• Privacy Still a Hot Issue
  • May 30, 2003
  • Law Firm: Graydon Head & Ritchey LLP - Cincinnati Office
  • Just because the California state legislature couldn't pass a financial privacy law last session, the city of San Francisco didn't hesitate to pass its own. Effective January 1, 2004, San Francisco will require financial institutions that do business or have customers in that city to give paper or electronic notice and obtain prior consent before disclosing or sharing personally identifiable financial information, to affiliates or third parties. Those financial institutions will also need to take reasonable steps to ensure that a third party providing the confidential consumer information previously had followed similar notice and consent procedures.

    San Francisco joins Alameda, Contra Costa, San Mateo, Santa Cruz and Solano counties, Daly City and South San Francisco in passing consumer financial privacy protections. Under the San Francisco ordinance, financial institutions that negligently disclose or share confidential consumer information shall be liable for an administrative fine of up to $2,500 per violation. The penalties rise to $25,000 for a third violation for "knowingly and willfully" obtaining, disclosing or using confidential consumer information in violation of the law.

    An institution that discloses the confidential information for financial gain would be liable for up to a $5,000 fine for the first violation, $25,000 for a second violation, $250,000 upon a third or subsequent violation and, under the law, would be subject to disgorgement.

    In September, the Bank of America and Wells Fargo sued San Mateo County and Daly City over their ordinances requiring customer opt-in before confidential information could be disclosed to third parties. At this point, there has been no word yet on whether that lawsuit will be amended to include San Francisco.

    Banks contend that there should be national privacy standards. A hodgepodge of state and local ordinances create a compliance burden for the industry. The industry also contends it would be hampered in trying to offer customers valuable services.

    Privacy continues to be the hot issue in these early days of the millennium. The question yet to be finally determined is whether the battle for privacy will be a single or multi-front war!