News has been trickling out over the past few weeks about the extraordinary data-mining operations that Randy noted awhile back. At least when the NSA snoops it is doing so to prevent terrorism (which, I hasten to add, doesn’t mean that it should be allowed to do so). It isn’t clear why the CFPB needs to be so intrusive.
Michael Mayfield and John Berlau have an update on the CFPB’s data-mining operations here. As for the financial privacy laws, they report that the CFPB is exempt from standard financial privacy laws:
How did we come to this? The main reason is that Dodd-Frank specifically exempts the CFPB from a bipartisan law enacted in the 1970s to protect Americans’ financial privacy.
In 1976, the U.S. Supreme Court ruled in U.S. v. Miller that the Fourth Amendment to the Constitution, which protects Americans from unreasonable searches and seizures, does not safeguard individuals’ financial information held by banks and other third-party institutions. In response to this ruling, Congress passed the Right to Financial Privacy Act (RFPA) in 1978. The law protects individuals’ financial privacy by requiring that federal agencies document their access to financial records. Under the RFPA, an agency that wishes to access a person’s financial information must first notify that person and give her an opportunity to object. If she objects, the agency is barred from accessing her records unless it formally certifies that they relate to a legitimate law enforcement investigation.
How can the CFPB get away with its data mining without violating the RFPA? Because Congress made the CFPB exempt from the RFPA when it enacted Dodd-Frank!
Fortunately, Rep. Duffy and a few other concerned lawmakers are fighting back. Duffy, a member of the House Financial Services Committee, recently introduced the Right to Financial Privacy Act of 2013 (H.R. 2571), which would eliminate CFPB’s exemption from the RFPA.