The Consumer Financial Protection Bureau (CFPB) is proposing a rule that would limit data brokers’ ability to sell Americans’ sensitive personal and financial information. Under the proposed rule, data brokers selling consumer reports, such as income, credit history, or debt payments, would be subject to the Fair Credit Reporting Act (FCRA), which regulates how these agencies handle consumer data.
The CFPB’s move comes after high-profile hacks affecting hundreds of millions of Americans, including a recent breach that leaked over 200 million Social Security numbers. Director Rohit Chopra warned that systemic vulnerabilities in personal data buying and selling pose real dangers to American privacy and national security.
The new rule would require data brokers to obtain explicit consent from consumers before sharing sensitive information. It also aims to address concerns about private companies profiting from enabling scams, stalking, and spying by selling Americans’ most sensitive data without their knowledge or consent.
While the regulation is targeting private companies, the CFPB acknowledges that government agencies may still rely on data brokers for certain purposes. However, the agency’s request for comment on ensuring “appropriate access” to consumer information suggests a cautious approach to balancing data protection with national security needs.
The proposed rule is part of a broader push by the CFPB to strengthen consumer protections and address growing concerns about personal data misuse. As the agency seeks public feedback through March 3rd, 2025, critics warn that Trump administration plans to defang the CFPB could undermine this effort and leave consumers vulnerable to exploitation.
Source: https://www.theverge.com/2024/12/3/24311498/cfpb-rule-data-brokers-social-security-number-fico-score