Big Banks To FTC: New Online Privacy Rules Shouldn’t Apply To Us

Internet Privacy - spy - computer - magnifying glass

If you had to bet on a website that will be crushed by traffic demands this week, you might bet on ftc.gov. The Federal Trade Commission has extended the deadline for public comments on its Dec. 1 online privacy report, which includes a “Do Not Track” proposal, until Friday Feb. 18. And nearly all the big industry players-ad networks, browser companies and many others-still have lawyers and policy wonks writing up their views on privacy issues. But a few industries have already weighed in (along with some 200 private citizens who wrote in to the FTC to voice their views).

Big banks: Can’t you just leave us out of this whole “online privacy” thing?

A nine-page letter was submitted by the Securities Industry and Financial Markets Association (SIFMA), a trade group representing large banks and investment firms-Goldman Sachs, Wells Fargo, AIG Financial and similar institutions. In its comments, SIFMA basically asks to not be regulated by any FTC privacy rules at all.

The main reason that the banks offer for this exemption is that, like health care, they’re already covered by sector-specific privacy regulation. They’re already doing a good job keeping their customers’ data secret, they say-“[F]inancial services firms appreciate more than almost any sector of the economy the importance of maintaining the confidentiality of customer information.” Because there are already rules over financial services, there’s no reason for the FTC to get involved. As for informing customers about security breaches, the banks would like to see a national framework for that to replace conflicting state laws-but they’d like that to be regulated by the SEC, not the FTC.

So will the FTC limit its interest in privacy rules to the “new breed” of digital publishers, analytics companies and ad networks that have begun collecting huge amounts of consumer data in recent years? Or with everyone online, will it go ahead and insist that already-regulated industries like banks or pharma also deal with the online privacy rules? It remains to be seen, but you can be sure that the financial industry won’t be the only one asking for an exemption on this basis.

Geography and mapping companies: We don’t like the sound of this.

The FTC notes a few areas that require “special protection,” including health and financial information, as well as “precise geolocation data.” What does that mean exactly? No one really knows, and that’s why a group of aerial mapping and “geospatial” companies are freaking out about the report already. In a 3-page letter submitted to the FTC last month, the director of “geospatial” trade group MAPPS writes: “We are particularly concerned that this term was not defined in the FTC staff report.”

Their concern is understandable, because lots of new and established companies are offering new services based on the GPS capabilities of smartphones, which has made locational privacy a hot topic right now.

The term could mean street and house addresses, or “the actual location of the individual at any given time,” writes MAPPS. If geolocation means people’s names and address info, banning the sharing of that “could potentially shut down the nation’s commercial aerial and remote sensing satellite market.” MAPPS wants either an exemption to privacy rules for its industry, or it wants the term “precise geolocation data” taken out of the FTC report altogether. At a minimum, they want it defined.

Stay tuned for Friday, when more industries will surely line up voicing their own concerns to federal regulators-or asking for easier treatment.

Comments have been disabled for this post