Welcome to Consumer Reports Advocacy

For 85 years CR has worked for laws and policies that put consumers first. Learn more about CR’s work with policymakers, companies, and consumers to help build a fair and just marketplace at TrustCR.org

Press Release

CR urges CFPB to adopt strong consent and privacy requirements as it considers options for a personal financial data rights rulemaking

January 26, 2023

Proposals aim to give consumers more control over their personal financial data and make it easier to switch to other financial providers

WASHINGTON, D.C. – In a comment letter filed with the Consumer Financial Protection Bureau, Consumer Reports called on the agency to adopt strong rules that protect consumers’ privacy and prevent their data from being shared without rigorous informed consent.  The CFPB is considering options for a proposed personal financial data rulemaking as required under Section 1033 of the Dodd-Frank Act.

The rulemaking aims to give consumers greater control over their financial information so they can leverage their data to their own benefit. This would enable consumers to more easily move away from companies that provide unsatisfactory products or services and switch to competing financial firms that offer better opportunities.

Consumer Reports comment letter points out. “Permissioned data sharing can help consumers better manage their debt, budget their earnings, and save towards their goals. It can expand access to credit to many creditworthy Americans who are excluded by the credit reporting system’s outdated mechanisms. It can facilitate wealth building and enable the behaviors that contribute to financial well-being. The consumers who are likely to benefit most from permissioned data sharing are those who traditionally have been excluded and underserved by the financial system.”

CR’s letter cautions, however, that these benefits will be undermined if the proposed rules do not include strong consumer protections and oversight by the CFPB. CR called on the CFPB to ensure that its proposed rule include the following:

  • Coverage of data providers should be expanded to include Buy Now, Pay Later firms and Earned Wage Access programs.
  • Authorization procedures should be modeled on the informed consent protocols prescribed for human subjects research under the Common Rule. These should be specific and tightly enforced.
  • Data should be provided in ways that protect consumers’ personal identifying information as well as financial information, and data providers should be prohibited from charging fees for the provision of consumer data.
  • Third parties must observe data minimization requirements, provide a way for consumers to revoke authorization, and permit secondary uses on an opt-in basis.

Michael McCauley, michael.mccauley@consumer.org, 415-902-9537

IssuesMoneyTech & Privacy
Expert
Delicia Hand
Director, Financial Fairness Advocacy
You Might Also Be Interested In
press release
July 25, 2024
Consumer Reports survey: Many Americans concerned about AI, algorithms 
July 19, 2024
Consumer Reports Supports D.C. Council Health Privacy Legislation, the Consumer Health Information Privacy Protection Act of 2024
press release
July 18, 2024
CFPB proposes rule requiring paycheck advance providers to disclose all costs and fees to workers
press release
July 11, 2024
Consumer Reports applauds New York Department of Financial Services’ guidance to insurers to protect consumers from algorithmic discrimination