U.S. consumer agency unveils plans to regulate sale of personal data

WASHINGTON – The U.S. consumer protection agency has unveiled plans to regulate the sale of personal data collected by companies.

Consumer Financial Protection Bureau (CFPB) Director Rohit Chopra announced the initiative as part of a broader effort to improve the security of personal data and address risks associated with artificial intelligence (AI).

The agency will establish rules to prevent misuse of personal data by data brokers and ensure compliance with the Fair Credit Reporting Act.

The CFPB intends to tighten disclosure of such data to protect the privacy of individuals, particularly vulnerable groups.

The move follows years of concerns about the security of personal data in the U.S., sparked by incidents such as the Cambridge Analytica scandal.

Comparisons with stricter privacy rules in China and the EU have raised questions about U.S. policy.

Congress has shown interest in privacy issues but has yet to pass major legislation.

According to Chopra, the plan calls for defining any company that sells personal data as a consumer reporting agency. This would trigger the enforcement of higher standards for accuracy, disputes, and abuse.

The second plan would clarify issues related to “credit data,” which is data used by credit reporting agencies and often includes sensitive personal information such as Social Security numbers.

“To ensure that modern-day data companies assembling profiles about us are meeting the requirements under the Fair Credit Reporting Act, the CFPB will be developing rules to prevent misuse and abuse by these data brokers,” said Chopra.

The Fair Credit Reporting Act regulates when “consumer reporting agencies” can share a person’s information.