IP: Dan Gillmor on Technology Wed Apr 11 13:00:25 EDT 2001

[David Farber <dave () farber net>]

> Sender: svdispatch () KNIGHTRIDDER COM
> From: "SiliconValley.com" <svdispatch () KNIGHTRIDDER COM>
>
> I N S I D E   T H E   T E C H   E C O N O M Y
>    <http://www.siliconvalley.com/>HOME > 
> <http://www.siliconvalley.com/opinion/>OPINION > 
> <http://www.siliconvalley.com/opinion/dgillmor/>DAN GILLMOR
>   SV.comThe Web
>
> <http://www.siliconvalley.com/news/>NEWS  | 
> <http://www.siliconvalley.com/opinion/>OPINION | 
> <http://www.siliconvalley.com/research/>RESEARCH | 
> <http://www.siliconvalley.com/financial/>FINANCIAL MARKETS  | 
> <http://www.siliconvalley.com/regions/>TECH REGIONS | 
> <http://www.siliconvalley.com/svlife/>SV LIFE | 
> <http://www.siliconvalley.com/career/>CAREER | 
> <http://www.siliconvalley.com/personaltech/>PERSONAL TECHNOLOGY | 
> <http://www.siliconvalley.com/hottopics/>HOT! TOPICS
>
> Wednesday April 11, 2001
>
> Banks share privacy policies, but examine them carefully
>
>
>
> BY <mailto:dgillmor () sjmercury com>DAN G<mailto:dgillmor () sjmercury com>ILLMOR
> Mercury News
>
> Watch your mail carefully for the next few weeks. Financial institutions 
> of all kinds will be telling you, sometimes deviously, how much they care 
> about your privacy.
>
> After you stop snickering, start paying attention to what they say -- if 
> you can understand the obscure language some of them will use -- and then 
> take some defensive steps to limit the damage that a new federal law is 
> doing to everyone's privacy.
>
> The Financial Services Modernization Act, as its sponsors named this 
> creepy piece of legislation, tore down the Depression-era walls that 
> prohibited some kinds of financial institutions from owning other kinds. 
> Insurance companies couldn't own banks, for example.
>
> There were good reasons for the previous policy -- to protect customers -- 
> but the powerful financial industry got the old law repealed. Bad idea, 
> but money rules in Congress these days.
>
> The lawmakers also looked at data privacy as they considered the bill. As 
> you'd expect, they mostly did the money folks' bidding in this case, too. 
> The act gave the up-and-coming financial conglomerates the right to share 
> your data among all companies under any single corporate umbrella. In 
> other words, your life insurer may soon be able to learn how you spend 
> your money using a credit card issued by a bank owned by the same 
> corporate parent.
>
> That was horrible, but the law also gave financial institutions the right 
> to pretty much do as they pleased with your data outside their corporate 
> families -- unless you explicitly tell them not do share it.
>
> By July 1, all financial institutions have to notify you of your minimal 
> privacy rights. The way they're doing it, as you might expect, raises 
> suspicions about how much they really want you to exercise those rights.
>
> First, the privacy advisories are likely to look like junk mail or some 
> stuffer that comes with your monthly bill. If you're like me, you tend to 
> toss out direct-marketing mail and the extraneous stuff that shows up in 
> monthly bank or credit-card statements. I'm sorry to say that we all need 
> to examine everything for the time being.
>
> Second, institutions are cloaking the advisories as helpful new guides and 
> services rather than compliance with federal law. The non-profit Privacy 
> Rights Clearinghouse 
> (<http://www.privacyrights.org>www.privacyrights.org), based in San Diego, 
> faxed me some examples. US Bancorp proudly declares its ``Consumer Privacy 
> Pledge'' while Wells Fargo and Wal-Mart's credit-card unit call it a 
> ``Privacy Policy.'' Invariably, they tell you how much they value your 
> business and your privacy, but forget to note that they're telling you all 
> this because the new law requires it.
>
> Third, they're writing the policies in obscure ways. ``According to the 
> law, these new financial-privacy notices are supposed to be written in a 
> `clear and conspicuous' style,'' says a readability study commissioned by 
> the Privacy Rights Clearinghouse and posted on its Web site. ``This means 
> that the language used should be `reasonably understandable,' a term which 
> is not defined. But based on the readability statistics, none of these 17 
> notices was even close to meeting that criterion.''
>
> Could it be that the financial institutions don't want you to know what 
> they're doing? Or is it just the result of lawyers mucking with disclosure 
> forms? Either way, customers need better disclosure.
>
> I strongly advise you to look carefully for these notifications, and then 
> do whatever it takes to inform the financial institutions that your data 
> is not theirs to share. Remember, your inaction is their go-ahead to treat 
> your information as a commodity.
>
> Note to readers: If you get a privacy notification that's especially 
> well-disguised or obscurely worded, please send me a copy. I'll create a 
> gallery of the worst offenders and post it online.
>
> SPEAKING OF OBFUSCATION: Microsoft's ``Passport'' system, which 
> authenticates users of Hotmail, Microsoft's Instant Messenger software and 
> other products, is also designed to be the entry point to the 
> ``Hailstorm'' world of pervasive Web-based services. But our favorite 
> monopolist has come under well-deserved fire for Passport's amazing 
> ``Terms of Use,'' which were so broadly favorable to the company as to be 
> ludicrous.
>
> These kinds of documents are common, and outrageous. They give customers 
> few rights, if any, and give sellers practically total license to sell 
> defective goods with impunity.
>
> In the Passport case, the terms of use could have been interpreted to mean 
> Microsoft had permission to use its customers' patents and other 
> intellectual property without reimbursement. After a furor, which began 
> when the Register (<http://www.theregister.co.uk>www.theregister.co.uk), 
> an online publication, reported the terms, Microsoft revised them, saying 
> the document was out of date.
>
> The terms are still not what you'd call consumer-friendly. And if you want 
> to learn just how these kinds of terms get written, you may want to stop 
> by Stanford University this afternoon for a colloquium where Jack Russo, a 
> Silicon Valley lawyer who specializes in intellectual-property issues, 
> will deconstruct the Microsoft document from several points of view.
>
> Line up the 15 major points in the terms of use, Russo said Tuesday, and 
> look at them from a consumer's side and Microsoft's side. ``They're 180 
> degrees apart,'' said Russo, of Russo & Hale in Palo Alto.
>
> The colloquium is open to the public. It starts at 4:15 p.m. today in the 
> NEC Auditorium, which is located in -- you guessed it -- the Gates 
> Computer Science Building. It will also be available afterward in a 
> streaming media format 
> (<http://www.stanford.edu/class/ee380/>www.stanford.edu/class/ee380/).
>
>
> Dan Gillmor's column appears each Sunday, Wednesday and Friday. Visit 
> Dan's online column, eJournal (weblog.mercurycenter.com/ejournal). E-mail 
> <mailto:dgillmor () sjmercury com>dgillmor () sjmercury com; phone (408) 
> 920-5016; fax (408) 920-5917. PGP fingerprint: FE68 46C9 80C9 BC6E 3DD0 
> BE57 AD49 1487 CEDC 5C14.
>
> ADVERTISEMENT
> I N S I D E   T H E   T E C H   E C O N O M Y
> © 2001 KnightRidder.com  |  <http://www.siliconvalley.com/terms.html>Terms 
> of 
> Use  |  <http://www.siliconvalley.com/advertising.html>Advertising  | 
> <http://www.siliconvalley.com/about.html>About 
> SV.com  |  <http://www.siliconvalley.com/sitemap.html>Site 
> Map  |  <http://www.siliconvalley.com/contact.html>Contact 
> Us  |  <http://www.siliconvalley.com/help.html>Help



For archives see: http://www.interesting-people.org/