The Consumer Financial Protection Bureau (CFPB) is moving forward its plan to give consumers more control over their personal financial data.
On Thursday, the CFPB proposed its personal financial data rights rule. The action builds upon a proposal outlined by the agency last year as part of its desire to accelerate the shift toward open banking.
“A more decentralized market structure will give consumers more control and minimize the ability for companies to take customers for granted,” said CFPB Director Rohit Chopra in a statement. “Our proposed rule builds on existing efforts in the industry today to promote decentralization.”
Under the rule, consumers would be given rights to grant third parties access to information associated with their credit card, checking, prepaid, and digital wallet accounts, with an eye toward allowing individuals to more easily switch providers. Such data access would be subject to certain conditions to ensure the data is not misused, the CFPB said, and consumers would be allowed to revoke company access to their data.
“Companies receiving data can only use it to provide the product people asked for and for nothing else,” said Chopra. “When a consumer permits their private data to be used by a company for a specific purpose, it is not a free pass for that company to exploit the data for other uses.”
The rule would require data access to be terminated after one year, absent reauthorization by the consumer.
Comments on the rule are due by Dec. 29. Should it be approved, its requirements would be implemented in phases, beginning with larger providers, the CFPB said. Community banks and credit unions with no digital interface with their customers would be exempt from the rule’s requirements.