OPINION: Who Is Protecting Your Personal Data From The Government?
Following recent data breaches that made headlines, Americans have made it abundantly clear that their privacy and personal information always come first, and that the government has a responsibility to protect them.
Yet in a bit of dark irony, a Washington regulator charged with protecting consumers is proposing to post the personal data of Americans who purchase homes on a public website, endangering the personal finances of millions. The regulator in question is the so-called Consumer Financial Protection Bureau (CFPB) which recently, and quietly, proposed to publicly release dozens of new fields about the financial wellbeing of mortgage applicants and homeowners.
The Home Mortgage Disclosure Act of 1975 (HMDA) is a little-known law with an admirable and important purpose: to help combat discrimination in mortgage lending. Given our nation’s disturbing history of redlining, blockbusting and other discriminatory practices, the law was an admirable attempt at righting the wrongs of racism in housing finance.
Under that law, certain lenders are required to collect information about home buyers which is then made anonymous and public. The idea is to determine whether financial institutions fairly serve communities and their housing needs. An ever-present concern is that this sensitive personal information– such as credit scores and debt — is at risk of being linked to individual consumers, violating Americans’ promised anonymity. This means your neighbors or salesmen could have insight into your personal finances; it could also arm criminals to fish for more sensitive information.
This issue is not new. In 2005, Glenn Canner, a former Federal Reserve Board senior adviser noted: “Approximately 95 percent of loan records are ‘unique,’ meaning loan amount and census tract can be attributed to a single person. With a cross match to private lien transfer records, one can identify these individuals in 95 percent of the cases.” The House Financial Services Committee on which I sit has heard testimony from Dr. Mark Calabria, now chief economist to Vice President Pence, that “Even before this [new rule], from what was publicly available for HMDA, you could link to courthouse records and identify individuals with that data.”
Now that we’ve fully entered the digital age where all sorts of data sources are more easily accessible, the CFPB is poised to really exacerbate the issue.
A new report from Anthony Yezer at The George Washington University draws concerning conclusions about what publication of additional information will mean for consumers, and the effectiveness of HMDA as enforced today. The study finds that, because many lenders are not required to report the information, HMDA data is not useful in its intended purpose of tracking discriminatory practices. The study also finds that “the degree of privacy protection afforded minorities in old HMDA data is far lower than that enjoyed by non-Hispanic white borrowers.” These conclusions beg the question: Is HMDA still benefitting those it was designed to help? And why is the CFPB eager to publish data with gaping holes?
And another group at risk? The elderly, who are already a favorite target for financial schemes. The report states that “those seeking to prey on…individuals can gain their confidence by appearing to detailed knowledge of loan terms and their financial condition.”
I believe our federal government — especially the so-called Consumer Financial Protection Bureau — must always operate on the principal of Do No Harm. Yet the Bureau outright acknowledges their new rule “would create risks to applicant and borrower privacy interests.” The Bureau deserves some credit for proposing some modifications, but it concedes that this would only “reduce risks” for consumer privacy.
In the not-too-distant future, small businesses, many of which are owned by our friends and neighbors, could be in the cross-hairs. The CFPB could impose requirements to have similar information reported to the government and made available to the public. In addition to the privacy issues, such requirements will undoubtedly be severely burdensome for lenders, and another obstacle between small businesses and their ability to hire and grow.
In the balance between public disclosure and consumer privacy, the Bureau proposes to tilt the scale against privacy. This is unacceptable for American consumers.
Congress is taking action. Twenty-seven of my colleagues and I recently wrote the CFPB to express these concerns. I have introduced legislation, the Homeowner Information Privacy Protection Act, which would require the Government Accountability Office to undertake a study of risks to consumer privacy before the Bureau can move forward with publishing any new mortgage information. We need answers first.
Now that the CFPB is experiencing a leadership change, it’s time for the Bureau to change course from its troubling path. American consumers and Congress are watching.
Congressman Randy Hultgren represents Illinois’ 14th District and is a member of the House Committee on Financial Services.