Reg-Markets Center

AEI-Brookings Joint Center Policy Matters 03-30

Is There Such a Thing as Too Much Financial Privacy? Robert W. Hahn. September 2003.

Can there be such a thing as too much privacy from snoopers who want to know how much you earn and how much you owe? Does it ever make sense to bar states from erecting new barriers to those prying corporate computers?

In a nation built on a foundation of individual rights and decentralized government, the answers seem obvious. It is thus hardly a surprise that organizations ranging from the ACLU to the AARP supported legislation passed last month by California and signed with fanfare by the embattled Gray Davis that would tighten controls on financial information-sharing. Or that the Consumer Federation of America is leading efforts in Congress to block federal preemption of the new California law and a host of other similar state laws in the making.

But there’s more to this story than the never-ending struggle to keep Big Brother at bay. Further restrictions on access to financial records and state control over the rules for sharing information would exact a price—one I believe that few people would willingly pay. Without relatively easy exchange of financial data, the revolution that opened consumer credit to most Americans in the last three decades would not have been possible. And without uniform rules governing the exchange of information, Americans would not have benefited from truly national competition in markets for mortgages and consumer loans.

The agenda now ought to be fine-tuning the federal rules to adjust to the realities of new technology and business organization—not rolling back the clock to the time when the only place to borrow at reasonable rates was the local bank, and the local bankers were largely inclined to lend only to those whom they already knew.

The collection and use of personal financial information has been regulated by Washington since Congress filled the legal void with the Federal Credit Reporting Act of 1970. The law liberally defines the sort of data that credit agencies can amass and the terms under which they can share it, but requires them to eliminate negative information like credit delinquencies and even bankruptcy declarations after specified periods.

By no coincidence, the 1970s also marked the beginning of the rapid expansion of access to personal credit. The number of families with at least one general purpose credit card grew from 16 percent in 1970 to 73 percent in 2001. And with the rise in consumer credit, all sorts of inconveniences that dogged middle-income Americans melted away. Utility companies no longer demanded deposits, while credit approval for everything from cars to clothes took seconds rather than hours.

In part, this democratization of credit was driven by the rise of the bank payment card associations and the computer technology that put payment terminals in millions of stores. In part, it was driven by innovations in money markets permitting lenders to package all sorts of loans into securities that could be traded like stocks and bonds. And in part it turned on the erosion of regulatory barriers, making it legal for banks and other financial companies to seek customers nationwide. But the key to the credit revolution was access to huge quantities of uniform, reasonably accurate financial data from across the country—access made possible by the FCRA.

The rise of national credit “bureaus” transferred the task of determining creditworthiness from local bank loan officers to computers running credit scoring programs. And what borrowers lost in face-to-face contact they made up a hundred-fold in greater accessibility to cash at lower cost.
Credit scoring dramatically increased the efficiency of consumer lending, creating national markets in which dozens of lenders vie for an individual’s business and institutional investors around the globe share the risk. Indeed, a study by the Tower Group consultants concluded that, because it had become practical to package mortgages as traded securities, Americans paid as much as two percentage points less on home loans than their European counterparts.

What’s more, the anonymity of credit-scoring reduced the chances that racial or ethnic bias would cloud lending decisions. While a variety of factors running from economic growth to anti-discrimination laws also helped open credit to minorities, it is worth noting that the proportion of African-American households with credit cards increased from 23 percent in 1970 to 55 percent in 2001.

Congress fine-tuned the FCRA in 1996 in response to criticism on a variety of fronts. On the one hand, the amendments acknowledged that credit reports had an increasing range of legitimate uses. It explicitly authorized the sharing of data with corporate affiliates – say checking account data with a bank’s mortgage-lending arm. And it let data collectors furnish information to unaffiliated companies for the purpose of marketing credit and insurance. In both cases, however, the credit agencies were obliged to give the individuals affected a chance to “opt-out” of the sharing.

On the other hand, the amendments also made it much easier for individuals to gain access to their credit reports and to challenge their accuracy. Disputed information that the credit agencies cannot verify within 30 days must be deleted.

Arguably most important, the 1996 law prohibited states from enforcing new credit reporting laws that were inconsistent with the FCRA. But this preemption rule, which was controversial from the start, is slated to sunset at the end of 2003 unless it is renewed by Congress. Hence the current jockeying over what form, if any, the preemption rule is to take.

For some consumer and civil liberties groups, the issue is less one of who should set financial privacy rules than what the rules should be. Notably, many critics of the FCRA favor reductions in the length of time that incidents of failure to satisfy creditors can stay on individuals’ records. They also favor a broad shift from “opt-out” provisions, which allow financial information exchanges unless individuals explicitly object, to “opt-in” provisions, which prohibit exchanges unless they explicitly agree.

Now, there is no magic formula for deciding either question—though, there is a good case for putting the burden on those who would alter a system that has generated remarkable benefits for consumers over the last three decades. Changes that reduce access to financial data exact a price. For example, while shortening the period in which bankruptcies remain on a debtor’s record below the current ten years would presumably make it easier for affected families to put their troubles behind them, it would also force lenders to spread the expected risk to families that had never missed a debt payment.

The “opt-in” approach to guarding privacy is similarly problematic. Consider the new California law, which was passed by Sacramento under the threat that, if frustrated, the bill’s sponsors would seek far tougher restrictions through a state ballot initiative. One provision, which goes into effect only if federal preemption lapses, would require banks to obtain customers’ consent before sharing information with non-affiliated companies – a common practice that facilitates all those “you have already been selected” offers for credit cards, mortgages, insurance and the like.

But as a practical matter, “opt-in” consent is extremely difficult to obtain, even when those asked have no strong view. Think how often you’ve discarded proxy requests from credit unions, mutual funds, and the like because it doesn’t seem worth the trouble to fill them out.

Thus requiring opt-in in the case of sharing with non-affiliated companies would sharply raise the cost of obtaining the information—costs that, one way or another, must be passed on in the form of higher prices. Note, too, that raising the cost barrier to mass mailings would lead to less competition. That would hardly be a problem for those whose income and credit standing automatically attract the attention of marketers. But a major benefit of the credit revolution has been its inclusiveness—the fact that it has opened mainstream credit to lower income consumers who were once forced to buy washing machines and TVs “on time” at extortionate interest rates from local appliance stores. And raising solicitation costs would inevitably cut deepest into the offers made to the less creditworthy.

Quite distinct from the question of what rules should govern information-sharing is the question of who should make the rules. Under our federal system, state legislatures have considerable discretion in setting public policy on issues ranging from education to taxation to criminal justice. Why, then, preempt their rights to decide the acceptable limits for sharing financial information? Because the success of the credit revolution—the low costs, the torrid competition—depends on the existence of a single national market for consumer credit.

Decentralizing credit rules would make it more expensive for lenders to operate in multiple states. And in some cases, the lack of uniformity would unfairly penalize individual borrowers. Suppose, for example, Texas required credit bureaus to erase information regarding bankruptcies after two years. A Texan who moved to Florida and applied for credit would be lumped together with poor credit risks because the lender would have no way of knowing his full credit history.

Consider, too, that as a practical matter states with the most restrictive information sharing policy would have enormous sway over the national credit industry. Lenders would be inclined to operate as if all states had the restrictive rules because it would not pay to operate under a dozen different sets of rules. Indeed, it is widely understood that, unless preemption is renewed, a few large states will, in effect, make the rules for the rest of the country.

Technology changes, business methods change, and so too, perhaps, should financial privacy rules. But fixes for the Federal Credit Reporting Act should be informed by two facts. First, the current rules have proved enormously successful in democratizing consumer credit. Second, the rules have worked well in part because federal preemption has made it possible to create a truly national market in credit. It is unclear whether there is much to gain in altering the rules, but there certainly is much to lose.

Robert W. Hahn is executive director of the American Enterprise Institute-Brookings Joint Center for Regulatory Studies.

An revised version of this article appeared in the San Francisco Chronicle on October 26, 2003.