House Subcommittee Grills CFPB Exec Over Confidential Data Collection
Members of the House Financial Services Financial Institutions and Consumer Credit Subcommittee were visibly annoyed Tuesday during a hearing regarding the Consumer Financial Protection Bureau’s collection of confidential account information when the bureau’s witness was unable, or unwilling, to answer questions.
“The American people have a right to know how this government agency is collecting and using their personal financial data,” said Rep. Shelley Moore Capito (R-W.Va.), who chairs the subcommittee. “The CFPB has thus far declined to provide concrete answers to questions that have been asked in public forums.”
Rep. Sean Duffy (R-Wis.) put CFPB Acting Deputy Director Steve Antonakes in the hot seat when, after Antonakes had denied the CFPB collects ZIP code information on consumer financial accounts, Duffy produced a contract between the CFPB and credit reporting firm Experian that specifies the bureau does, in fact, collect the information.
“Many of my constituents are concerned that our government has their health records, their phone records, their Internet records, their emails, and now the CFPB is monitoring their financial records,” Duffy said.
“Frankly, there has been a veil of secrecy around the collection of data at a time when the agency, as it is ramping up, has made a pledge to Congress and to the American people to be open and transparent,” the Wisconsin Republican said.
Capito also questioned the CFPB’s use and storage of personally identifiable information “despite the clear intent of Congress.” The CFPB is prohibited by law from obtaining or using personally identifiable financial information about consumers to inform its market monitoring activities. “We simply do not know the extent to which the CFPB is collecting, storing or having outside contractors collect and store consumers’ personally identifiable information,” she said. However, Rep. Carolyn Maloney (D-N.Y.) cautioned her colleagues against being too critical of the CFPB, saying the Federal Reserve collects more personal account information.
“I don’t want this to become a CFPB witch hunt,” she said.
Members of the subcommittee also questioned Antonakes about the CFPB’s ability to keep the confidential consumer information secure, especially in light of two government watchdog reports that found deficiencies in the CFPB’s data security.
“These issues increase the risk of CFPB not preventing or promptly detecting and correcting…unauthorized access, modification, or both of its data,” the Government Accountability Office said in a May 2012 audit. A March 2013 report from the CFPB’s inspector general likewise found problems with the CFPB’s control of data, the subcommittee said in a release.
In advance of the hearing, incoming NAFCU President/CEO Dan Berger mentioned the inspector general and GAO reports in a letter to Capito and subcommittee Ranking Member Gregory Meeks (D-N.Y.).
“NAFCU has consistently cautioned that data collection efforts must include several layers of protection to ensure that sensitive information is not compromised,” Berger said.
Specifically, Berger said his trade has expressed concern about the response intake fields on the CFPB’s consumer complaint form and has asked that the bureau outline implementing procedures to ensure that employees handle this information with care.
“In an effort to minimize the potential for problems, NAFCU believes the CFPB should start by simply minimizing the breadth and scope of the personal information requested,” he said. “NAFCU has also expressed similar concerns to the Treasury Department as it creates a records system for the CFPB. Unfortunately, the CFPB has not done enough to wane our concerns.”