The reason for this is that there are a hodge-podge of financial regulatory laws that govern the data that we share daily for financial purposes. You will find these laws at the local, State and Federal levels, and they often conflict with each other. Furthermore, the regulatory bodies responsible for administering some of these laws have found their opinions in conflict with those of the courts, Congress and various state legislatures on more than one occasion.

So who's responsible for the privacy of your information and what are your rights? Well, that depends upon what law you are reading, and who is interpreting it.

Looking at three Federal laws, Gramm-Leach Bliley Act (GLBA), the Fair Credit Reporting Act (FCRA) and the Fair and Accurate Credit Transactions Act (FACTA) we begin to understand the scope of the problem.

When enacted, GLBA pulled down the legal barriers that had prevented banks from going into other, non-banking lines of business. These laws had been in place since the depression of the 1930's.

When Congress enacted GLBA, it also recognized that the new law placed a tremendous amount of power in the hands of large financial institutions. To deal with this, it provided a variety of privacy protections within the law. GLBA recognized that the States may want to enact stronger privacy laws and it did not preempt them from doing so.

The FCRA too enacted a variety of consumer protections. Unlike GLBA however, the FCRA did place restrictions upon the States, preventing them from enacting privacy regulation with bank affiliates. The FCRA defined affiliates as "...persons affiliated by common ownership or common corporate control..." This means that if your bank owns an insurance company, you have absolutely no way to prevent them from sharing your data with that insurance company.

The FCRA restrictions on the States were originally set to expire at the end of 2003 but at the end of 2003, Congress enacted FACTA, which amended the FCRA and made the restrictions on the States permanent.

As if this isn't confusing enough, GLBA is regulated by the Federal Trade Commission. The FCRA can only be regulated through the Federal Courts.

When there is a conflict between these two laws, GLBA defers to the FCRA, meaning that if you think your privacy rights were violated by your bank under GLBA, you need to make sure that the FCRA doesn't take precedence.

Finally, throw in State and local laws and the problem becomes clearer. Both North Dakota and California have strict laws regarding financial privacy. These laws take precedence over Federal laws except with regard to affiliate sharing. The FCRA then takes affect, rendering the State laws completely ineffectual. The State laws do however help protect your privacy in other matter. For instance, when merchants gather your data. That is of course unless the merchant also happens to be a large credit grantor or a bank affiliate.

So, is there any hope for privacy? The odds are not looking good for consumers. The states have repeatedly tried to pass stronger privacy legislation that is consumer friendly. But as soon as they do, large credit grantors start lobbying Congress to override the states. This process is repeated time an again and so far, the states have not faired too well.

The reality is that consumers that want financial privacy need to do their homework. They need to do business with companies that don't share their data, and they need to let companies know that they will go elsewhere when companies violate their privacy. One thing that consumers can do to protect themselves is look into moving their bank accounts to a credit union. Credit unions are much more consumer friendly and they have the added benefit of paying higher interest rates.

Jim Malmberg works with and writes for American Consumer Credit Education Support Services (ACCESS). ACCESS is a nonprofit organization dedicated to helping consumers protect their financial privacy and understanding the credit industry. Their website can be found at http://www.GuardMyCreditFile.org. Jim also maintains a blog at http://financialprivacy.blogspot.com.