Sen. Tim Scott of South Carolina, a Republican presidential contender, is leaning into criticism of the Consumer Financial Protection Bureau for leaking data from more than 250,000 consumers earlier this year.
News of the unauthorized data leak comes as CFPB Director Rohit Chopra is pursuing a new rule requiring lenders to collect far more information from small business borrowers, raising concerns about the security of that data.
Scott spokeswoman Ryann DuRant confirmed the senator, the ranking member of the Senate Banking Committee, has no intention of dropping the matter.
“This is something the ranking member will continue to press Director Chopra on — especially as the CFPB, under the director, pushes new rules seeking even more data from American consumers,” DuRant said. “If the CFPB cannot protect the data it has now, why should Americans trust it with more data?”
Under the CFPB rule, financial institutions must collect a ream of census, business and demographic information about small-business loan applicants.
“Lenders will collect and report information about the small-business credit applications they receive, including geographic and demographic data, lending decisions, and the price of credit. The rule will work in concert with the Community Reinvestment Act, which requires certain financial institutions to meet the needs of the communities they serve,” the agency said in a statement.
Critics like Scott, however, point out a CFPB staffer leaked 256,000 consumers’ data.
During June’s oversight hearing featuring Chopra, Scott leaned into the data leak issue and CFPB’s push for more data collection.
“Under your leadership, the CFPB learned of a major data breach in its own backyard, impacting more than a quarter-million consumers. At the same time, the CFPB was finalizing the rule that requires lenders to collect and report a vast swath of small-business lending data on credit products, including personally identifiable information like race, sex and ethnicity, to the CFPB. The irony here is just astounding,” Scott told the director.
That hearing followed a formal request to CFPB from Scott for further information on the data leak in April. In that request, Scott also tied CFPB’s “irresponsible handling of consumer’s financial information” to the “failures of (Silicon Valley Bank) and Signature Bank.” Scott said, “Our regulators and agencies need to take responsibility for their failures and be held accountable.”
The data leak, which occurred in February but was not disclosed to lawmakers until late March, continues to vex leaders, including Scott, in part because the circumstances of the leak could legally amount to theft. It is unclear whether the former employee has been charged with a crime in the incident. When questioned by Congress earlier this month, Chopra danced around the question of how long it took for CFPB to contact the companies whose customers’ data was involved in the leak.
Scott’s leadership on privacy issues could boost his presidential bid in the traditionally more libertarian-minded state of New Hampshire. An American Greatness/National Research poll conducted in June showed Scott at 7 percent in the Granite State, having gained six points in a month.
Scott also highlights what he sees as the progressive politics behind this push for more data, another issue that could appeal to primary voters concerned about “woke” government politics. The CFPB says, for example, that one of its primary goals is to “combat unlawful discrimination” using the new demographic information they want to collect.
“It is no secret that Director Chopra wants to collect more and more data in order to push out progressive regulations. Why should the CFPB be trusted to collect more data, burdening financial institutions and potentially limiting services for consumers, when they themselves have demonstrated an irresponsible handling of consumer’s financial information?”