Home 240-994-4142 SwireBlog Privacy Homepage






                         FINANCIAL PRIVACY



My first privacy expertise was in the area of financial services. I worked extensively on banking regulation issues when in practice during the late 1980s, my early teaching and scholarship focused in that area, and I am a past President of the American Association of Law Schools Section on Financial Institutions and Consumer Financial Services. My views on financial privacy as of 2002 are contained in "The Surprising Virtues of the New Financial Privacy Law." This page is split between: (1) my academic work on financial privacy before entering government; (2) financial privacy in 1999 and 2000, when I served as Chief Counselor for Privacy for the Clinton Administration; and (3) events since January, 2001.

My Academic Work on Financial Privacy Before Entering Government

As I shifted my research interest to the law of cyberspace during the 1990s, financial services became the area where I could develop and test my ideas. In 1997, to support this research, I was selected as an Ameritech Faculty Fellow to conduct research on "The Role of Law in Assuring Financial Privacy."

At a conceptual level, my 1997 paper on "The Uses and Limits of Financial Cryptography: A Law Professor's Perspective" comes first. It explores the extent to which purely technological solutions can ensure financial privacy. The answer is that cryptography and other technologies can do a fine job at getting data from Point A to Point B while making it difficult or impossible for hackers to read the data. These technologies, however, offer little help in protecting onward data flows from the bank employee who is authorized to see the data. Something other than technology is needed if we wish to prevent the bank, or the bank employee, from disclosing that data to someone else.

The question then becomes which data flows from financial institutions are advantageous or instead should be limited. My 1999 paper on "Financial Privacy and the Theory of High-Tech Government Surveillance" asks what it would be like if the government had a complete dossier of every purchase you ever made in life. This government surveillance would have advantages such as reducing money laundering and fraud on government benefit programs. Total financial surveillance would also, however, raise serious concerns. The paper thus uses financial privacy as a way to explore more general questions about the advantages and disadvantages of new surveillance technologies.

Related issues arise from the flow of sensitive financial data within the private sector. (Indeed, the subpoena power of government means that records held in the "private" sector are usually readily available to the government.) The chapter on financial services in the 1998 Brookings book indicates the complexity of trying to regulate data flows in the financial area. At this stage I was also trying to determine the extent to which a law-and-economics approach to contracts would provide the level of financial privacy in the private sector that individuals desired. I wrote a 1997 paper on "Markets, Self-Regulation, and Government Enforcement in the Protection of Personal Information" as part of this research effort about how to decide what combination of markets, self-regulation, and government rules would be appropriate to get the benefits of data flows while also protecting personal privacy. As explained in my 2002 article, I now think there are serious enough market failures to require significant legislation for financial privacy.

Financial Privacy During My Time in the Clinton Administration

My 2002 article gives a detailed history of how and why Title V of the Gramm-Leach-Bliley Act of 1999 became law. Many of the documents from this period are available at the Presidential Privacy Archives, and some additional material is cited in a draft article from early 2000 that has not been formally published. In my role as Chief Counselor for Privacy, and building on my background as a banking law professor, I was privileged to be part of the Administration's team during consideration of this bill.

In May, 1999 President Clinton supported financial privacy protections in what I believe was the first presidential event in history focused on the protection of personal privacy. The Administration's views were most clearly set forth in testimony by Treasury Undersecretary Gary Gensler that summer. I had the somewhat delicate task of trying to explain the Administration's position to a major meeting of the American Bankers Association.

The Administration worked with Congress from May through the tortuous process that culminated in the signing of the bill in November, 1999. At the signing, President Clinton said that the Treasury Department, the National Economic Council, and the Office of Management and Budget (where I worked) would prepare legislation the next year to complete the unfinished business on financial privacy protection.

President Clinton announced the new proposal in the spring of 2000. (speech - fact sheet - bill language) I was very involved (along with many others) in the drafting of the bill, and gave speeches to industry and other audiences explaining its rationale. A portion of the bill was passed by the House Financial Services Committee, but no financial privacy legislation passed in 2000.

On a separate topic, OMB, Treasury, and the Department of Justice released a report in January, 2001 on privacy and bankruptcy records. It turns out that bankruptcy records contain a good deal of sensitive financial information, including Social Security numbers and current bank account numbers. Along with advantages of putting bankruptcy records up on the Internet, therefore, there are risks of identity theft and theft from those bank accounts. Writing this study offered an opportunity to look at the broader issue of electronic access to public records, in a context that was both federal (most public records are held by the states) and concerned financial information (which is more sensitive than many other types of personal information).

Financial Privacy After January, 2001

From this writing in the summer of 2002, financial privacy is likely to be a lively topic in coming years. Senator Sarbanes re-introduced the Clinton Administration financial privacy bill in 2001. Initial studies found that online banks, for instance, have not done a terribly good job of implementing the 1999 law. (CDT study - my statement). The state of North Dakota had the first referendum on financial privacy protection, and a decisive majority of over 70% voted for stricter rules. Some of my observations on these issues are in a spring, 2001 interview called "Peter Swire on Privacy, Pay Phones, and Strong Crypto."

As discussed in my "2002 article, financial privacy proposals in the state legislatures create an incentive for industry to seek new federal legislation that would preempt stricter state laws. This incentive is heightened by industry desire to reauthorize the Fair Credit Reporting Act in 2003, and the pending expiration of the preemption provision in the FCRA reform law passed in 1996. With industry having significant reasons to want federal legislation, and with privacy advocates pushing for rules that are stricter than Gramm-Leach-Bliley, we can see ingredients for a legislative battle in 2003.


Fair Credit Reporting Act

Relevant Publications

"The Surprising Virtues of the New Financial Privacy Law," Minn. L. Rev. (forthcoming, 2002). "None of Your Business: World Data Flows, Electronic Commerce, and the European Privacy Directive."  Co-authored with Robert E. Litan, Brookings Institution Press (1998).

"Financial Privacy and the Theory of High-Tech Government Surveillance," 77 Wash. U. L.Q. 461 (1999)

"The Uses and Limits of Financial Cryptography: A Law Professor's Perspective," chapter in the proceedings of Financial Cryptography '97 (Springer-Verlag, 1997).

Other Resources


Office of the Comptroller of the Currency (OCC)

Federal Trade Commission (FTC)

Copyright (c) 2007 All Rights Reserved.