Records Show Warrantless Collection of Personal Financial Data

Published June 27, 2013

Judicial Watch announced in late June it has obtained records from the Consumer Financial Protection Bureau (CFPB) revealing the agency has spent millions of dollars for the warrantless collection and analysis of Americans’ financial transactions. The documents also reveal CFPB contractors may be required to share the information with “additional government entities.”

The records were obtained pursuant to a Freedom of Information Act (FOIA) request filed on April 24, 2013, following the April 23 Senate Banking Committee testimony of CFPB Director Richard Cordray.

“The Obama administration’s warrantless collection of the private financial information of millions of Americans is mind-blowing. Is there anything that this administration thinks it can’t do?” said Judicial Watch President Tom Fitton. “These documents show that the Consumer Financial Protection Board is an out-of-control government agency that threatens the fundamental privacy and financial security of Americans. This is every bit as serious as the controversy over the NSA’s activities.”

Personal Identifiers Created

Among other things, the documents reveal the government is collecting massive amounts of financial and personal data on at least five million Americans without their knowledge or consent. The information includes credit scores, purchases, ZIP codes, year of birth, and a “persistent consumer identifier making it possible to follow consumers over time.”

“In light of other recent disclosures of government data mining at other agencies, this is particularly troubling,” said Rick Manning, vice president of public policy and communications at Americans for Limited Government. “Even if what the Consumer Financial Protection Bureau is getting is randomly selected and anonymized, and even if they only want the information purely for research purposes to monitor credit flows, this is still intrusive information being obtained without the American people’s consent.

“Taken as a whole, all of this data collection amounts to tagging, cataloguing, and monitoring individuals, turning them into nothing more than lab rats to be optimized and incentivized into government-preferred behaviors,” Manning said.

Multiple Credit Agencies Involved

The documents uncovered by Judicial Watch include:

Overlapping contracts with multiple credit reporting agencies and accounting firms to gather, store, and share credit card data as shown in the task list of a contract with Argus Information & Advisory Services LLC worth $2.9 million. These include:

  • Deloitte Consulting: solicitation issue date 11/30/2011, award effective date 05/29/2012;
  • Deloitte Consulting: solicitation issue date 11/30/2011, award effective date 05/29/2012;
  • Argus: solicitation issue date 02/14/2012, award effective date 03/15/2012; and
  • Experian: solicitation issue date 07/03/2012, award effective date 09/24/2012.

In addition there are:

  • A provision stipulating that “The contractor recognizes that, in performing this requirement, the Contractor may obtain access to non-public, confidential information, Personally Identifiable Information (PII), or proprietary information.”
  • A stipulation that “The Contractor may be required to share credit card data collected from the Banks with additional government entities as directed by the Contracting Officer’s Representative (COR).”

Random Sample of Five Million

The full extent of the CFPB personal financial data collection program is revealed in a document obtained by Judicial Watch entitled “INDEFINITE-DELIVERY INDEFINITE-QUANTITY (IDIQ) STATEMENT OF WORK.” Issued by CFPB Contracting Officer Xiaoling Ang on July 3, 2012, the IDIQ document has this stated objective: “The CFPB seeks to acquire and maintain a nationally representative panel of credit information on consumers for use in a wide range of policy research projects.… The panel shall be a random sample of consumer credit files obtained from a national database of credit files.”

To accomplish this objective, the CFPB describes the scope of the program as follows:

The panel shall include 5 million consumers, and joint borrowers, co-signers, and authorized users [emphasis added]. The initial panel shall contain 10 years of historical data on a quarterly basis [emphasis added]. The initial sample shall be drawn from current records and historical data appended for that sample as well as additional samples during the intervening years [emphasis added] to make the combined sample representative at each point in time.”

The CFPB data collection program has been highly controversial since the April 2013 hearing, when Cordray disclosed elements of the venture at a Senate Banking Committee hearing. At the time, the U.S. Chamber of Commerce accused the CFPB of breaking the law by demanding the account-level data without a warrant or National Security Letter.

Source: Judicial Watch and staff reporting