by jeff Sovern
The American Banker has the story, in a report headlined Is CFPB’s data freeze about security or a political ploy? The article quotes Minnesota's Prentiss Cox, as saying "This is a very thinly veiled attempt to shut down fraud enforcement, which is consistent with the not-even-veiled priority agenda item of the congressional Republicans to eviscerate the CFPB." Senator Elizabeth Warren wrote to Mulvaney to protest the freeze last week, saying:
CFPB cannot fulfill its core functions without collecting personally identifiable information. * * * CFPB bank examiners and enforcement lawyers regularly use account level data provided by regulated institutions to detect improper and unlawful activity. Likewise, the Office of Fair Lending collects and analyzes data to bring lawsuits against financial institutions that discriminate against their customers.
The American Banker article also states:
In his directive, Mulvaney cited concerns about data security laid out in a May 2017 report by the Office of the Inspector General, which found that confidential and sensitive enforcement information was accessible by a wider circle of CFPB employees than was necessary and prudent. Mulvaney said that staff instead could access aggregate data.
* * *
One unresolved question is why Mulvaney would take so drastic a step in response to a months-old Inspector General's report. Bank regulators – not to mention other government agencies like the Social Security Administration and Internal Revenue Service – deal extensively in highly sensitive personal information and have never been subject to such a drastic directive. Both the Office of Personnel Management and State Department were the subject of extensive security breaches in 2015 and neither were instructed to not collect personal data.