Privacy laws threaten compliance

Sep 23, 2012 @ 12:01 am

By Dan Jamieson

State by state, lawmakers are chipping away at securities firms' ability to monitor employee communications on social-media sites, a development that could cause compliance headaches for both firms and regulators.

California could become the latest state to ban employer access to private social-media sites used by employees. A law passed by the state Legislature last month still must get the approval of Gov. Jerry Brown, who has until the end of the month to sign it.

Similar laws are scheduled to take effect in Maryland next month and Illinois next year. Other states considering social-media privacy bills include New York, New Jersey, Delaware, Massachusetts, Minnesota, Michigan, Missouri and South Carolina.

The California bill, which faced no opposition in the Legislature, would prohibit an employer from requiring that an employee or job applicant disclose passwords for personal social-media sites.

The Securities Industry and Financial Markets Association has called on Mr. Brown to veto the legislation.

“The bill, while well-intended, conflicts with the duty of securities firms to supervise, record and maintain business-related communications” under Financial Industry Regulatory Authority Inc. rules, SIFMA said in a letter to the governor.

The industry doesn't want to snoop on employees, SIFMA wrote.

“The problem ... is that many people use the same account for both personal and business activity,” the trade group wrote.

Finra made a similar argument in June to California lawmakers. Along with SIFMA, Finra asked that people in the securities industry be exempt from the proposed law.

California's Senate rejected that idea but amended the bill to let employers request personal social-media information only when they have reason to think that it is relevant to an investigation of wrongdoing.

Maryland's law offers a similar exemption.

But industry observers contend that these carve-outs won't allow for routine supervision or inquiries into violations of firm policies.

“A representative could argue that it doesn't apply to red flags or general supervisory use,” said Brian Rubin, a partner at Sutherland Asbill & Brennan LLP.

“B-Ds need to watch over reps to make sure the reps are being responsible in making comments relating to specific stocks or recommendations,” said Yaron “Ron” Reuven, chief executive of Reuven Enterprises Securities Division LLC. “Otherwise, they risk having a stock-promoting pump-and-dumper on their hands.”

Registered investment advisory firms and their employees also will be affected by the state laws. Under Securities and Exchange Commission regulations and state securities rules, advisory firms must supervise employee-client communications and retain relevant records, including social-media information.

“We are aware of this legislation and are monitoring it,” SEC spokesman John Nester said in a statement.

The California law, if approved, will help bring the issue to the forefront, according to Kim Chamberlain, SIFMA's associate general counsel.

“It will be big,” she said during a meeting of state securities regulators this month.

Meanwhile, Finra “will continue to monitor similar bills for potential impacts,” Finra spokes- man George Smaragdis wrote in an e-mail.

So far, California is the only state in which Finra has lobbied to oppose social-media privacy laws.

The American Council of Life Insurers also opposed the California law.

Individual state regulations on social-media privacy could be just the tip of the iceberg.

A proposed federal law, the Password Protection Act of 2012, would make it illegal for an employer to compel or coerce access to any private online information, according to its sponsors.

Federal laws “could contradict what the SEC and Finra are coming out with,” said Nancy Lininger, a Camarillo, Calif.-based compliance consultant.


The industry faces a clear challenge as the use of social media by financial advisers grows.

An InvestmentNews survey of independent broker-dealers this year found that 80% of firms permit their reps and advisers to use social media for professional purposes. Last year, a survey by Massachusetts regulators found that 44% of state-registered investment advisers use at least one form of social media.

Some brokerage firms limit advisers to LinkedIn or Twitter, where content is less private than on Facebook. Many firms also require advisers to certify that they don't use social media for business purposes.

Michael Kitces, a partner at Pinnacle Advisory Group Inc. and a prolific user of social media, supports the privacy laws.

Employers can have compliance policies that prohibit client communications outside approved and reviewable channels, he said.

“I really don't see why an employer ... should have access to my private social-media accounts, any more than they should have access to my private non-work e-mail [or] my private non-work phone calls,” Mr. Kitces said.

But without access to personal sites, firms won't know for sure what their advisers are doing, critics of the laws said.

Certification helps, “but it's hard to prove a negative,” said Paul Glenn, special counsel with the Investment Adviser Association.

“The question comes down to: What if a representative is not honest about their business use of social media?” Ms. Chamberlain said at the meeting of state regulators.

The IAA is following the issue but has yet to weigh in with a lobbying effort, Mr. Glenn said.

SIFMA members are trying to figure out how to deal with the state bans, Ms. Chamberlain said in an interview.

“Assuming we can come up with a way to satisfy Finra obligations, while allowing the use of social media, we'd like to do that,” she said. Twitter: @dvjamieson


What do you think?

View comments

Recommended for you

Upcoming Event

Mar 14



InvestmentNews is honoring female financial advisers and industry executives who are distinguished leaders at their firms. These women have advanced the business of providing advice through their passion, creativity, inclusive approach and... Learn more

Featured video


Regulators' gloves are coming off with cybersecurity. Put up your dukes with these tips

Updated guidelines and some of the first-ever rule enforcements signal that regulators are getting serious about holding firms accountable for data breaches, according to special projects editor Liz Skinner and technology reporter Ryan Neal.

Recommended Video

Keys to a successful deal

Latest news & opinion

Advisers throw cold water on FIRE movement

Millennials love it, advisers don't: Turns out, extreme early retirement is a suitable goal for almost nobody.

10 universities with the most billionaire alumni

These 10 American schools have the greatest number of alumni who are billionaires.

Top-performing ETFs of 2018

The markets took a beating last year, but these exchange-traded funds bucked the trend

Morningstar says investors rushed the exits in 2018

Net flows into mutual funds and ETFs were the lowest since the 2008 financial crisis, while money-market funds captured inflows.

Widow awarded $4.2 million by Finra panel for theft by ex-Royal Alliance broker

The former broker, Gary Basralian, earlier pleaded guilty to theft and is facing up to 20 years in prison.


Hi! Glad you're here and we hope you like all the great work we do here at InvestmentNews. But what we do is expensive and is funded in part by our sponsors. So won't you show our sponsors a little love by whitelisting It'll help us continue to serve you.

Yes, show me how to whitelist

Ad blocker detected. Please whitelist us or give premium a try.


Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print