- The Trump administration wanted to block data brokers from selling info on US citizens
- The plan has now been abandoned
- Data brokerage is a multibillion-dollar industry
The plan to prevent data brokers from selling personal and financial information generated from American citizens has been scrapped.
In the US, data brokers can harvest and sell sensitive information on the country’s citizens, including names, addresses, Social Security numbers, browsing history data, purchase history, location data, and more. Usual buyers include advertisers and marketers, financial institutions, recruiters, government organizations, and insurance companies.
In late 2024, the Consumer Financial Protection Bureau (CFPB) announced plans to adjust the Fair Credit Reporting Act, a federal law that regulates how consumer credit information is collected, used, and shared. It was supposed to treat data brokers the same as any other company, which should have forced them to comply with the law’s privacy rules.
Protecting the citizens
However, that rule was withdrawn recently, TechCrunch reported, citing a new listing in the Federal Register. Apparently, the CFPB’s acting director, Russell Vought, wrote that the rule is “not aligned with the Bureau’s current interpretation” of the Fair Credit Reporting Act.
The CFPB wanted to prevent data brokers from selling data on US citizens citing privacy risks, discrimination, lack of transparency, and regulatory gaps. Allegedly, the goal was to protect consumers from harmful or unfair use of their personal information. TechCrunch says that last year the FTC banned “several data brokers” from collecting and sharing data without the permission of the individuals.
It is also worth mentioning that data is the fuel for most cyberattacks these days. Sensitive data is essential in phishing and spear-phishing attacks, identity theft, and can often be useful in brute-forcing passwords. That’s why the data brokerage industry is often the target itself.
In the last couple of years, there were multiple high-profile cyberattacks against data brokerage and housing organizations, including the 2023 23andMe attack, the 2024 National Public data breach, and the 2024 Snowflake incident.
Via TechCrunch
You might also like
https://cdn.mos.cms.futurecdn.net/SEXM8ah9EKKpBKB22d7Ak3.jpg
Source link
