#1
OP 04 December, 2024 - 11:03 AM
[Image: Capture-d-cran-2024-12-04-100247.png]
On December 2, 2024, the Consumer Financial Protection Bureau (CFPB) released a long-awaited draft of rules that affect how brokerage companies handle and distribute people’s personal information, including data such as name, address, and other sensitive information. The main goal of the change is to tighten controls over the distribution of this information by restricting access to it and preventing it from being sold on the market to fraudsters and cybercriminals.

How does it work?
The proposed changes are aimed at combating the spread of “credit headers” — personal information that contains not only a person’s name and address, but also other personal data such as date of birth, Social Security number, and phone number, which is currently shared with many companies without proper controls. This data becomes available to companies and criminals, which sometimes leads to violence and crime.

Experts have shown how hostile governments and criminal organizations can easily buy such information. 404 Media previously revealed that the supply chain of this data is linked to cybercriminal violence that has affected not only criminals but also ordinary citizens, including journalists and other vulnerable groups.

What is the proposed new rule?
If the rule goes into effect, it would change the laws surrounding the trade in personal information. Under the new proposal, companies selling such data would be classified as “consumer reporting agencies” under the Fair Credit Reporting Act (FCRA). This decades-old law limits the distribution of credit data to only certain purposes, such as lending, insurance, or job screening.

However, many data brokers currently use and sell such data for other purposes, such as marketing. With the new rules, these restrictions would apply to these companies as well, limiting the flow of data into the hands of criminals.

Why is this important?
Criminals often access data through financial institutions. For example, when people give out their information to get a loan, credit bureaus like Experian, TransUnion, and Equifax pass that information on to other companies. Fraudsters use this as a chain of command to obtain the data by hacking into accounts at these companies or faking access.

Previously 89JqxYhwkS2fejRrz7XZ1hexF7DoXPf1YUHvn93BaFG5Kirve1JY4waTfhxJuJzEMYVJA8G2qXXAT7QW7rJs4tsAUQRjdabTelegram to instantly “dox” (reveal personal information) anyone for a minimal fee, sometimes as little as $15. This data is often used for robberies, swatting (fake police calls), and other types of threats.

Consumer Protection and National Security
The CFPB says the new rule will help limit the ability to sell personal data that could be used to stalk, harass, or commit other crimes, including against people seeking protection from violence, such as domestic violence victims.

Under the proposed changes, companies that collect and sell personal data would only be able to sell that data when there is a legitimate purpose, such as for credit, insurance, or employment background checks.

It is surprising that they are adopting this law exactly a week after a similar law was published in the Russian Federation, which affected all prob-bots in Telegram

source : https://www.404media.co/u-s-government-t...edit-data/