Trump just handed data brokers a gift in the form of our data

The Consumer Financial Protection Bureau (CFPB), under acting director Russell Vought, canceled proposed new rules this week that would have protected Americans’ sensitive private data—including financial data, credit history, and Social Security numbers—from being collected by data brokers without consent and sold to advertisers and other third parties. 

The proposed rules, which were crafted in December by the Biden administration’s CFPB director, Rohit Chopra, were aimed at protecting consumers from commercial surveillance practices that “threaten our personal safety and undermine America’s national security.” (Wired, for example, reported in February that U.S. data brokers were using Google’s ad-tech tools to sell access to information about devices linked to military service members and national security decision-makers.)

Proposed rules clarified that many data brokers are in fact “consumer reporting agencies,” like the credit bureaus, which already must comply with the privacy and accuracy rules in the Fair Credit Reporting Act (FCRA). For example, under those requirements, data brokers would have to get explicit consent from consumers before collecting and selling their data. 

But on Tuesday, the Vought-led CFPB quietly announced in the Federal Register that it was withdrawing the proposed rules, stating that they are “not necessary or appropriate at this time.” The CFPB’s argument against the proposed rules revolved around a  single comment left during the public comment period about the proposed rules’ “propriety under the plain text of the FCRA.” 

Data privacy advocates have been fighting for years to make data brokers subject to the FCRA’s privacy rules. The withdrawal of the proposal is a victory for large data brokers such as Acxiom and Epsilon, for the consumer websites that sell data, and for the vast digital advertising ecosystem that uses the data to target ads.  

While many consumers are unaware of the vast personal data marketplace centered around data brokers, privacy advocates immediately saw the death of the proposed rules as a major setback. “The data broker industry is out of control—data brokers threaten our privacy, national security, physical safety, and economic security every day,” said Electronic Privacy Information Center law fellow Caroline Kraczon in a statement Tuesday. “The CFPB’s withdrawal of the proposed rules is another attack in the administration’s war against consumers on behalf of corporate interests.”  

At the state level, California, New Jersey, and Vermont have passed legislation giving consumers the right to demand that data brokers delete sensitive personal information about them.

https://www.fastcompany.com/91335533/cfpb-russell-vought-data-rules-abandoned?partner=rss&utm_source=rss&utm_medium=feed&utm_campaign=rss+fastcompany&utm_content=rss