My company recently hired a privacy law attorney to look into our procedures and systems as they relate to current privacy laws. He is questioning our practice of submitting our AR data to D&B and credit trade groups (we submit commercial credit, no consumer data). I searched the internet for specific laws and legislative acts but couldn’t find a reference for the commercial credit protections, restrictions, or laws. Can you point me to specific laws that regulate credit or payment information with other business and commercial credit agencies or industry trade groups? I need to show him something to prove we can share this data and it is the basis for how credit decisions are made on trade credit.
— Freaking out in Florida
Dear Freaking out,
You and your company are trailblazers! You are the first I’ve heard of hiring an attorney to look for customer privacy gaps in your processes. You didn’t mention if you are publicly traded or privately held.
I am going on record that I am not a fan of this lawyer. As if credit managers need one more issue to fight their leadership on. How exactly does anyone (outside of credit) think we get the information to make informed credit decisions and make them quickly? Maybe we should use the pixie dust method. Just shake the magic credit wand and see what sprinkles out.
Consumer (personal) and commercial (trade) credit reports are a way of life. If you want to buy something on credit—personal or business— credit ratings and history comes into play. Not being a lawyer (I have few enough friends as a credit manager), I reached out to an attorney buddy, who as luck and the small world of credit management would have it, is the leading authority in our space on anti-trust. She literally writes the chapter on Commercial Credit Antitrust laws for NACM. Thanks, Wanda Borges, for sharing your wisdom.
The exchange of credit information is controlled by the Sherman Anti-Trust Act and case law under that act goes as far back as 1925 and permits the sharing of credit information for specific purposes. Among those purposes is to safeguard the credit grantor from a customer who isn’t paying its bills.
Let’s talk about the privacy issues. Several states, including California, Virginia, and Colorado, have recently instituted privacy laws which, while absolutely aimed at consumer information, also control any personal information you have on personal guarantors. BUT that is consumer and not commercial credit.
So, Freaking out, take the information regarding the Sherman Act, and questions around personal guarantee data, and sit down with your privacy attorney to have the conversation. I am questioning why you even have to bring this information to the table. The attorney should know this. Could it be that his focus is consumer and not commercial? If he is going to raise the questions, he should have a paralegal to do the research, not you. If he doesn’t have expertise in the business space, he should own up and say it. I’m not hating on him for not knowing every bit of the law, but if this is his field of expertise, then alrighty, “smartest kid in the class.” With his hand waving out of his arm socket questioning you, have him pay attention to what you are bringing up and do the due diligence himself.
God bless you, working through this. If you need back up, let me know. I will send you Wanda’s number.
With more than 30 years of credit management experience in the LBM industry, Thea Dudley consults with companies on a wide range of credit and financial management issues. Contact Thea at email@example.com