Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label CFPB Regulations. Show all posts
US data protection law
CFPB Regulations Cyber News Data protection law Data Regulation Privacy US data protection law

CFPB US Agency Proposes Rule to Block Data Brokers from Selling Sensitive Personal Information

The Consumer Financial Protection Bureau (CFPB) has proposed a groundbreaking rule to restrict data brokers from selling Americans’ personal and financial information, marking a significant step toward strengthening privacy protections in the digital age. The rule, introduced under the Fair Credit Reporting Act (FCRA), targets practices that exploit regulatory loopholes, particularly the sale of sensitive data such as Social Security numbers and phone numbers.

CFPB's Initiative to Curb Data Exploitation

CFPB Director Rohit Chopra emphasized the agency’s commitment to addressing the “widespread evasion” of federal privacy laws by data brokers. He noted that these companies often operate outside the regulatory frameworks governing credit bureaus and tenant screening firms, profiting from data sales while exposing consumers to significant risks. 

"This rule represents a decisive step to ensure that those trafficking in Americans' most sensitive information face accountability," Chopra stated during a press briefing.

The proposed rule aims to reclassify data brokers under the same legal framework as credit bureaus and background check companies, thereby closing a longstanding regulatory gap. It would impose restrictions on selling data that identifies individuals, such as Social Security numbers, income histories, and credit scores, limiting the ability of data brokers to monetize private information.

Building on Momentum from Federal Initiatives

The CFPB’s proposal aligns with momentum from President Biden’s recent executive order targeting the sale of Americans’ personal data. The move reflects growing public and governmental scrutiny of data brokers, who have faced criticism for exploiting lax regulations to generate profits at the expense of consumer privacy.

Chopra underscored the dangers of unregulated data sales, describing the risks as "staggering." He highlighted the threat to individuals and national security posed by the unrestricted availability of Americans’ private information to virtually anyone willing to pay.

FCRA and the Call for Stronger Privacy Protections

The FCRA, enacted in 1970, was designed to ensure the privacy and accuracy of consumer data managed by reporting agencies. However, the absence of comprehensive national data protection laws has left Americans more vulnerable compared to citizens in other Western democracies.

If enacted, the new rule would represent a significant step in federal efforts to regulate data brokers, building on Congress’s original intent in passing the FCRA—to protect Americans’ personal data. The public will have until March 2025 to provide comments on the proposed rule, which could face challenges from the incoming administration's deregulatory stance.

Bipartisan Support and Industry Reactions

Despite potential political obstacles, Chopra pointed to bipartisan acknowledgment of the risks posed by data brokers: "This isn’t a partisan issue. The dangers of unregulated access to Americans’ private data are recognized across the political spectrum."

Stakeholder reactions, including those from consumer advocacy groups and the data broker industry, are expected to shape the final form of the rule. While some industry players may resist the changes, advocates for stronger privacy protections view the proposal as a much-needed step to safeguard consumer rights in an increasingly data-driven economy.

Potential Impact on the Digital Economy

If adopted, the rule would signify a pivotal shift in how sensitive data is handled in the U.S., setting a potential precedent for broader privacy protections. By regulating data brokers more stringently, the CFPB aims to strike a balance between protecting privacy rights and accommodating commercial interests.

Next Steps for the Proposed Rule

To advance the proposal, the CFPB recommends:

  1. Engaging Public Feedback
    Encourage diverse stakeholders to participate in the comment period to address concerns and refine the rule.
  2. Strengthening Compliance Mechanisms
    Develop clear guidelines and enforcement measures to ensure adherence by data brokers.
  3. Collaborating with Lawmakers
    Build bipartisan support to overcome political hurdles and facilitate legislative backing for the rule.
  4. Raising Awareness
    Educate consumers about their privacy rights and the implications of data sales on their personal security.

Looking Ahead

As the CFPB leads the charge on this critical issue, the debate over privacy rights versus commercial interests enters a decisive phase. The proposed rule has the potential to reshape the digital economy’s relationship with personal data, paving the way for stronger consumer protections and greater accountability among data brokers.

Read more »
Privacy
CFPB Regulations Data Brokers Micro-Targeting National Security Privacy

National Security at Risk: The CFPB’s Battle Against Data Brokers

The CFPB’s Battle Against Data Brokers

Data brokers work in secrecy, collecting personal details about our lives. These entities collect, and misuse our personal information without our explicit consent. 

The Rise of Data Brokers

The Consumer Financial Protection Bureau (CFPB) has taken notice, and their proposed regulations seek to hold data brokers accountable by subjecting them to the Fair Credit Reporting Act (FCRA). This move transcends mere privacy concerns—it is a matter of national security.

For instance, data brokers can facilitate targeting individuals by allowing entities to purchase lists that match multiple categories, such as “Intelligence and Counterterrorism” combined with descriptors like “substance abuse,” “heavy drinker,” or even “behind on bills.” 

In other contexts, entities can buy records for pennies per person, leveraging relatively small investments into mass data collection. The concern is that adversaries, including countries like China, can use this data to identify targets for surveillance and other purposes. The government is increasingly worried about foreign governments’ access to Americans’ data.

The CFPB’s Call to Action

The Consumer Financial Protection Bureau intends to propose new regulations that will compel data brokers to follow the Fair Credit Reporting Act. Earlier this month, CFPB Director Rohit Chopra stated that the agency is looking into rules to "ensure greater accountability" for companies that buy and sell consumer data, in line with an executive order signed by President Joe Biden in late February.

Chopra added that the agency is examining suggestions that would classify data brokers who sell specific categories of data as "consumer reporting agencies," requiring them to comply with the Fair Credit Reporting Act (FCRA). The statute prohibits the sharing of certain types of data with companies unless they have a legally defined purpose.

The CFBP considers the purchase and sale of consumer data to be a national security issue rather than a privacy concern. Chopra cited three large data breaches—the 2015 Anthem leak, the 2017 Equifax hack, and the 2018 Marriott breach—as instances of foreign enemies illegally collecting Americans' personal information.  

The National Security Angle

He said, "When Americans' health information, financial information, and even their travel whereabouts can be assembled into detailed dossiers, it's no surprise that this raises risks when it comes to safety and security,". However, the attention on high-profile intrusions hides a more widespread, entirely legal phenomenon: data brokers' capacity to sell precise personal information to anyone willing to pay for it. 

The government is increasingly concerned about foreign governments gaining access to Americans' data. In March, the House passed legislation that would bar data brokers from selling Americans' personally identifiable information to "any entity controlled by a foreign adversary." 

Why Data Brokers Matter

According to the Protecting Americans' Data from Foreign Adversaries Act, data brokers would be facing fines from the Federal Trade Commission if they sold sensitive information — such as location or health data — to any person or business situated in a few countries. The Senate has yet to vote on the legislation.

US government agencies also depend on data brokers to keep surveillance on Americans. In 2022, the American Civil Liberties Union released a series of files exposing how the DHS (Department of Homeland Security) exploited location data to track the movement of millions of cell phones — and the users who own them — across the United States.

Read more »
Subscribe to: Posts (Atom)