If you’ve ever thought about keeping a diary, rest assured you don’t need to. Just hang onto your bank and credit card statements.
Your financial records are a juicy tell-all concerning your entire life. You’re the writer, and your bank or credit union and your debit and credit cards are the publishers. In all seriousness, banks and credit cards know a tremendous amount about us. They know how much we spend on groceries and gift cards. If you’re constantly behind on your utilities, thanks to the dates paid and late fees, they know.
If you purchase a handgun for protection, they (or at least a banking algorithm) are aware of that. If you buy something X-rated for a partner and the bedroom, your bank and credit cards are able to peer into this part of your life, too.
The question, then, is should we care?
What personal information do banks collect?
It isn’t only that banks and credit cards know what purchases we are making. They know virtually everything else about us, says Steve Weisman, an attorney and senior lecturer of law and taxation at Bentley University in Waltham, Mass. He is also the author of the website Scamicide.com. In other words, he is often steeped in the seedy side of the financial world.
“Banks collect a wide array of personal information about us,” Weisman says, and then he launches into a long list of what intel banks have on us, most of it not surprising except in the vast quantity of information they collect:
- Social Security numbers
- birth dates
- phone numbers
- email addresses
- driver’s license information
- credit card transaction history
- debit card transaction history
- payment of bill history
- credit score
- financial asset information
- investment information
- retirement account information
- mortgage information
- pay stubs
- employment history
- mother’s maiden name
- marital status
“And, perhaps most surprisingly to many people, our online browsing activities including social media activities, computer identifying information and cell phone model,” Weisman says.
Should we be worried that banks have all of this information?
Yes, no, maybe? In other words, everybody’s going to have a different take. You may be sickened by the idea of financial corporations knowing everything about you, or you may be somebody who freely shares on social media and just kind of figures, “Ah, who cares? As long as Bank X doesn’t embarrass me by publicizing that I buy orange soda every week instead of actual oranges in produce, I’m good.”
And, realistically, every consumer needs to come down somewhere in the middle of “over my dead body will you get my personal information” and “here, have whatever you want.”
That’s because, to some extent, banks and credit cards having a ton of your information is unavoidable.
“If you want to have a bank account or borrow money, there’s no getting around sharing certain personal information,” says Leslie Tayne, a consumer attorney in New York City and owner of the Tayne Law Group.
But wherever you come down on all of this, there’s little doubt that the banks need most or much of their information, according to Brad Elbein, an attorney and partner with Culhane Meadows, a full-service business law firm with offices around the country.
Elbein is also a former regional director at the Federal Trade Commission. He now works with banks and other financial services companies to advise them on compliance issues like consumer privacy.
“Banks mostly gather information that they are required by law to obtain to verify that the customer we claim to be is who we are,” Elbein says. “They are required to obtain this data by ‘know your customer’ regulations.”
In other words, if you want identity theft to be rare, and you don’t want somebody else borrowing money from your bank in your name, you should want your bank to know a lot about you.
Elbein says that banks understandably also need to know who they’re dealing with before they lend out money. So while consumers give out a lot of intel to banks, Elbein says the information is collected for valid reasons.
But that doesn’t make it any less creepy. Elbein points out that it isn’t only banks and credit cards that know a lot about us but other financial entities as well.
“A few years ago, I listened to a speech by a senior manager of one of the big national credit reporting agencies,” Elbein recalls. “He said that people think of them as being primarily concerned with providing credit reports and credit scores for lenders to make lending decisions – but actually, he said, their primary business was gathering and selling data on consumers to everyone else. They’re intelligence agencies.”
What do banks do with all the information they collect from us?
Lots of stuff. As noted, it can help with determining somebody’s creditworthiness and keep somebody else from taking out a loan in your name. But it can also help catch somebody who has your credit or debit card and help when marketing services to you, according to Lyle Solomon, a consumer finance attorney and principal attorney with Oak View Law Group in Jacksonville, Fla.
“Banks can notify their consumers of potential fraud through phone calls from credit card companies about unexpected purchases using ‘Big Data’ to examine a customer’s spending patterns,” Solomon says. “After knowing how and where a consumer spends, banks can use the same data to target certain benefits and extra features that a card offers to the user.”
Big Data, as Solomon calls it, is an actual buzzword in the banking industry. It describes the massive amounts of information collected from current and future customers, Tayne explains.
“Banks increasingly rely on Big Data,” Tayne says. “The practice of using Big Data isn’t necessarily malicious. Banks use this information to get a better idea of customers’ financial habits so that they can provide better products and services. Still, it can feel like a Big Brother-esque invasion of privacy. And the increased use of Big Data can be a security concern, especially as more banks are subject to data breaches.”
So banks collect the information, and they keep it all to themselves?
Well, we didn’t say that.
At first, yes. Banks hoard your personal information for themselves.
“You’d probably expect your big bank to share your data with their lending department or their certificate of deposit or investment departments and subsidiaries,” Elbein says. “And the banks usually will tell you that they’re going to do it… and also usually give you the opportunity to opt out of having your data passed on.”
But the bank may also pass on your data to other places.
“Banks are, after all, businesses,” Elbein says. “The truth is that businesses in America today make a whole lot of money aggregating and selling data out in the free market. The buyers of the data can be ‘affiliates’ and ‘third parties’ who provide goods and services closely related to the business of the company that gathered your data.”
For a bank, these third parties or affiliates are often companies providing insurance, investments, automobiles or mortgages, according to Elbein.
“But companies might gather your data and sell to lead brokers, who aggregate and resell consumers’ data practically without limit,” Elbein warns.
What can you do about banks sharing your personal information?
You do actually have some a few options.
Tell your bank you want to opt out of information sharing
“The gathering and sharing of information is governed by the Gramm-Leach Bliley Act, which does prohibit the sharing of nonpublic personal information such as our Social Security number with companies not affiliated with the bank,” Weisman says.
That said, he points out that your bank may have a lot of affiliates, so many partners that the utility of opting out of information sharing is less than you would expect. Still, it is something you can do.
You may want to talk to your banker about it. Weisman says that your bank has likely sent you material, explaining how to opt out of information sharing, but you probably didn’t notice or were overwhelmed by the jargon.
“The notice the banks send is anything but clear and, my experience has been that most people don’t even read them because they are so confusingly written,” Weisman says.
Consider working with a smaller bank
If you are currently the customer of a big bank, you could set up an account instead with a small credit union.
Solomon suggests this. “Your personal information could be disclosed to other businesses depending on your bank,” he says. “Your information will typically be shared more by larger financial firms than by smaller financial institutions.”
Ask a lot of questions
“Your most important right as a consumer is the right to walk away,” Elbein advises. “Your second most important right as a consumer is the right to ask questions. When a seller or lender asks for personal information, you can always ask, ‘Why do you need this? What are you going to do with it? How do I opt out of giving you this data?’ If you don’t like the answer, walk away.”
Talk to your legislator
For the hard core privacy advocate, you may want to take this up-line, Elbein suggests.
“Let your legislators know what you think about a national data privacy law,” Elbein says. “Congress has considered various versions of such a law for years and never been able to pull the trigger. They have the impression that consumers don’t really care. If that’s not true, no matter which side of the question you’re on, let your legislators know.”
And who knows? Maybe one of your legislators will actually meet with you. Maybe you’ll be called to testify in a Congressional hearing. And then you really will need to start a diary.