Hearing of the Senate Banking, Housing and Urban Affairs
BREAK IN TRANSCRIPT
REP. PAUL: Thank you very much Mr. Chairman, I appreciate very much the opportunity to come and visit with you and make my point. I do have a written testimony I'd like submit, but I would like to just emphasize a few points.
SEN. GRAM: Your testimony will be entered as read.
REP. PAUL: You mentioned in your opening statement, that this was an issue that was important to probably everybody on both ends of the political spectrum, and as an avowed civil libertarian I am very pleased to deal with this issue, because it is true whether it's conservative Republicans or liberal Democrats, most Americans have sent the message they want their privacy. And I think this is very important. I did a lot of work with the know your customer issue, and the regulators blamed me for a lot of those letters they got, and others have given me credit, so I don't know which one it is. But anyway, that was representative of how big a issue that this really is.
One point that I would like to make, is that I do believe that government does have a role in the issue of privacy, the role should be to protect the privacy. But I want to caution also, and I think this might be what Senator Allard was alluding to, that there is a point to where at which we, overstep the bounds where our efforts to protect privacy is actually doing the opposite and invading privacy and I think we're getting awfully close to that point. For the most part though, the things that we've heard about I think we all agree on, certainly there was unanimous agreement almost on the know your customer issue. And I think it's a pretty strong consensus about the national ID card, not to many people get up on the House floor, and stand in the floor and say, "what I'm promoting here is the national ID card." Not to many people say "well what we want to do is make sure that everything that we do is controlled by our social security number," in which was never suppose to be the national identifier.
And most people do not get up and say, " well we need more data banks," but sometimes they don't realize that the issue of medical information, being exchanged came about to often by what government has done. Because as a physician myself in the early years of my practice, this never came up as an issue. But as manage care blossoms from government regulation, and the mandates of ERISA, then the government got more involved then there was much greater potential for the abuse of the medical record, and we still face that. But nevertheless, we end up with authority on so many of our bills, that allows our agency's of government to do a great deal of harm. Just recently another regulation was passed on the post offices to profile every customer that has a private post office box in one of these mail box et cetera type businesses. And if they want to know who you are and what you do, and all kinds of things, information will be turned over to the government. So to often government is doing this.
And I see one of the reasons why we face these problems, and even the one that Senator Bryan mentioned, comes from regulations, there's a need to know more about people and to make big government manage better, and there is interest in big government. So if you're a true believer in big government, it's really hard to deal with the privacy issue, because big government functions better, if I know what everybody's doing. The Bank Secrecy Act, which is something I have addressed because it was the authority coming from the Bank Secrecy Act that allowed to know your customer, so the principle is still there. And it was mentioned earlier on about all this information occurred on this bank account, and these comments written down. Well this is because you had an all of sudden sum of money. These tellers are trained because of government regulation to know your customer. They already have these programs in place. This wasn't a brand new idea. So, if you come in with cash or an unusual sum of money, tellers and bankers are taught to protect themselves against the regulators by keeping more records.
So, we have to remember that much of this information is accumulated as a consequence of what we do in government. And this can be say, you know in some of this other information that is traded and sold. Take the program of CRA, you have to accumulate a lot of information on customers. And for various reasons they are fulfilling government regulations. All the sudden the information is in their computers and then they start sharing it or selling it. So, I think this is very important.
Now, the concern is that some corporations or private entities might be sharing information. I think another area where we can have complete agreement on the selling of information is when government sells the information. That's generally a state issue because we do know that state governments will sell information on licenses to corporations. So, I think that's the easy one. I mean, they shouldn't be allowed to do that, but is that our responsibility to stop it? I don't think so. I mean, that's a state problem.
I don't like that, but that's just --.
Some of these states programs actually use federal monies in doing what they're doing. In that case we should never allow a federal dollar to be used in a program where a state is able to transfer information from a licensing or other things like hunting licenses or fishing licenses or whatever. If they're using federal money then we have a problem.
But the bigger issue now that I think we face on this financial privacy is how far can we go to invading the privacy of the bank. And I think we're at that point where we have to be very, very careful. Let me use an analogy of what I'm thinking about. Some in the privacy movement believe that it's proper that government say something about corporations who look at their individuals who work for a company the way they use the telephone and the computer so they say they can't do that because that's invading that personal, that individuals privacy. But shouldn't a businessman who paid for the computer, is paying for their work not know whether they're playing video games or what they're doing on the telephone? This is a privacy issue, but it's a property issue. The property, the telephone and the computer belongs to the company. And therefore the corporation does have a right.
So, you can't in the name of privacy go in and say well the government or the corporations can't invade the privacy of the individual. That is not a privacy issue. And I believe this is getting closer to what's happening in the financial industry. Another example would be the use of lists. And that's essentially what these corporations do. They use lists and they transfer them and they tell other people. But if they're privately own lists, that's sort of like invading the privacy of every organization to know the members of every organization, therefore government has an obligation to regulate. What about in a more simplistic way?
What if an individual had a Christmas card list of 200 people and somebody came along and they wanted to have a Tupperware party or a jewelry party. And you say, oh no government has to regulate this because we can't allow them to sue that list, of course that would be insane. Nobody's going to go in and regulate that, but the principle is the same. The principle is the same as saying you can't use this. Well how would a problem be regulated like that? It would be regulated by the individuals.
You know, if I was on a Christmas card list and all of the sudden, you know, something was happening I'd complain about it or whatever. And that's the way this is generally been handled in the past about what banks and others do with private lists. You can tell them you don't want this. You can opt out. And if banks don't do right you can quit going to that bank. But this idea that we just need another level of privacy or an invasion of privacy I don't think is at all necessary. I am concerned that we are going one step too far and that we will be invading privacy rather than protecting privacy.
We have to remember that much of this information has been collected because government has mandated that it be collected. Our job is to make government behave and that's where the greatest abuse is. I recognize that there is a problem that every body else is concerned about and legitimately concerned, but it can be solved with more respect for private property and for the market and for voluntary arrangement and allowing people to get out. But as soon as we come in and mandate and dictate then I think we're now invading the privacy of that individual or property rights.
So, this to me has gone -- it looks like we're going one step too far in protection of privacy. And I would say just go more cautiously that we should work real hard to define what we're doing and know what we're doing and know our consequences, but have respect for all private property issue rights, have respect for the states when they're able to do things, identity theft, very, very important problem. But identity theft is already been dealt with in federal regulation, FTC and identity theft does not even need the federal government that's just outright fraud. I mean, why do we have to think that all the sudden we have to do a lot more. Identity theft is a crime and it ought to be punished. So, I submit my testimony and I would appreciate if anybody paid any attention to it.
SEN. GRAMS: That's asking an awful lot.
Thank you very much for your testimony this morning. We appreciate it.
BREAK IN TRANSCRIPT
REP. PAUL: I appreciate the chance to respond to my paranoia. That may be too strong a word, but at least got the audience to quiet down a little.
REP. BENNETT (?): Well, I'm sure my colleagues would like to get a softer word too.
REP. PAUL (?): I don't think I'm paranoid about this. I certainly don't want to downplay the problem. I didn't do that. But I do want to make a point that there are other alternatives other than always succumbing to, well we need another law. Let me just quote to you from the Federal Trade Commission. The Federal Trade Commission believes "identity theft already violates the Federal Trade Commission's prohibition of unfair or deceptive acts or practices in affecting commerce. So, we have that on the book and that's what they believe.
So, therefore I'm just cautioning you that those who see government as a need to write another rule and regulation there are local laws, there are local courts, there is principles of fraud and there is these regulations, there is this understanding. So, I'm just saying don't move so quickly in saying that we need bigger government. I certainly agree with your comments about the customer, because if every customer was as outraged as it is proposed that you know this sharing of information, you know how many times do we get solicitations through the mail? I mean most people don't get too upset about that.
So, I think customer service is 99 percent of the time are enhanced and then they're is sometime an abuse, but I'm also suggesting very strongly that through the marketplace, through competition and through contracts these problems can be taken care of. And we do not have to resort so often to come here and put another level of regulations in order to make a more perfect world.
BREAK IN TRANSCRIPT
SEN. GRAMS: Representative Paul.
REP. PAUL: Thank you. SEN. GRAMS: Thank you, Senator Bryan.
SEN. BRYAN: Thank you very much.
REP. PAUL: I think we're very much in agreement on what the problem is. And anxiously, I think we're very close to the agreement of the solution, and that is opting out. I think the discussion is how do we get to that point of opting out? You would like a little bit more help from the federal government. I would argue that there is a way to opt out in a more voluntary fashion, and that is the customer tells you know, the bank what they want, or the entity -- the business entity.
Before coming to Congress, I had a newsletter. And believe me, my subscribers might have been in the category of paranoid, and they really wanted their privacy, and I had to protect it. But when they wrote to me and they subscribed in my letter, they let me know. They said, my name is not to be sold. And I honored that. And it was handled. And these people were really -- I mean, if you think we here concerned about privacy, the people I'm talking about really want their privacy, but it was handled. The choice is whether it's going to be handled in that manner or in an authoritarian fashion. And I just always opt for the non-authoritarian fashion, the voluntary fashion.
The other thing is on the -- I think technology is great and we're concerned about it and we're working with this, and this is part of why we're discussing this privacy issue. But, technology, although it can be used to destroy our privacy, it also can be used to protect our privacy, encryption and other things in the computer, is, I think, something that is very important, but, what about telephone marketers? You know, I think there is going to be a day when they're just wiped off the map because all ready we have people who look at that number and say, that's somebody I don't want to talk to. And they look at telephone ID and say, I don't know those people, I'm not going to talk to them. And I imagine a significant percent of the people already have that. So, that's the voluntary approach versus the authoritarian approach, and I think it's worth considering.
SEN. GRAMS: Mr. Paul, if I could, is it unreasonable for a financial institution that wants to transfer information to a third party to be required to inform his or her customer that they intend to do that?
REP. PAUL: Well, I think it's very reasonable. I think it should be done with the assumption of when the customer goes in and becomes a customer and they understand the terms.
SEN. GRAMS: But, under the current law there's no requirement and customers do not know that. I mean, I think your argument is at that the individual should be empowered, and I have some sympathy with that kind of view. But, that assumes that the individual is informed. But, this legislation would say in part, is that look at a financial institution before transferring that information must notify and get the consent.
REP. PAUL: I think that's what I said. We understand the problem, we understand the solution, we want people to have the chance to opt out and we're at that very fine line there of how much we will do to dictate. And I just have seen solutions in the marketplace that worked rather well. And I think there's going to be more creative ways, such as technology and telephone communications and computer technology that will protect us as well as threaten us. And I think that we should be optimistic about people and technology and the wisdom of individuals desiring to protect their privacy. And you know, I think we're so close and our motivations are exactly the same but it's just when we stop the government effort to make things good and do we ever allow government to go over the line a little bit. Say well, a little bit of force and intimidation and invasion of privacy is okay in order because the greater goal is the protection of someone else's privacy.
BREAK IN TRANSCRIPT