Skip to main content

Data brokers may be banned from selling your personal data without good reason

Data brokers may be banned from selling your personal data without legitimate justification, under a new proposal by the Consumer Financial Protection Bureau (CFPB). Back in the summer it was revealed that one of these brokers was hacked, resulting in the compromise of personal data for every person in the US, UK, and Canada.

The proposed change would limit the sharing of sensitive data like your name and social security number by subjecting data brokers to the same rules as credit checking agencies …

A law called the Fair Credit Reporting Act (FCRA) places significant restrictions on when credit agencies can share your sensitive data. Data brokers – companies which make money by buying personal data and then reselling it – are not currently subject to the law, and that’s something the CFPB wants to change.

The Hill reports on the proposed change.

In a press call discussing the proposal, CFPB Director Rohit Chopra said the pitched rule would make “it clear that many of these data brokers, like credit bureaus and background check companies, are subject to federal protections under the FCRA.”

“This means they could no longer dodge their obligations and would need to follow the same consumer protections as major credit bureaus, including accuracy requirements and providing consumers with access to their own information.”

It would mean that any sensitive personal data sold by a broker would be considered as selling a consumer credit report, and subject to the same restrictions. A key restriction is that data could only be sold for legitimate purposes like establishing your eligibility for credit.

“This would mean that consumer reporting agencies could only sell such information—so-called ‘credit header’ data—if the user had a permissible purpose under the FCRA,” the CFPB said, while describing certain purposes like “evaluating a consumer’s eligibility for credit, insurance” and employment.

The CFPB says there is widespread support for its proposal. One of the key concerns is that personal data can be bought by shell companies owned by criminals, who then use it for identity theft and other scams.

While the new rule wouldn’t prevent data breaches like the one in the summer, it would mean greatly reduced sales of personal data, with some brokers likely forced out of business.

Photo by Hack Capital on Unsplash

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications