Meeting the Privacy Challenge

Article excerpt

Jo Ann S. Barefoot, contributing editor. Barefoot heads up Columbus, Ohio-based KPMG Barefoot, Marrinan, a business unit of KPMG Peat Marwick, LLP. She is a partner in the parent firm.

Privacy will be the most challenging consumer issue banking has ever faced.

As a 30-year veteran of consumer protection compliance issues, I watched all this with one thought running through my head:

Its potency hit me some months ago while watching a network crime drama. The frightening plot concerned a woman being cyberstalked. Sinister e-mails were arriving from an anonymous source who knew intimate details about what she did and how she lived. As the mystery unfolded, we learned she had bought something from a company that contracted with prison inmates to take telephone orders. The prisoner who talked with her bribed a manager of the company that ran the program to give him access to her identity data. Then he hacked into all her records, including her grocery store buying club data. He sent her messages on such things as personal products she had bought, specifying brand names. After time passed, he was released from prison and promptly murdered her.

I've never seen a popular television show about Regulation Z.

A central, basic right

Most people don't care a great deal about the consumer protections that have been built into banking and credit law. Those who do care are the consumer advocacy groups, the industry, and the politicians and regulators who mediate between them. Debates rage among these players in Congressional hearing rooms, around conference tables at the Fed, and in the pages of the trade press. (The recent charges by the Minnesota attorney general against U.S. Bancorp, coming on the heels of Comptroller Jerry Hawke's allegations of seamy privacy practices by banks, are a harbinger of more of the same.)

The intended beneficiaries, meanwhile, are largely indifferent. They take for granted that government protects them.

Privacy is different. When an issue crosses over from the rarefied atmosphere of Washington wonkery into prime time TV, something significant is happening.

What makes privacy unique? ft directly affects everyone, not just those using certain kinds of services or belonging to certain groups. Plus, it simply hits a nerve. Americans cherish privacy as they do freedom, and may in fact see the two as intertwined.

This has always been so. What is new today is the nature and pace of technological change. Computers have suddenly made it possible and affordable to gather and use information on people in new ways.

Most of the information itself has always existed, somewhere. But it was hard to use, when doing so required a trip to the county clerks' records office, or, inside a bank, to the filing cabinet or separate database of a branch, the credit card group, the mortgage company.

Now, those databases are being linked to each other and made accessible by cheap search methodologies, on the telephone or at the computer keyboard. Making the information comprehensive and affordably reachable makes it useful as never before. As a result, it is being used as never before.

And consumers for the most part don't know how easily information about them can be accessed by anyone willing to pay for it--and how affordable that price has become. And they don't know how creatively businesses are using data to make judgments about which customers are most "valuable," what products to offer them, how to price for them, what level of service to give them, and the like. Furthermore, this awareness gap is growing daily.

The coming minefield

Companies are investing heavily in the ability to collect and leverage information in a wide range of new ways that will produce huge benefits for both business and customer. They are making these investments, however, in a regulatory void, or nearly so. …