The simplified notice is part of a 365-page interagency report summarizing the first phase of a research effort launched in September 2004 to develop alternatives to today's lengthy, dense and complex notices.
The report, by Washington-based Kleimann Communication Group, was commissioned by the Federal Trade Commission, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corp., the National Credit Union Administration, the Office of the Comptroller of Currency and the Securities and Exchange Commission. All of the agencies are responsible for enforcing the provisions of the Gramm-Leach Bliley Act of 1999.
The six agencies, together with the Office of Thrift Supervision, will fund a second phase of the project where the effectiveness of the prototype will be tested against a larger consumer base. 'The agencies have deferred consideration of policy action with respect to financial privacy notices until the next phase of consumer testing is completed,' the regulators said in a statement Friday.
Loretta Garrison, an attorney with the FTC's bureau of consumer protection, said the prototype was developed using consumer research gathered by Kleimann.
'What we've released is the result of the first phase of our research work,' Garrison said. 'Essentially, what it was about was exploring in depth how consumers read notices and process complex information to develop a notice that was simpler and easier ... to understand and use.'
The prototype notice is intended for use by any financial institution and features four separate components. One explains in clear terms who the notice is from and informs the consumer that his personal information is being collected and used. Another component provides basic information about sharing practices in the financial industry, the kind of information collected and the laws governing any sharing.
A disclosure table outlines the seven basic reasons why a financial institution can share information, what each bank's specific policies are in this regard and what consumers can do in terms of controlling such sharing. According to Garrison, such a table makes it easier for a consumer to compare privacy practices across different companies. An opt-out form allows consumers to opt out of sharing specific pieces of their information.
The prototype notice also features a so-called secondary frame that contains answers to frequently answered questions and provides more detailed -- and legally required -- information under Gramm-Leach Bliley.
Such multilayered notices have already been adopted by some large companies in a bid to make their privacy policies easier to understand, said Martin Abrams executive director at the Center for Information Policy Leadership at Hunton & Williams LLP, a Washington-based law firm.
Examples include notices from Procter & Gamble, IBM, Chase and Microsoft Corp. -- all of which feature condensed descriptions of their information-sharing practices with links to more detailed and legal descriptions, Abrams said.
'I absolutely think this is a case of really thoughtful work by the regulators,' said Abrams, who was previously vice president of information policy and privacy at TRW and Experian North America, 'I believe that eventually organizations in all industries will begin to see the value of having a notice that consumers will can understand and compare.'