Fed, intelligence and military groups warn that data brokering practices could threaten national security

A coalition of former officials and groups representing federal employees and military service members is asking the Consumer Financial Protection Bureau to consider the national security implications of a rule it is developing that would require data brokers to comply with the Fair Credit Reporting Act, according to a letter sent. Thursday.

The next line – first launched in April by agency chief Rohit Chopra – was born from a executive order Signed this year by President Joe Biden, it aims to prevent large amounts of Americans’ sensitive personal data from falling into the hands of foreign adversaries who could use it to gather or exploit intelligence.

The rule would designate companies that sell certain types of people’s data under the definition of “consumer reporting agencies,” which would essentially require them to comply with the FCRA. The letter – signed by former intelligence officials and staff organizations including the National Federation of Federal Employees – states that CFPB must adequately address the national security risks associated with the collection, aggregation and sale of Americans’ personal information by data brokers.

The letter suggests that while the CFPB focuses on consumer privacy and data protection, it may not consider how these data practices also expose sensitive information about U.S. citizens – especially government employees, military personnel and law enforcement – ​​to exploitation by foreign adversaries.

“The sale of Americans’ financial data is particularly valuable to malicious actors because it provides exploitable insights – in some cases not found elsewhere – into personal debt, gambling problems, marital problems, foreign bank accounts and other sensitive matters that could be opportunities for blackmail, pressure and recruitment,” they write.

Numerous hacking incidents over the past decade have exposed the personal data of federal employees, military members, and ordinary American citizens. A legendary breach at the Office of Personnel Management that came to light in 2015 helped stimulate attention addressed the issue after hackers stole data from millions of current and former federal employees.

A documented 2017 hack at Equifax also compromised the data of some 150 million Americans and drew heavy criticism. congressional oversight. It was later attributed to Chinese nation-state agents.

The Biden administration, as part of its executive order, is seeking to ban transactions that data brokers make with “countries of concern” on the grounds that such data could be surreptitiously processed by foreign hackers or intelligence agents, potentially posing numerous national security risks and harming U.S. citizens are exposed to surveillance, blackmail and other privacy violations. A sweeping DOJ regulatory proposal related to the EO was issued last week.

“The national security risks posed by data brokers pose a serious threat, and the CFPB will soon propose rules to ensure that Americans’ financial data and contact information is kept out of the hands of foreign governments (as well as hackers and scammers at home). a CFPB spokesperson said Next Government/FCW when asked about the letter.