Data brokers will be on a tighter leash when handling Americans’ personal data, according to a new proposition by the U.S. Consumer Financial Protection Bureau (CFPB).
Under the proposed rules, brokers would be blocked from selling personal and financial data that contains identifying information, including Social Security numbers and phone numbers — a move that would also limit the ability of scammers to procure such data and target individuals specifically. Data brokerage is a vastly under-regulated area of concern for privacy experts, politicians, and consumers alike.
Ronan Farrow’s simple tips for keeping spyware off your phone
The regulations — should they remain under a Trump presidency — will recategorize brokers under the Fair Credit Reporting Act, passed in 1970, which protects consumers’ personal data collected by credit agencies. According to CFPB director Rohit Chopra, the act has been widely evaded by data traders, and with the new policy, brokers would be treated the same as credit bureaus and background check companies, or any other company that sells data about income or credit scores, histories, and debt payments, TechCrunch reported.
Mashable Light Speed
“By selling our most sensitive personal data without our knowledge or consent, data brokers can profit by enabling scamming, stalking, and spying,” wrote Chopra. “The CFPB’s proposed rule will curtail these practices that threaten our personal safety and undermine America’s national security.”
In February, President Joe Biden passed an executive order cracking down on foreign actors selling and procuring Americans’ personal data, authorizing federal powers to prohibit data transactions with “countries of concern.” At the time, this included known American adversaries like China, Russia, North Korea, Iran, and Venezuela.
Just last week, the bureau announced broader regulatory oversight of companies managing digital wallets and payment processing, including Apple Pay and Venmo, which will now be categorized in the same way as banking institutions and creditors. The agency also expanded its ability to monitor Big Tech’s data collection and sharing policies under consumer protection laws.