Survey: Most Bank Web Sites Flunk FTC Privacy Standards

Article excerpt

WASHINGTON -

An unimpressive 17% of the nation's 50 largest banks with Web sites have privacy policies that meet the Federal Trade Commission's five principles of fair information practice, according to a study released Tuesday by the four bank and thrift regulatory agencies.

The "Interagency Financial Institution Web Site Privacy Survey Report" also found that 100% of those banks collect some personal information from users, ranging from e-mail addresses to credit card and Social Security numbers, but only half allow users to bar the sharing of that information with the banks' affiliates or other third parties.

The survey covered 364 banks and thrifts -- the 50 largest institutions by asset size, plus 314 others selected at random -- with an on-line presence.

Under the FTC's fair information practice principles, customers must have access to their personal data and the ability to ask questions and file complaints about the institution's privacy policy. But among the Web sites of the 50 largest banks and thrifts, only one contained a statement notifying customers that they may review the information collected, and only 13 informed users that they may ask questions about that data. Eleven institutions explained how to submit a question about privacy issues, and only one explained how to submit a complaint. …