Would You Trust the CFPB with Your Credit Card?

The Washington Examiner tells us that the Consumer Financial Protection Bureau (CFPB) has set itself the goal of monitoring 80 percent of all credit card transactions conducted in the U.S. In fact, that objective is clearly stated in the bureau’s Strategic Plan, but it’s nevertheless managed to slip under my radar, even though the watchdog had almost reached its goal as early as last year, according to the Washington Examiner’s report. For all we know, by now the CFPB may have already exceeded that threshold.

But why does a consumer protection agency need to collect data on how we use our credit cards? How does that help them protect our interests? See, ever since the CFPB was created, this blogger has been deeply ambivalent about the bureau’s goals and its potential for positive effects on consumer welfare. I’ve said before that “while the bureau did launch itself into some dubious projects, like its attempt to simplify credit card agreements, on the whole the CFPB has thus far performed quite well”. Then the bureau moved against debt collectors, releasing a bulletin, which did a lot of damage by conveying the message that paying off charged-off credit card accounts is unnecessary and has little or no effect on consumers’ future loan prospects. But the credit card data collection project currently under way must be the most controversial of the bureau’s efforts. Let’s take a look at what we know so far.

Why Does the CFPB Need Our Credit Card Data?

According to the CFPB’s Strategic Plan, the watchdog wants to “acquire and maintain a credit card database at the summary and loan-levels covering approximately 80% of the credit card marketplace”. Why does the bureau need all these data? Well, here is what the CFPB tells us:

In all of the data used for its analyses, the Bureau will work to ensure that strong protections are in place around personally identifiable information.

That’s it! Of course, the CFPB is telling us not to worry:

Datasets will aggregate information such that no information is personally attributable or identifiable, and research/analysis products resulting from such data will use similarly anonymous information as appropriate. The Bureau treats the information collected from participating persons and institutions consistently with our confidentiality regulations and all data and analyses are subject to legal and privacy review prior to their release.

But what I would like to know is precisely how having access to the information about my transaction activity would help the bureau to protect me. Much as I struggle to come up with a plausible scenario to justify CFPB’s interest, I just can’t do it. See, a set of credit card transaction data tells you where and when a payment was made and what the sales amount was. What it can’t tell you, however, is who used the card — the legitimate cardholder or someone else. And, by the way, even if the transaction proves to be fraudulent, there already is a very well established process for rectifying the problem: the transaction is disputed and the amount is immediately credited back to the account. The cardholder holds no liability at all for the fraudulent amount and if there are any monetary losses, they are split between the merchant and the card issuer.

So, as I said, consumers are already very well protected against fraudulent credit card transactions. But could it be that the CFPB might need the transaction data for some other protective purposes? Well, I can’t think of any and the bureau isn’t telling us. What we do know is that they are collecting absolutely huge amounts of data.

How Much Is 80%?

The Washington Examiner has done the work for us:

The U.S. Census Bureau reports that 1.16 billion consumer credit cards were in use in 2012 for an estimated 52.6 billion transactions. If CFPB officials reach their stated “performance goal,” they would collect data on 42 billion transactions made with 933 million credit cards used by American consumers.

And the watchdog hasn’t exactly been keeping us up-to-date on the progress it’s making, as one of the senators sitting on the House Financial Services Committee has told Richard Cordray — CFPB’s chief — during a hearing on the data-mining program, as quoted in the Washington Examiner piece:

“The agency has never given us a number of how many Americans have been surveilled. However, we’ve seen in their disclosures they are collecting 80 percent of credit cards in America, 1.16 billion credit cards, which means that they are collecting information on just under a billion credit cards in America. That’s a scary number,” Duffy said.

What Cordray did say, in his defense of his agency’s data-mining practice, was that the CFPB is monitoring credit card usage at 110 banks, including Chase, Bank of America, Capital One, Discover and American Express — five of the six biggest card issuers in the U.S. (Citi is the sixth). Curiously, the Examiner tells us that, when CFPB’s data-mining operation was compared to the National Security Agency’s surveillance program, “Cordray angrily replied that “there is no comparison between the NSA and the CFPB”. But what’s the difference?

The Takeaway

I have absolutely no idea what the CFPB is doing with all the credit card data it is collecting, but I can’t see how they can possibly be using the information for any constructive purposes. An argument can be made that the agency can’t be doing much harm with the data, either, but that doesn’t quite sound as a winning slogan for the data-mining program. Moreover, at the very least the agency must be spending large amounts of money on collecting, storing, securing and otherwise managing what should be terabytes of credit card data. For that reason alone, the CFPB should discontinue the program.

Image credit: Flickr / Consumer Financial Protection Bureau.