Yale CPSC 457 - Sensitive Information in Financial Services (14 pages)

Previewing pages 1, 2, 3, 4, 5 of 14 page document View the full content.
View Full Document

Sensitive Information in Financial Services



Previewing pages 1, 2, 3, 4, 5 of actual document.

View the full content.
View Full Document
View Full Document

Sensitive Information in Financial Services

172 views


Pages:
14
School:
Yale University
Course:
Cpsc 457 - Sensitive Info in Wired World
Unformatted text preview:

Sensitive Information in Financial Services CS 457a Introduction Financial services is fundamentally an information driven industry Consumer financial transactions generate huge amounts of personal data Every ATM transaction credit card purchase check deposit and loan application leaves electronic traces in the form of transaction records at both your bank and often the counterparty s financial institution The sheer volume of such transactions is huge Visa s USA division alone processed 14 Billion transactions in 2002 1 Financial institutions can use the information acquired in the course of business beyond the basic function of rendering the service requested by the consumer Databases of customer data and provide insights in to customer habits and allow institutions to connect consumers with products they are likely to want Detailed transaction databases also allow financial institutions to more efficiently price products For example data mining tools enable better estimate and understand important costs that are not known a priori such as credit risk and price loan products accordingly There is little question that customer information is quite valuable to businesses For years the courts have held that customer list are valuable and can be protected as trade secrets Financial information is an interesting class of personal information to look at from a privacy perspective because it exists in large quantities is non public and is often sensitive yet a singly piece of information can be handled by a wide range of entities Clearly some level of information sharing is needed to effectuate financial transactions It would not be possible for example to deposit a paycheck in your bank with out your employer and its bank also knowing the important details While a consumer understands this necessity advances in databases and communication technology now allow financial institutions to compile vast amounts of data about their customers and even create profiles of their personal financial habits 1 http usa visa com personal newsroom 1trillion html There are two primary areas of concern about privacy and sensitive data handling in financial services information sharing and information security These two classes of concerns are often mixed together but should be thought of as largely distinct issues Information sharing concerns the intentional use and distribution of personal information Many consumers are uneasy about the amount of information that their financial institutions know about their lives and what firms may be doing with that information Information security questions center around unauthorized use of personal information The principal concern is the risk of some sort of identity theft but may also include unauthorized disclosure of sensitive personal information such as your wealth or spending habits Information sharing and information security issues both concern the distribution of non public personal financial information but they each require fundamentally different approaches both procedurally and technically to addressing the needs of consumers Information Sharing The tremendous advances in information technology have led some to question when financial institutions should be able to share information about its customers with other businesses Consumer advocacy groups want to restrict information sharing and have lobbied for opt in laws that would require institution to obtain explicit consent prior to sharing personal information to third parties Such a system would likely force financial institutions to compensate customers with incentives such as lower fees better interest rates etc in order to induce customers to authorize sharing of their information Obviously these inducements would be limited to something less than the value that the institution can generate from this right to share information While not driven by a legal requirement this is essentially the way that grocery store discount cards work Grocery stores provide cardholders with special discounts in exchange for the ability to track a customer s buying behavior by studying card usage While many consumers may think more about the potential savings than the loss in privacy the grocery card has essentially created a market system for acquiring privacy rights from its customers The Graham Leach Bliley Act of 1999 GLB does not go so far as requiring optin consent for information sharing but it does financial institutions to allow consumer s to opt out of the firms right to share the customer s information to non affiliated third parties Beginning July 1st 2001 financial institutions that share information with any non affiliated third parties had to provide written privacy policies that describe what information is collected by the institution and precisely what may be shared with third parties Institutions must provide this notice annually and consumers must be given an opportunity to opt out of unwanted information sharing The opt out approach is clearly favors financial institutions because they are allowed to share information by default Jeffrey Lacker a Fed economist argues that from an economic perspective the distinction between opt out and opt in should be no different than the difference between treating CD players as standard equipment or an available option in a new car 1 Because institutions can still provide incentives to induce its customer s not to opt out the overall compensation provided to consumers for the right to share their personal information should be the same One would expect however that a larger proportion of customers would not opt out from information sharing than would opt in under and opt in scheme While consumer advocates may criticize GLB for having an opt out system any difference in information sharing authorized under one scheme or the other reflects indifference about information sharing among a portion of the population Why not allow financial institutions to share their information if they don t seem to care that much While exact figures are not available industry sources cite an opt out rate of about 5 for GLB related privacy notices 2 The information sharing debate is fundamentally about the ownership of information rights The opt out rules and privacy policy requirements of GLB provide a clear mechanism for assigning information distribution rights between the institution and the customer It is up to the markets to determine the value of these information rights


View Full Document

Access the best Study Guides, Lecture Notes and Practice Exams

Loading Unlocking...
Login

Join to view Sensitive Information in Financial Services and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Sensitive Information in Financial Services and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?