A quick Internet search for ways to get someone’s bank or investment account information returns at least a dozen private investigation companies that promise to find these records “anywhere in the US and worldwide” for judgment collections, verification of net worth and for “just about any other purpose.” But a closer look at these Web sites reveals a fine-print disclaimer stating that the information is from public records such as divorce cases and probate filings. And there are a few that do not bother with a disclaimer, providing only an 800 number to call.

Asset searches, which may include bank and investment accounts, are not illegal; however, certain actions to obtain this information, such as pre-texting, are illegal. And although there are methods that can be used to obtain financial information covertly, most if not all, are questionable and often futile. There is no clear way for anyone other than the account holder, a designated representative or a party with a valid court order to get account information without violating the law.

There is a general misconception that a judgment, just by virtue of its issuance, can be used to force a bank or financial institution to disclose account information, but the enforcement of judgments is governed by each state’s laws. In California, for example, a writ of execution is necessary. These writs are rendered on a county-by-county basis and direct a levying officer (usually a sheriff) to serve the writ on the named institution. The institution then may be required to freeze the account and in some cases to hand over the account balance. State laws also allow the creditor, after a judgment is obtained, to examine and request asset information from the debtor. This, however, puts the debtor on notice and may result in draining an account before a writ of execution is served.

The privacy protection laws that govern access to financial information under false pretenses depend on whether the affected customer is a consumer or a business entity. The more significant legislation is directed at protecting consumers, defined generally in the laws and in interpretative decisions as ”individuals consuming goods or services for personal or household use.” The Gramm-Leach-Bliley Act (GLBA) prohibits obtaining customer information from a financial institution under false pretenses and imposes an obligation to protect customer information. Under the GLBA, a customer means “an individual consumer,” which is essentially the same as the definition of a consumer under the Fair Credit Reporting Act (FCRA). In addition to the GLBA and FCRA, there are other potentially applicable federal privacy laws, as well as a long list of state laws. But even if a specific law may cover only consumers, the financial institution’s contract with the business customer would certainly be construed as preventing third-party access.