Are banks keeping private data private?

Have you ever checked your mail and wondered how all the leasing and credit companies offering you their services got a hold of your personal data? Many of you probably think that they spend all day leafing through the yellow pages to contact potential clients. Well, think again. Most of these companies know more about you than simply your address and phone number. By Dita Asiedu

In order to keep the misuse of private data to a minimum, the Office for the Protection of Private Data was established. For almost two years now, the office has been monitoring various companies and institutions to see whether they have violated any laws with respect to private data protection. Karel Neuwirt is the Chairman of the Office for the Protection of Private Data and noted that despite the current reform of the financial sector, most Czech banks still fail to respect private data protection:

"Banks ask their clients to agree with the forwarding of their personal data to members of the banks' financial groups. This, of course, is a very wide range of companies, about which the clients would have little information. Our office therefore believes that such a step is neither in harmony with European principles nor with the law on the protection of private data."

They say that information is power, and one of the office's main observations is that a draft law currently being discussed in Parliament may give banks even more information about their clients:

"According to the draft law, it will be the banks' duty - and not just an option - to process personal data including sensitive information on individuals. The law on the protection of private data, however, defines sensitive data as someone's nationality, race, religion, political opinions, state of health, and sexual orientation. With that in mind, our office cannot accept a situation where banks, without any regulations or limitations, are empowered to decide on what data they collect."

However, many banks defend their position by saying that holding certain information on their clients - as well as the clients of other financial institutions - helps to protect themselves against risky customers:

"The office naturally supports the need for a registry of dubious clients, defaulters, and so on. However, we are opposed to a number of things. These include the processing of so-called 'positive' information, i.e. information on problem-free clients, the transfer of private data abroad, and the co-operation and participation of several bodies during the processing of this information."

Despite the office's reservations about the draft law, its objections may result in the law being passed as it is. Mr Neuwirt stressed, though, that this would not signal the end of the fight against the misuse of personal data.