The CFPB’s data collection efforts are drawing fire from the U. S. Chamber of Commerce. Those efforts became a focus of attention as a result of an April 2013 report by Carter Dougherty of Bloomberg which revealed that the CFPB had been demanding voluminous amounts of information from banks related to credit cards and other financial products and services and had also been buying data from vendors about various financial products such as auto and payday loans. According to the report, the CFPB was using the information to build a database to inform its enforcement and rulemaking activities.
When he appeared before the Senate Banking Committee on April 23, CFPB Director Cordray defended the CFPB’s efforts as necessary for informing its rulemaking, including its performance of cost-benefit analyses, and fulfilling the CFPB’s reporting responsibilities to Congress.
A new report by Mr. Dougherty discusses the June 19 letter sent by the U.S. Chamber of Commerce to the CFPB claiming that the Bureau’s data collection efforts do not comply with the Dodd-Frank Act. Section 1022 of Dodd-Frank allows the CFPB “to gather information from time to time regarding the organization, business conduct, markets, and activities of covered persons and service providers” by using various methods, including requiring banks and other “covered persons and service providers participating in consumer financial services markets to file with the Bureau, under oath or otherwise, in such form and within such reasonable period of time as the Bureau may prescribe by rule or order, annual or special reports, or answers in writing to specific questions.” The Chamber indicates in its letter that the CFPB’s data collection efforts are unlawful because the Bureau has not issued a “rule or order” as required by Section 1022.
The Chamber’s letter notes that the CFPB has taken the position that its data collection does not violate the prohibition in Dodd-Frank barring the CFPB from “obtain[ing] records from covered persons and service providers…for purposes of gathering or analyzing the personally identifiable information of consumers.” In the CFPB’s view, the prohibition is not violated because the information it receives does not include consumers’ names and addresses. The Chamber questions in its letter whether the Bureau has sufficient protections in place to prevent the information it receives from being linked to a consumer’s personal identity.
Also discussed in the Chamber’s letter are the costs the CFPB’s information demands impose on the companies required to provide such information and the potential risks to such companies of providing confidential information to the Bureau that the Bureau does not clearly have the right to obtain.