Is Internet Banking Private?
Part Two
By Gail Rickards
This is the second of a two-part article on privacy in online
banking.
The controversy surrounding Web privacy centers on the use
of personal information that is collected by all sites, including
I-banking, as you click from site to site and page to page.
As this controversy grows, two principal issues have emerged.
The first is disclosing what information is being collected
and how the information is being used. The second is the granting
of permission to use or share the information.
For online banking, there are laws and regulations already
in place that cover some disclosure and permission issues--The
Fair Credit Reporting Act and Reg. B for credit reporting,
and Reg. E for electronic transactions. As helpful as these
are, they don't specifically address I-banking privacy concerns.
New Privacy Legislation for Banks
The Gramm-Leach-Bliley Act, which goes into effect November
2000, modernizes much of the financial system. According to
its provisions, banks are directed to formulate privacy rules
and disclose their policies regarding the use of personal
data.
However, the Act doesn't specifically discuss online privacy
or outline how banks can reach compliance, and therefore leaves
it to consumers to determine whether policies are actually
followed.
New York and California State legislatures have alternative
bills of their own that go further with respect to requirements
of particular importance to online banking.
One bill would require written notification of privacy policies
to customers. The other would give customers the choice to
"opt-in"--to give the bank permission to mine the data that
it collects--rather than "opt-out" after the mining has already
taken place.
The Privacy Statement Emerges
I recently sampled 10 online banking sites and found that
all had a privacy policy posted on their home page. 6 months
ago, this was not the case.
If you've had a chance to look at such a policy, you may
have found the amount of information both daunting and under-whelming.
Yet, its very presence is a step in the right direction, ahead
of legislation.
Banks are built on customer trust, but many people still
do not trust banking on the Internet. Voluntarily creating
and posting a privacy policy is a responsible, intelligent
move that helps users look out for themselves.
Self-Help: Read the Privacy Policy
It's worth your time to read and evaluate a privacy policy,
even if you're sure you'll never bank online. Here's a basic
list of questions it should answer:
- What information is being collected?
- What is it used for?
- Is information shared with any of the site's affiliates
that offer related services?
- Is information ever shared with or sold to outside third
parties? Why?
- Is information accessible by departments or employees
inside the bank? How secure is the site?
- Does an objective entity, such as an outside auditor,
review how well the bank adheres to its policy?
- Can you protect your personal information by "opting-out"
of data mining? How?
- Whom do you contact with questions or complaints?
If the policy is vague, contact the bank for specifics.
Take the Next Step: Cookie Control
Right now, you can increase your privacy protection by taking
charge of "cookies"--small data files planted on your computer
hard drive by every site you visit, including I-banking.
Clear the disk cache each time you exit your online banking
site.
Here's how:
Whether you use Microsoft's Internet Explorer or Netscape
Navigator, go to the main menu on the top of the screen and
click on "Edit." Choose "Preferences," scroll to the category
"Advanced," and click on "Cache." You'll find a button called
either "Empty Now" or "Clear Disk Cache Now." Click on that
button, and the traces of your I-banking session have been
erased.
Cookies pile up as you use the Internet. When you clear the
disk cache, you remove all cookies--those that make navigating
through a specific site easier and those used to collect information
for others.
If you want to selectively control cookies, you can find
a variety of software programs. Two of the best are made by
ZDNet and Symantec.
Can Online Banking Be Private?
Banks are very privacy conscious, and they want our trust.
Being vigilant and informed, we can add to their efforts and
take active steps to protect ourselves. My overall answer,
therefore, is yes; online banking can afford adequate privacy.
Ultimately, though, it's up to you to decide. After all,
it's your money, your information, and your peace of mind.
Click here to
read part one of Is Internet Banking Private?
Do you have questions, comments, or topic requests?
E-mail me at: gail@rickardsconsulting.com
|
