Sen. Ed Markey (D-Mass.) weighed in today on the importance of security of customers’ financial data when they share it with third parties. In a letter to the Consumer Financial Protection Bureau, Markey urged the agency to balance the need to protect customers’ data with the need to access to data as the bureau considers rulemaking under Section 1033 of the Dodd-Frank Act.
“Consumers also have a vested interest in knowing what happens to their data once it is transferred to third parties,” Markey wrote. “Third parties need to make consumers aware if and in what form their data will be resold or reused for other purposes.”
Markey noted that some third parties access customer data by having customers turn over their digital banking login credentials, a practice known as “screen scraping.” The American Bankers Association has long advocated for consumers to have secure means of accessing their data but has expressed concern about the risks when customers provide their online banking credentials, which allow full account access, to third parties. ABA has urged the CFPB to avoid prescriptive regulations in order to avoid limiting bank and fintech innovation in this area — with APIs, for example.