Building A Framework

     There are a handful of states that already had begun work in the privacy arena. One is Minnesota, which catapulted itself into the national privacy spotlight in June when Attorney General Mike Hatch launched an investigation and lawsuit against U.S. Bank for giving out personal financial information to a telemarketing company. The telemarketers, after calling customers and inquiring whether they wanted additional information about bank services, charged the customers for the services. Hatch alleged that the bank released the information for $4 million plus commissions, some of which he said were gained by disclosing deceptive information. Under the settlement, the bank donated over $2 million to charities around the state and agreed to make refunds to Minnesota customers who were victims of the scheme. It also enacted an opt-out policy, among other penalties. Minnesota was one of the most outspoken opponents of the federal legislation, saying that it "was even weaker than the settlement we got," according to Hatch's press secretary, Leslie Sandburg.
     Consumers Union's David Butler called Minnesota "as proactive as any state at this point" for their prosecution of U.S. Bank, but added that "this is still a relatively new debate at the state level."
     Some observers anticipate that with the passage of the federal "bank bill," states may become more alert to the issues at hand. "This will force states to look directly at the issue," said Brett Hester, the National Governors' Association's economic development policy analyst. John Ryan, of the Conference of State Bank Supervisors, agreed. "It's a hot issue, an easily political issue," he said. "You have elected officials who may want to make an issue out of this." Minnesota, taking advantage of the Sarbanes amendment, will introduce legislation next session to the tune of protecting consumer privacy.
     Also at the fore is Massachusetts' Lieutenant Gov. Jane Swift, R, and Gov. Paul Cellucci. In a recent speech, Swift railed against the federal legislation, saying that both Congress and the administration missed out on a historic opportunity to ensure privacy protections. "Now that the federal government has determined that states should decide some privacy issues for their citizens," Swift said, "we in Massachusetts are pleased to be at the forefront of this crucial national debate." At the crux of the administration's plan is the establishment of an opt-in system that requires businesses to seek consumers' consent before they sell or share information. "Governor Cellucci and I don’t think that this is too much to ask," she added.
     The legislation's initiative grew out of a quality-of-life commission established by the governor. The group determined that privacy was one of the hottest issues, and from that grew the omnibus legislation that has been sent to five different legislative hearings and two public hearings, explained John Ziemba, deputy general counsel and deputy director of the Office of Consumer Affairs. Most committees are still looking at the legislation, and will wrap-up their investigations next year, as the Massachusetts legislature completes its two-year term.
     While Massachusetts remains one of the few states specifically targeting financial privacy, a host of others are joining the bandwagon in the hopes of ensuring consumer protection in other high-tech areas. New York Attorney General Eliot Spitzer joined the group of state attorneys general upset with the weak protections in the federal bank bill, but it wasn't the first time he had entered the arena. He had ushered through a spam bill — allowing consumers the right to opt-out of receiving unsolicited, bulk e-mail — and a bill that would prohibit Web site owners from tracking consumer information unless users consented to the actions, said spokeswoman Christine Pritchard. Now the focus has turned to reforming the Fair Credit Reporting Act, which, among other things, would provide consumers the right to receive one free credit report each year to determine its accuracy. And Spitzer also has promoted a bill on identity theft, declaring that if a consumer's identity has been stolen to obtain anything of value, the customer, and not just the credit card company, is deemed a victim and can seek reimbursement.

Honing In On The Hot Topics

     Identity theft, perhaps because of the personal stories that result from it, is one of the hotter privacy issues in the states, and Arizona is working on a law making it a crime to steal a personal password. Rep. Jeff Hatch-Miller, R, who chairs the state's Internet study commission, said that legislators are just beginning to understand the new level of concern being raised by citizens with respect to their right to privacy. The group has established a subcommittee looking into additional privacy legislation that may be needed with the understanding that the rules must seek a balance between protecting consumers and businesses alike.
     "Arizona is a fairly conservative state," Hatch-Miller said. "We're friendly to business here. To the extent possible, I think we'll promote private solutions, as we do prefer them to government solutions."
     Hatch-Miller added that one of the newest areas of concern is information from customer convenience cards, such as those given out by grocery stores to determine sale prices, being sold to outside marketers. California already has seen legislation introduced that would bar the sale of that information, and its legislature's Joint Task Force on Personal Information and Privacy continues to look at that, as well as all issues surrounding privacy. Sen. Jackie Speier, D-San Francisco/San Mateo, is expected to soon drop a bill complementing the Financial Services Modernization Act that would prohibit the sharing of personal information among affiliate companies in different sectors. Although because of the strong banking lobby and the political difficulties surrounding the issue, staffers say they still don't know what form the bill will take.
     That seems to be a familiar refrain in such discussions, as many elected officials grapple with the growing number of privacy concerns that technological advances have ushered in. Many legislators looking to the federal government for guidance on the matter have been thrown an unexpected duty with the results in the financial services act, but observers say they will take the ball and run with it. "I think what will happen is you'll see legislation in areas where there may be problems," predicted Neal Osten, director of the commerce and communications committee for the National Conference of State Legislatures.
—by Stephanie Lash