Tuesday, February 2, 2010

think

When we worry about who might be spying on our private lives, we usually think about the Federal agents. But the private sector outdoes the government every time. It's Linda Tripp, not the FBI, who is facing charges under Maryland's laws against secret telephone taping. It's our banks, not the Internal Revenue Service (IRS), that pass our private financial data to telemarketing firms.

Consumer activists are pressing Congress for better privacy laws without much result so far. The legislators lean toward letting business people track our financial habits virtually at will. As an example of what's going on, consider U.S. Bancorp, which was recently sued for deceptive practices by the state of Minnesota. According to the lawsuit, the bank supplied a telemarketer called MemberWorks with sensitive customer data such as names, phone numbers, bank-account and credit-card numbers, Social Security numbers, account balances and credit limits.

With these customer lists in hand, MemberWorks started dialing for dollars - selling dental plans, videogames, computer software and other products and services. Customers who accepted a "free trial offer" had, 30 days to cancel. If the deadline passed, they were charged automatically through their bank or credit-card accounts. U.S. Bancorp collected a share of the revenues. Customers were doubly deceived, the lawsuit claims. They didn't know that the bank was giving account numbers to MemberWorks. And if customers asked, they were led to think the answer was no.

The state sued MemberWorks separately for deceptive selling. The company defends that it did anything wrong. For its part, U.S. Bancorp settled without admit ting any mistakes. But it agreed to stop exposing its customers to nonfinancial products sold by outside firms. A few top banks decided to do the same. Many other banks will still do business with MemberWorks and similar firms.

And banks will still be mining data from your account in order to sell you financial products, including things of little value, such as credit insurance and credit-card protection plans. You have almost no protection from businesses that use your personal accounts for profit. For example, no federal law shields "transaction and experience" information - mainly the details of your bank and credit-card accounts. Social Security numbers are for sale by private firms. They've generally agreed not to sell to the public. But to businesses, the numbers are an open book. Self-regulation doesn't work. A firm might publish a privacy-protection policy, but who enforces it?

Take U.S. Bancorp again. Customers were told, in writing, that "all personal information you supply to us will be considered confidential." Then it sold your data to MemberWorks. The bank even claims that it doesn't "sell" your data at all. It merely "shares" it and reaps a profit. Now you know.