CFPB Withdraws Rule Limiting Data Broker Practices
The Consumer Financial Protection Bureau (CFPB) has withdrawn a proposed rule that would have restricted data brokers from selling Americans' sensitive personal and financial information, including Social Security numbers.
The rule, initially proposed in December 2024, aimed to close a loophole in the Fair Credit Reporting Act. It would have required data brokers to comply with the same privacy rules as credit bureaus and other consumer reporting agencies.
However, the CFPB officially withdrew the rule. Acting Director Russell Vought stated the rule was "not aligned with the Bureau’s current interpretation" of the Fair Credit Reporting Act. Vought also serves as the director of the White House’s Office of Management and Budget.
Privacy Concerns Rise as Data Broker Industry Remains Unchecked
Data brokers comprise a multibillion-dollar industry that profits from collecting and selling vast amounts of personal and financial data. This data is often sold to other companies, law enforcement, and intelligence agencies, often without individuals' explicit consent.
This practice raises significant privacy concerns, especially given the increasing risk of data breaches. Recent incidents involving data brokers have exposed millions of Social Security numbers and troves of location data.
Privacy advocates have long urged the government to strengthen regulations on data brokers using the Fair Credit Reporting Act.
Withdrawal Follows Lobbying Efforts
The CFPB's decision comes shortly after the Financial Technology Association, a lobbying group representing banking and fintech companies, urged the White House to withdraw the rule. The group claimed the rule would hinder financial institutions' fraud prevention efforts.
The CFPB has not yet commented on the withdrawal.
This decision leaves consumers vulnerable to potential misuse of their sensitive data and underscores the ongoing debate surrounding data privacy and regulation.
