TRENTON – Citing the fact that federal law makes it too easy for financial institutions to sell their clients personal information, Senator Barbara Buono welcomed committee approval of her bill that would require that individuals “opt-in” before their private information could be shared by banks and credit card companies.
“Most people don’t realize that they have to sign a form with their credit card company saying they want to keep their financial information private,” explained Senator Buono. “It makes no sense that by default, financial institutions can sell such sensitive information about an individual. With identity theft the big threat it is these days, we need to make sure every reasonable safeguard is in place to protect consumers.”
The bill, S-547, would require financial institutions that share their customers’ nonpublic personal information with non-affiliated third party entities to give their customers advance notice of such sharing. The bill would prohibit such sharing unless the customer notified the financial institution of his or her consent to such sharing, creating what is known as an “opt-in” system to allow the sharing of the information. Unless the customer consents in writing, the financial institution would not be allowed to share the information with non-affiliated third party entities.
“Most people only skim the privacy policies sent by their banks and credit card companies, if even that. Very few realize that in order for it to fully apply, they must sign a form and return it,” explained Senator Buono.
The bill would not restrict or prohibit the sharing of nonpublic personal information between a financial institution and any affiliates. An affiliate is any entity that controls, is controlled by, or is under common control with another entity, including a franchisor.
“While most financial institutions are careful about who they sell information to, once that information is passed on the first time, it can be sold and resold without any monitoring or regulation. It’s those transactions that worry so many people and really pose the threat if consumers are not careful,” added Senator Buono.
The bill also provides the limited ability for financial institutions to share nonpublic information with third parties in order for the institution to comply with existing laws or provide financial services to the customer.
The penalty for negligently violating the law would be a civil penalty of up to $2500 per violation, not to exceed a total of $500,000. For willful violations, the civil penalty would be up to $5000 per violation with no maximum amount. The bill would set forth factors that the court should use in determining the appropriate penalty amount. In the event that the violation resulted in identity theft, the penalty could be doubled. The Attorney General would be granted exclusive authority to bring legal action for violations of the law.
The bill passed the Senate Commerce Committee by a vote of 4-0. It now goes to the full Senate for their consideration.