Obviously, there is a TON of buzz around the FCC and their current NPRM that is aimed right at the lead gen space, TCPAWorld has been bringing you all the action-packed updates, feel free to refresh with a few of the most recent postings from the Czar below.
And while all the world was buzzing about the FCC, the CFPB also threw a jab. Just last week the CFPB, who may STILL be officially dead, launched an inquiry into the practices of data brokers. They have an active Request For Information from the public, open until June 13, 2023, seeking comments on data brokers which will “serve to assist the CFPB and policymakers in understanding the current state of business practices in exercising enforcement, supervision, regulatory, and other authorities.”
The CFPB was granted enforcement and rulemaking authority over the Fair Credit Reporting Act (FCRA) with the passage of the Consumer Financial Protection Act (CFPA). The FCRA was enacted by congress way back in 1970 specifically to regulate consumer reporting agencies that were collecting and disseminating consumer data. “The FCRA established comprehensive rules to govern the practices of consumer reporting agencies, including four key features:
(1) a prohibition on using or disseminating certain personal data outside prescribed permissible purposes selected by Congress,
(2) a requirement that consumer reporting agencies “follow reasonable procedures to assure maximum possible accuracy” of consumer reports,
(3) a right of consumers to inspect data about themselves,
(4) due process to challenge false data”
The CFPB’s request for information is to explore if data brokers do fall under the FCRA and if so, what regulations and enforcement need to be put in place. Should be interesting!
What information exactly is the CFPB after you may ask? There are almost 30 questions outlined by the CFPB to help give you a hint, check them out for yourself, but I sampled a few below.
What types of data do data brokers collect, aggregate, sell, resell, license, derive marketable insights from, or otherwise share?
- What do data brokers do with the data they collect other than the aggregation, selling, reselling, or licensing of data?
- Please provide information about specific types of data that are financial in nature, such as information about salary, income sources, spending, investments, assets, use of financial products or services, investments, signals of financial distress, etc.
What sources do data brokers rely on to collect information? What collection methods do data brokers use to source information?
- What specific types of information do data brokers obtain from public records databases? Which public records sources do data brokers use?
- Are people unknowingly deceived or manipulated into supplying data to data brokers? Describe the nature of such deception or manipulation.
- What technological components facilitate brokers’ collection of data, including but not limited to: tracking scripts, web-based plug-ins, pixels, or software development kits (SDKs) in Apps?
Which specific entities and types of entities purchase data from data brokers? How do these entities use the purchased data?
- What specific uses concern marketing, decisioning, fraud detection, or servicing related to consumer financial products and services?
- What, if any, restrictions do data brokers impose on the use of such data?
The writing is all over the wall, and changes are coming no matter what you hear, are you going to be at the forefront helping to guide the way or will you be left in the dust? Time will tell.