Privacy of Information Shared with Affiliate

Question: Our consumer lending center sometimes takes calls from consumers who want to apply for a mortgage loan. Since mortgage loans are made through our affiliate, we take the information and forward the file to the affiliate. We give the affiliated business disclosure that RESPA requires but now we are concerned about privacy. Do we violate the customer's privacy when we send the file with the consumer's information to our affiliate?

Answer: First, congratulations on the RESPA compliance. That is important but easy to overlook. Now for privacy. There are several regulations that we refer to as "privacy" or as privacy protections. However, each regulation or law is fairly focused and limited. For example, the act that was sweepingly named the Right to Financial Privacy Act really only applies to governmental attempts to obtain customer information from financial institutions. It provides something far short of true financial privacy. Instead it is a protection from government access to private information.

The Fair Credit Reporting Act is also a privacy protection law, now made much stronger by the FACT Act. These rules govern the access to and use of certain information about consumers. Sharing information with affiliates can be one of the regulated activities, but this is subject to the same conditions as sharing under G-L-B.

Finally, we have G-L-B. This law is far from a true privacy protection. In fact, at its core, it only limits the use of customer information for the purpose of marketing. It does not prohibit the exchange of information between companies or affiliates if that exchange is for the purpose of delivering a product - such as a mortgage loan - at the consumer's request. Since the consumer called to request a mortgage loan, you are sharing information - actually forwarding or delivering information - at the consumer's request.

Copyright © 2005 Compliance Action. Originally appeared in Compliance Action, Vol. 10, No. 2, 2/05