And this week’s award for most lunkheaded privacy commentary goes to Mike France, former lawyer and the author of an opinion piece called “Why Privacy Notices Are a Sham” in BusinessWeek’s June 18 issue.
In the piece, France takes aim at the notices that have been hitting consumers’ mailboxes as a result of the Gramm-Leach-Bliley Financial Modernization Act of 1999. Under the act, banks and other financial institutions are required by July 1 to provide clear disclosure of their policies regarding the use of nonpublic information and “notice to consumers and an opportunity to opt out of sharing nonpublic information with nonaffiliated third parties.”
As a result, everyone with credit cards has received multiple notices by now.
The BusinessWeek piece argues that the notices are purposely designed to be ignored.
“The notices are about as easy to digest as car warranties,” France writes. “They’re packed with legalese, written in small print, and violate almost every known rule about how to make complex ideas comprehensible.”
Gee, Mike. Imagine that: financial services companies responding to new legal requirements with their legal departments.
Apparently lost on Mr. France is the possibility that the only thing these privacy notices really accomplish is to offer class-action lawyers opportunities to sift through them for missing commas — and, when they find them, to sue.
The piece goes on to say, “The same principles used to inform people about sophisticated financial products should also be applied to privacy policies: plain English, lots of white space, no legalese.”
So apparently an ideal notice would sell consumers on the idea of removing themselves from financial firms’ mailing lists, helping to destroy an asset as a result.
Imagine the conversation it would take to lead to that decision:
“Hey, Susan, did you see they passed a law that says we have to disclose our database marketing practices to our customers and give them a chance to opt out?”
“Yes I did, Bob, and I’ve decided to assign our privacy notice project to you.”
“Me? But I’m in sales. Shouldn’t we give this over to legal?”
“Absolutely not, Bob. I’m not about to risk having this company accused of using lawyers to comply with this law. Go over to creative services and get Sheila. She’ll help you write it.”
“But she’s an intern.”
“Ah, yes. But she writes like a dream.”
“But what about legal? Don’t you want to make sure we avoid getting sued?”
“And risk polluting our notices with legalese? No way. Now stop wasting time and go over to creative services. I figure you and Sheila can have that policy written in an hour or so. Go on. And, hey, make sure she gets Barry to lay it out. He did such a good job with that ad we ran in Newsweek, you know, the one with the dog and the retired guy on the beach?”
For illustration, the BusinessWeek article shows two hypothetical privacy notices: one gobbledygook-loaded notice that’s pretty typical of what’s been hitting consumers’ mailboxes, and the other with three short paragraphs and a postage-paid envelope.
Among the sidebar comments next to the gobbledygook notice is one that says, “Many forms tell people the benefits of letting finance companies sell their personal information, but say nothing of the costs.”
Next to France’s preferred version of a privacy notice, it says:
“People who want to protect their privacy should be provided with self-addressed, stamped postcards. Now they have to write a letter and provide their own stamp.”
So let us get this straight: Not only should financial institutions respond to privacy hysteria by enticing people to remove themselves from their lists, but they should create needlessly expensive direct mail packages to do it.
Shame on BusinessWeek for publishing such trash.
