|
|
Legal Opinion
|
 |
 |
 |
 |
|
|
Test Your Computer NOW for Spyware, Hacker Tools and Other Threats
|
|
 |
 |
 |
 |
|
|
|
|
|
|
|
Customer Information
|
The Federal Trade Commission (FTC) prohibits "unfair and deceptive practices - which includes failing to abide by a stated privacy policy, or an activity that violates privacy promises, contracts or disclosures - by any business. 15 U.S.C. # 45(a). 57a(f)
Financial Professionals have a legal duty of confidentiality to their clients which includes the duty to safeguard client information. Your Broker provided clear guidelines on how they expect advisors to protect client information. We all ask "how much is enough" and the best answer appears to be your ability to stand up in court and accurately declare that "I have done as much or more to protect my client's personal information as I have to protect my own."
|
|
The public is angry about identity theft. Consequently, legal authority is beginning to hold enterprises liable for identity theft resulting from faulty information security. The bellwether case is Bell v. Michigan Council 25 AFSCME, Feb. 15, 2005, MI Ct. of App., No. 246684 where the Bell court awarded several members of a small labor union a total of $275,000 in compensatory damages for identity theft. We can expect more cases based on neglecting to lock down employee or client data.
|
The most valuable resource held by any financial institution is public trust! The responsible use of personal information to serve the needs of customers is the very definition of the trust relationship and is exactly what people expect from their financial professionals.
Imagine trying to get a credit card, buy a car, purchase insurance, open a bank account or get a mortgage without sharing your personal information. Our standard of living and the health of our economy depend on these services. The computer and growth of the internet have propelled information sharing exponentially. According to Federal Reserve Board Governor Edward Gramlich, "Information sharing is the cornerstone of any system that allocates goods and services within an economy."
As a result of the growing attention being given to privacy, customers are becoming increasingly concerned with the sharing of their personal information. A recent study by the National Consumers League shows that consumers now rank "loss of personal privacy" second only to "education" as the major public policy issue they are the most concerned about. Respondents ranked credit card numbers, social security numbers and information about their financial assets as their top three concerns.
It is the balance between respect for personal information and its responsible use that has contributed to the longest sustained economic growth in modern history. "Information-sharing allows financial institutions to provide their customers with tailored services that respond to their individual needs… and has allowed the financial services industry to deliver benefits to those Americans who need them most."
(Financial Services Coordinating Council. Privacy Project)
The Securities and Exchange Commission is cracking down in terms of compliance on advisory firms, including some with as few as five employees. As reported in the June 12 issue of Investment News, the SEC is getting tougher by increasingly bringing enforcement cases and levying fines in situations that in the past would have been handled with deficiency letters… Federal regulators have made it clear that they want to get tough and crack down on the financial services industry for the good of the investor."
(Investment News, By Jim Pavia, June 19, 2006)
According to Mr. Barbash, who was director of the SEC's division of investment management, "Now the stakes are much higher when you mess up. If you have compliance flip-ups, it used to be deficiency letters. Now you could be in an enforcement settlement and those are costly "
On May 9, 2006 the SEC announced a settlement with a small investment firm that was fined, and where the owner was required to pay a separate fine, for failures… including failure to adopt procedures to prevent misuse of private information. Again in May, the SEC settled its first enforcement case against an investment advisory firm for violating regulations that took effect in October 2004 which required firms to have written compliance policies in place. The SEC is trying to convey the message that compliance is essential and that "close isn't good enough when it comes to compliance."
Confirmation of liability comes from Guin v. Brazos Higher Education Service. 1 In that case, a borrower sued his financial institution for failing to safeguard his personally identifiable data from criminals. The lender had entrusted the data to a telecommuter who stored the data on a laptop, which a burglar snatched. The court suggested the financial institution had a general duty to take reasonable steps to protect the borrower's social security number and other sensitive data. Then the court assessed whether the firm had fulfilled its duty.
Good News: The court considered that the firm had taken a number of security measures that contributed to protecting the borrower from identity theft and concluded that the financial institution had fulfilled its duty of reasonable care.
However, fall short on that obligation and you could be forced to compensate your clients. A similar case took place in the medical field. A West Virginia jury awarded three mental health patients a total of $2.3 million because a hospital failed to prevent a clerk from disclosing records to the public.2
The other articles under this tab, review the laws, consequences and obligations of both Broker-Dealers and their independent representatives and advisors.
1 US Dist. Ct, Minn. 2006 Civ. No. 05-668 (RHK/JSM) Memorandum Opinion and Order.
2 HIPAA Weekly Advisor Archive, "Jury awards $2.3 million to victims of privacy breach,"February 24, 2003.
|
|
|
|
|
|
|
|
