Aditi A. Prabhu


The 2001 Patriot Act chipped away financial privacy protections by allowing law enforcement authorities easier access to bank customer records. Under the Patriot Act, federal authorities may access customer records by issuing formal subpoena-like requests under the Foreign Intelligence Surveillance Act ("FISA") or informal national security letters ("NSLs") to banks while prohibiting notice to any affected customers. However, the 2006 revisions to the Patriot Act permit banks to challenge FISA requests and NSLs in federal court before releasing customer records. While the Act does not require banks to make these challenges on behalf of their customers, this Article will argue that the contracts banks sign with their customers-interpreted in light of the banking tradition of confidentiality and the current regime of federal and state privacy protections-obligate banks to review government requests for customer records and file challenges when appropriate. Furthermore, I will argue that banks and customers should be able to enter into contracts explicitly obligating banks to challenge FISA requests and NSLs and that such contracts would be enforceable and financially feasible.

First Page