September 21, 2023, Washington, DC – Steve Boms, the Executive Director of the Financial Data and Technology Association of North America, a consortium of financial technology companies united behind the notion that consumers and small businesses should have full control over their financial data, today released the following statement in response to the Consumer Financial Protection Bureau’s (CFPB) outline of proposals and alternatives under consideration by the agency ahead of its “data broker” rulemaking:
“We welcome the CFPB’s close scrutiny of companies that collect and sell consumers’ data, often unbeknownst to the consumer, and use that data for marketing and advertising purposes.
At the same time, we are concerned that the CFPB did not distinguish in this outline between entities that collect consumer information without consumers’ informed consent and third-party providers of financial products and tools that access consumers’ data at their express direction and consistent with the CFPB’s forthcoming Section 1033 Open Banking rule.
Entities that enable consumers to access and share their own personal financial information – at consumers’ express direction – are at the heart of open banking and empower consumer choice and control, and improve consumers’ ability to manage their financial lives. These companies should be appropriately regulated under Section 1033, including adhering to the privacy principles FDATA North America members released in March of this year.
The same principles that led to the enactment of the Fair Credit Reporting Act in 1970 – transparency and control for consumers over their financial data – are the hallmarks of customer-permissioned data access marketplace today. Accordingly, as it contemplates a proposed rule in this space, we encourage the CFPB in the strongest possible terms to distinguish between “data brokers” and third-party financial providers that access consumer data based on a consumer’s affirmative request to do so.”
FDATA North America previously responded to the CFPB’s Request for Information (RFI) Regarding Data Brokers and Other Business Practices Involving the Collection and Sale of Consumer Information, submitting a comment letter in June stressing in the strongest possible terms, that third-party providers of financial services that rely on consumer-permissioned data are not data brokers, and therefore should be exempt from any Bureau rulemakings, guidance, or other actions it may consider in the data brokerage space.