Language selection

Search

Alleged inappropriate collection and use of personal information to deny credit limit increase

PIPEDA Case Summary #2003-170

[Principle 4.3, Schedule 1]

Complaint

An individual complained that a bank collected information about the number of credit inquiries on his credit bureau report, without his knowledge and consent, and inappropriately used that information.

Summary of Investigation

The complainant held two credit card accounts with the bank in question. At his request, in February 2002, the bank increased the credit limit of one of his cards. He subsequently requested a second credit limit increase which was refused by the bank.

The complainant claimed that the bank refused to approve the second increase because his credit had been assessed as too risky, given that there had been repeated credit checks on his account.

The bank denied his request because of its policy to approve credit limit increases only once every six months. Customer service representatives are expected to automatically refuse a second credit limit increase requested within that timeframe. The Commissioner's office confirmed that the bank did not conduct a credit bureau inquiry about the complainant, other than the one made in February when he applied for his first credit limit increase.

The bank's customer service representatives are required to record all significant interactions with customers on a computerized client record system, and there was no record of the complainant's second request.

Commissioner's Findings

Issued April 25, 2003

Jurisdiction: As of January 1, 2001, the Personal Information Protection and Electronic Documents Act (the Act) applies to any federal work, undertaking, or business. The Commissioner has jurisdiction in this case because certain banks are federal works, undertakings, or businesses as defined in the Act.

Application: Principle 4.3 of Schedule 1 to the Act states that the knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.

The Commissioner determined that there was no evidence to suggest that the bank collected or used the number of credit checks on the complainant's credit bureau report to determine his credit worthiness, and subsequently deny his request for a credit limit increase. Rather, he determined that the bank denied his request because of its policy to grant a credit card limit increase only once every six months. The Commissioner therefore had no basis to find that the bank had contravened Principle 4.3.

The Commissioner concluded that the complaint was not well-founded.

Report a problem or mistake on this page
Error 1: No selection was made. You must choose at least 1 answer.
Please select all that apply (required):

Note

Date modified: