Why some companies won't mail you privacy policies

You know those privacy statements that come in the mail from financial institutions? The ones that you should read but probably never do? Well, some banks and other financial institutions are liklely to stop sending them to you through the mail soon. Instead, they will make them available online under revised regulations just adopted by the Consumer Financial Protection Bureau.

Until now, financial institutions have been required to provide written copies of privacy notices in separate mailings, on an annual basis. Now, under the new regulations, institutions will be allowed to notify you that a privacy statement is available through other ways, including a notification that could be on your billing statement or in a coupon book.

Under the new rules, institutions can shift to online privacy notices only if the policy hasn’t changed and under certain conditions. The main one is that the institution must not share customers’ nonpublic personal information with unaffiliated third parties. Institutions that do such sharing, initiating a federally mandated opt-out provision, must continue providing printed privacy policies annually. Also, any privacy policy provided online instead of through the mail must use a model disclosure form designed by federal regulators. Finally, the privacy policy must remain posted on the financial institution’s website and be available without requiring customers to log in.

Institutions that do not meet the requirements must continue providing printed copies annually. For customers without Internet access, institutions would be required to mail the annual printed copy within 10 days of receiving a request by phone. Institutions will still be required to notify customers of any changes to their privacy policies as they have before.

Read our guide to Internet security.

The CFPB estimates that the change could save the industry $17 million annually. It hopes those savings will encourage institutions to limit their customer data sharing and adopt the model disclosure, which is designed to make the policies easily understandable.

“Posting privacy notices online will make it easier for consumers to access these important policies, while also making it cheaper for financial institutions to provide disclosures,” the CFPB's director, Richard Cordray, said in a statement.

What to do

Don’t assume your bank or any other financial institution will continue sending a written copy of its privacy policy. Check your billing statement and other communications for notices about how to access the policy online. It’s always a good idea to peruse privacy policies to find how exactly what the institution is doing with your information, although the fact that the policy has been moved online should mean that your data is not being shared with unaffiliated third parties. That’s probably a good thing.

—Anthony Giorgianni

Copyright © 2005-2014 Consumers Union of U.S., Inc. No reproduction, in whole or in part, without written permission. Consumer Reports has no relationship with any advertisers on this site.