positions for all of us," said Karen M. Alnes, director of privacy policies at Wells Fargo & Co. "We are in uncharted waters."

Other major banking companies with privacy specialists are Chase Manhattan Corp., Bank of America Corp., Mellon Bank Corp., and PNC Bank Corp.

The backdrop to the appointments are government and consumer concerns over how easily-and often-personal information is obtained and tracked using the Internet and other advanced technology.

In a memo to employees last September, Chase Manhattan vice chairmen Donald L. Boudreau and Joseph G. Sponholz said consumer privacy has "become a significant issue in Washington, and pressure for increased government intervention is expected to grow ... It is important that we speak clearly and with one voice on this important issue."

Chase consolidated its initiatives under Patricia Alberto. She holds two titles: privacy executive of Chase Manhattan Corp., and senior vice president and manager of national consumer services, compliance, and operational risk management at Chase Manhattan Bank.

Related factors influencing banks' actions are U.S. financial reform legislation and the European data protection law, which governs how banks can use information about European employees and customers. …