CFPB enhances data privacy and cybersecurity rules

The new legislation will restrict the exploitation of personal data in background screenings and credit reports

Cybersecurity

Source: shutterstock.com

The Consumer Financial Protection Bureau (CFPB) introduced new regulations on cyber security and data privacy under the Fair Credit Reporting Act. The Act dictates how companies collect and report consumer data for credit, insurance, housing, and employment. 

"Americans are now subject to round-the-clock surveillance by large commercial firms seeking to monetize their personal data. While Congress and regulators must do more to protect our privacy, the CFPB will be taking steps to use the Fair Credit Reporting Act to combat misuse and abuse of personal data on background screening and credit reports.”
Rohit Chopra
CFPB

Under the new rules, additional layers of security will protect consumers and permit companies to collect data only when it’s crucial for their services. The advisory also reminds covered entities of potential criminal liability for misconduct.

In particular, the watchdog plans to hold companies accountable for illegal debt collection and false identification of consumers in background reports. Violators can face criminal penalties and imprisonment.

  • The Act will enhance matching procedures and define permissible report purposes;
  • It will be unlawful to provide credit reports of multiple people as “possible matches”;
  • Disclaimers about insufficient matching policies would not legitimise violations;
  • Covered entities mustn’t supply background reports to unauthorised individuals.

Thus, the law will also restrain big tech frivolous use of private data and safeguard compliance with Congress regulations. 

SEE MORE:

Here’s what Americans think of their personal data privacy control

How to train more cybersecurity savvy employees

5 privacy considerations to handle customer data in your e-commerce