Privacy concerns as bank is found to be passing on the contact information of its customers' referees to its sales department - but the law says that's fine.
Privacy concerns over bank references
Before you give your mother's or boss's phone number as a reference on a banking application, consider how many irritating phone calls that could lead to.
At least one bank is passing that contact information along to its sales department, a practice that officials say does not violate the country's consumer rights or privacy laws even though it can trigger unwanted calls.
Because banks are expected to contact the list of references provided by the client, it is up to their discretion how they will store and use that information, said Saleh Alawo, the manager of the banking examination department for the UAE Central Bank.
"If they are not releasing this information to a third party but are keeping it within their company for bank-related procedures, they can use it how they decide," he said.
Jeff Weeks, a Canadian aviation engineering instructor who lives in Abu Dhabi, applied for a credit card with Abu Dhabi Commercial Bank (ADCB) about three months ago. He said he was infuriated to find out recently that a work acquaintance he had listed as a reference was contacted by the bank's sales staff, who treated it as a business lead.
"I just happened to be standing next to him when they called, and when he asked how they got his phone number they told him that I had given it to them," Mr Weeks said. "I never authorised anything like this and would not want to subject people I know to this kind of solicitation."
Mr Weeks filed a complaint with the bank but was told this was a normal business practice.
Rasha Hassan, an official in the internal investigation department of ADCB, said customers could specify that they did not want their references contacted for other purposes. Otherwise, the references are stored in the bank's system with other personal information and are accessible by different departments.
Though there are provisions in the constitution and penal code which address the right to privacy, the country does not have any substantive data protection law, according to Alexander Shepherd, the head of the technology, media and communications for the Middle East at Simmons & Simmons law firm.
An exception to that would be for companies registered with the Dubai International Financial Centre, which has a court system based on English common law.
“As the law stands, provided the contact details of the referees are not provided to any third party, there doesn’t not appear to be any restriction on financial institutions using that information for their own marketing purposes,” he said.
In Europe, any use of personal data requires a person’s consent.
“A federal data protection law would be beneficial to businesses and individuals alike as it would clarify for both parties precisely how data could be used,” he said.
It is not clear how other local banks use client information such as personal references. Representatives from National Bank of Abu Dhabi, Abu Dhabi Islamic Bank, HSBC UAE, RAK Bank and Emirates NBD did not respond to requests seeking comment on whether this is a normal practice.
The Ministry of Economy’s Department of Consumer Protection declined to comment.
Yusra al Ameri, a consumer protection official at Abu Dhabi’s Department of Economic Development, said the department does not take issue with such practices.
“We don’t interfere if the information is not used in a bad or illegal way,” she said.
Mr Weeks said he and many people he knows have received unwanted marketing calls for financial services, and he believes it is linked to banking references.
“It is an abuse of confidential information, and it’s not right,” he said. “It seems it is impossible to open an account here without dragging people you know into the same awful process.”