Who owns that collection of information: you or the institution that entered it on a database where a computer can retrieve it for numerous commercial purposes? When that question was discussed at a Financial Privacy hearing of the Senate Banking Committee on September 19, it was clear that banks think they own your financial information.

Think of the many ways that your financial "diary" can be turned into big profits through targeted telemarketing. You can be solicited to buy insurance designed for your particular family or economic circumstance, to join a travel club, to make investments with cash from CDs about to come due, to take out a second mortgage on your house, and to buy magazines covering your favorite subjects.

A sales talk can be so efficient and persuasive when the salesman is privy to accurate knowledge of your financial affairs, how much ready cash you have, what is your income level, whether you travel, how fast you pay your credit card invoices, and whether you own your home.

Now add another tool to the arsenal of the telemarketer. After his persuasive powers are wearing down your resistance, he can directly charge your account without having to request your signature, credit card number, or other evidence that you consented to the purchase.

This practice is known in the trade as preacquired account telemarketing. Before he called you, the telemarketer preacquired your account number from your bank (which is getting its cut of the profit) so you wouldn't have to bother with the nuisance of personally providing your credit card number.

It isn't hard to figure out that senior citizens are especially vulnerable to the salesmanship of telemarketers armed with preacquired account numbers. All the more so if the elderly are unsuspicious, hard of hearing, absent-minded, or when English is their second language.

The Minnesota Attorney General discovered that during one 13-month period one bank had to cancel 173,543 membership clubs and insurance policies charged to the accounts of customers who had not authorized or did not want the purchase. An 80-year-old retired janitor was sold a home protection plan even though he lived in a nursing home, an auto club membership even though he had no car, and a dental plan even though he had no teeth.

Does it occur to you that this practice ought to be reported to a better business bureau? Don't waste your phone call.

The Gramm-Leach-Bliley Act (GLB) passed in 1999 makes it perfectly legal for financial institutions to share and sell your financial information so long as privacy notices were sent out by July 1, 2001 notifying you of your right to opt out of selling it to third parties. You are not permitted to opt out of sharing and selling your financial information with the bank's affiliated companies (and CitiGroup has over 2,700).

The banks and other financial institutions duly complied with the law and sent out 2.5 billion notices. You probably got some of those privacy notices; the average person received 16.

Those complicated, lengthy, non-user-friendly privacy notices were written in language that takes a high education level to understand, and were usually printed in the same small type that the drug companies use to describe the side effects of your prescription drugs. To no one's surprise, less than two percent of recipients opted out.

At the Banking Committee hearing, the Attorneys General of Minnesota and Vermont asked Congress to change the law from opt-out to opt-in, that is, to prohibit the banks from sharing your information with solicitors unless you affirmatively give the bank permission. The bankers' lobbyists opposed this, arguing that opt-in and opt-out give the customer the same control over his information.

The big difference between opt-in and opt-out is the default (i.e., what happens when the customer doesn't respond), and anyone who uses a computer knows how powerful the default mechanism is. When you do nothing, the opt-in default leaves the financial information in the hands of the customer who can then share it with whomever he wishes, while the opt-out default leaves your financial information in the hands of the bank to traffic in and make money on.

The bankers' representatives argued that this system enables your bank to offer "bundled services at a single lower price than if provided on an a la carte basis." But a la carte equals consumer choice and business competition, while bundled services means making you buy services you don't want.

Several states, notably North Dakota, have enacted privacy legislation stronger than the federal GLB law, or have initiated lawsuits against banks that overtly deceived their customers. The bankers are lobbying furiously to get Congress to pass new legislation to preempt state law.

Personal financial information is a property rights issue, and Americans should speak up to defend their property rights in their own financial information.