INSIGHTS FROM FIRST FOUNDATION

A First Foundation Blog

Back to the main site
Home
Build
Privacy for the People
Cyber Security Grow Build

Privacy for the People

Privacy blog

Coming Soon to a Financial Institution Near You

Anyone in financial services is familiar with the importance of keeping data and information secure. In fact, there are entire regulatory departments to ensure all banks, wealth managers, trust companies – basically anyone who handles financial data – comply with strict guidelines. And as consumers of such services, we all are familiar with the privacy notices that show up in our mailbox. And here-to-fore, those notices were a simple opt-in/opt-out process. You either consented to have your info shared, or you didn’t.

But soon you will have a third option available to you: the option to delete. Because of new legislation set to go in effect for the State of California on January 1, 2020, consumers (or clients) can now get better visibility into how their data is being used, and ultimately have that data deleted. Assembly Bill 375, or more commonly known as the California Consumer Privacy Act of 2018 – CCPA for short – takes privacy a step further toward protecting your personal information and gives you the ability to request that all your commercially-obtained data be deleted. It is largely based on the GDPR legislation in the European Union, which came to be called “the right to be forgotten.” And given California is home to some of the largest collectors of personal data in the world (i.e., Facebook and Google), it is no wonder the state is at the vanguard of this sweeping new legislation.

So what does this mean for clients of First Foundation? In simple terms, clients now have the ability to submit a formal request for information about all of the personal data that we collect and store about them. First Foundation will then be required to provide information about the personal data within 45-90 days, noting the purpose of use, such as deposit account management, portfolio management, loan maintenance, etc. Upon seeing how we store such data, the client then has the right to request the deletion of all personal information that is not directly used for current or ongoing business. In theory this all sounds fair, and lawmakers likely had the interests of the people in mind when passing such legislation, but some obstacles will exist when this law goes into effect.

Ensuring the client’s identity is the first obvious hurdle. For instance, what is stopping the fraudsters from acting as you and requesting a download of all the data we have on you? It will be our responsibility to verify the identities of those requesting data before we release or delete personal information, but that doesn’t mean that the bad guys might not try. CCPA does require requests be made in writing but allows the use of electronic transmission aka email, and we all know how “secure” email requests are. We will have strict call-back procedures in place to ensure the request is from whom it says it is.

Also, a related challenge to this is the fact that First Foundation maintains a Record Retention Policy that stipulates how we keep files on our clients. Oftentimes these retentions are mandated by state and federal law. So, there might be situation where we cannot delete your records from our system given we are mandated by other laws to keep your data. This conflict of law poses a challenge for many in the financial services world, and Sacramento is busy addressing how best to handle situations such as this.

And finally, this law has not yet been tested and comes at a time when companies across all industries are still building securities procedures around data they collect. What is to happen when companies are now forced to open up those security procedures in an effort to share data? Again, in theory this all sounds good for the people, but there are unintended consequences that remain to be seen. The equivalent law in Europe still poses challenges for consumers and companies alike, and while solutions are being built, there are many details that have yet to be addressed.

Lawmakers here in California continue to work through many of the details of CCPA and changes are certainly expected.

In the meantime, there are some helpful resources in the media about this legislation, including a piece from Forbes entitled: “California Just Passed A New Data Privacy Bill. Here's What It Means.” 

And for those who want to read the entire text of the bill, you can visit the California Legislative Information website here.

If you have questions about any of this, please do not hesitate to reach out to your contact at First Foundation.
Adrian S. Darmawan, Executive Vice President, Chief Technology Officer
About the Author
Adrian S. Darmawan, Executive Vice President, Chief Technology Officer
Read more

Stay Informed

You might also like...

Protecting Taxpayers: IRS Kicks Off Annual Campaign with Warning About Phishing and Smishing Scams
Security Management Team
By Security Management Team
Protecting Your Heart and Wallet: Recognizing and Preventing Romance Scams
Security Management Team
By Security Management Team

Deposit and loan products offered by First Foundation Bank, Member FDIC and Equal Housing Lender.

Investment and Advisory Services provided by First Foundation Advisors, an SEC-Registered Investment Advisor. Trust Services and Insurance Services are offered through First Foundation Bank. First Foundation Insurance Services license number #0H38553.

Investment, Insurance, Digital Assets, and Advisory Products and Services:

ARE NOT FDIC INSURED
ARE NOT BANK GUARANTEED
MAY LOSE VALUE
ARE NOT A DEPOSIT
ARE NOT INSURED BY ANY FEDERAL GOVERNMENT AGENCY
First Foundation is not responsible for and has no control over the websites that have links here. Our Terms of Use linked at the bottom of this page state your agreement when you access such third party sites. Please contact us with any concerns or comments.

If you are using a screen reader and are having problems using this website, please call (888) 698-7442 for assistance.

© 2023 First Foundation. All rights reserved.