A bill to require a referendum on whether financial institutions must obtain permission from clients before sharing or selling detailed information about them is unlikely to pass in the Legislature. But a modified version of it might, and it should be supported.

The amended LD 661 would direct the Office of the Attorney General to answer questions that should have been asked at the beginning. Is there a relationship between identity theft and the sharing of otherwise private financial information by banks? Are people aware of their rights to deny banks the opportunity to share this information? Have people chosen to deny banks this ability?

These are all fair questions, and should be asked before lawmakers switch the state’s standard from the opt-out provision – meaning consumers have to say no – which is the standard in federal law to an opt-in provision – which would require the institutions to obtain a yes from consumers. The House is leaning toward supporting the amended version, according to its sponsor, Rep. Ben Dudley of Portland; the Senate is leaning against.

There is reason for going slowly. The large majority of states have stayed with the standard established under the 1999 Financial Services Modernization Act, popularly called Gramm-Leach-Bliley. It expanded the affiliations among banks, securities firms and insurance companies and it provided for customer privacy by, for instance, requiring clear disclosure of their privacy policies from all financial institutions. Given the lengthy small print disclosures many customers receive from their banks, the AG might further examine whether the institutions have met the standard of “clear.”

The opt-in/opt-out provisions apply only to nonaffiliated third parties and Maine financial institutions, with their few affiliates, have feared that an opt-in standard would put them at a competitive disadvantage against national institutions, which may have many affiliates in related businesses. A few states have switched to opt-in and a thorough survey of what their smaller banking and insurance firms have experienced as a result would further help Maine understand the effects of the change.

A few years ago the CEO of Sun Microsystems, Scott McNealy, famously said as he launched the company’s latest computer technology, “You have zero privacy anyway. Get over it.” But few people want to get over it, and there is a good chance if they understood how little privacy they actually have, they would be outraged. The amended version of LD 661 should give them a sense of whether their outrage is worthwhile.