Reading fine print of privacy policy

Open a dun letter these days from a credit card company, say, or routine correspondence from your bank or insurance company, and chances are good that the envelope will include a flier telling you how terribly much Company X values you as a customer, and the great lengths to which the outfit is going “to protect the confidentiality and security of information we collect about you…”

Apparently this is the season in which business firms must by law state, in writing, their policies for protecting the privacy of their customers. Such protection is all well and good, I suppose. Lord knows, the less up-close-and-personal information blabbed around about most of us, the better off the world will be.

But I have a piece of advice for those who would actually take the time to review these mandatory privacy notices before chucking them into the post office waste basket along with the flier announcing the local furniture store’s monthly going-out-of-business sale.

That advice is this: If you tend to be the least bit paranoid, just take the firm at its word that it will safeguard your privacy and do not, under any circumstances, read the fine print. Especially the section that assures you that the company does not disclose any nonpublic or personal information about its customers or former customers to anyone “except as permitted by law,” and the disclaimer that “under certain circumstances” information can be disclosed to third parties without your authorization.

A communique from the insurance company that insures my three-vehicle fleet of aging junkers, and whose privacy policy is probably identical to that of its competitors, advises that there’s really nothing to worry about in this regard. Why, barely a few hundred people might be privy to my personal records, the letter indicated. Strictly on a need-to-know basis, of course. Busybodies need not apply.

Still, as a proponent of the Ben Franklin slant on keeping secrets – which is to say that three people can keep a secret provided that two of them are dead – I was somewhat ill at ease to learn this. But the notice assured me that each person catching a glimpse of the recorded evidence of my checkered past knows how to keep his or her pretty little mouth shut about such things.

The list of stalwarts whose lips are sealed includes my insurance agent, as you might expect. And consultants who advise the company. Plus claims adjusters, auto appraisers and investigators. Attorneys who need information to settle a claim. Businesses that provide underwriting and actuarial support. Consumer reporting agencies. Outfits involved in collecting data to unmask fraud. Law enforcement “or other governmental authorities.” Medical institutions. Insurance rating groups. State regulatory agencies involved with pricing and products. Lienholders. Mortgagees. “Other parties who have a legal interest” in my policy. And, to make sure all bases are covered in the event there is someone who inadvertently got left out of the Old Dawg Nonpublic Information Sweepstakes, “authorized individuals as ordered by court documents.”

Other than that, no one gets a crack at my personal dossier. No one. Unless you count the “carefully selected companies” that my bank may also take into its confidence regarding information it has collected about me.

According to the bank’s official privacy statement, this may include “marketing service providers,” which I presume is a new-age way to say “public relations flacks,” although you might not want to bank on that presumption. Also, other financial institutions. And mortgage bankers-brokers, securities broker-dealers, indirect loan originators, correspondent lenders, transaction processors. (Six months ago I didn’t know what a “transaction processor” was. Now I are one). Retailers and nonprofit organizations may also get to know me better through my bank, as may “nonaffiliated third parties as permitted by law.”

Not to worry, however. My insurance company assures me that I have the right to obtain “certain items of information” the company has collected about me as a result of servicing my policy, and to request that any inaccuracies be corrected. Then it advises that it may or may not make the requested change. My bank says I may “elect to opt out of information sharing.” But it cautions that even if I do so it may continue to share information with certain parties “as permitted by law.”

So there you are. Reading the fine print of a privacy policy statement is a lot like reading the warning label on a bottle of patent medicine. If you can read either one and not have any reservations about swallowing the contents, you’re a better man than I am, Gunga Din.

NEWS columnist Kent Ward lives in Winterport. His e-mail address is olddawg@bangordailynews.net.