Business

B of I leaflet lawful but 'less than satisfactory'

The Data Protection Commissioner has described the wording of a leaflet sent by Bank of Ireland to its customers as "less than…

By Mary Canniffe
Investment Editor
Fri May 10 2002 - 01:00

The Data Protection Commissioner has described the wording of a leaflet sent by Bank of Ireland to its customers as "less than satisfactory" although it complies "with the letter of the law".

A spokesman for the commissioner pointed out that data protection rules are due to change in coming months when the Data Protection Amendment Bill 2002 comes into force.

This Bill, which has passed all stages in the Seanad, will introduce a requirement to get the explicit consent (an opt-in instead of the current opt-out) of customers to use data they provide when applying for products or services to market further services to them (with some exceptions) or to send it to third parties. Companies will have to provide customers with a cost-free way of opting out of direct marketing under the new rules.

In recent weeks, Bank of Ireland customers have received leaflets outlining plans to centralise its customer data base. Under a heading "sharing of information", the bank said it wanted to be able to share customer data - gleaned from various products they may hold such as current accounts, mortgages or car loans - within the "bank" and between group companies.

READ MORE

This would mean, for example, that the bank life assurance operation Lifetime could access bank data on current account customers and market life assurance products to them, unless a customer had already opted out of receiving such material.

When the data is centralised, the bank points out it will rely on consents already given.

Customers had "the option to request the bank not to use data regarding your relationship with us for purposes described in this notice" that are additional to those to which you originally consented when you first applied for the relevant product/service", the bank said. But customers have to take action to opt out. They have to fill in an attached form and return it to the bank.

The spokesman for the Data Commissioner said the wording under the sharing of information section was unclear. "It is not immediately clear on first reading what is being said.

"It is not clear that the bank is largely relying on existing consents. The average person reading it will not necessarily understand what the bank intends or what it is asking and could be concerned about it. It is not as transparent as we would like," he said.

Bank of Ireland yesterday expressed "surprise" at the comments. "We had discussions on the wording and any concerns or issues raised by the Data Commissioner were addressed. We have complied with the rules," a spokeswoman said.

Business Today

Business Today

Get the latest business news and commentary from our expert business team in your inbox every weekday morning