CFPB orders tech companies to submit payment system information
On October 21, the CFPB issued orders to six large U.S. technology companies seeking information and data on their payment system business practices. The Bureau stated that the information is intended to help the Bureau understand how these companies use personal payments data and manage data access to users. The Bureau issued the orders citing its authority under the CFPA, Section 1022(c)(4), which grants the agency “statutory authority to order participants in the payments market to turn over information to help the Bureau monitor for risks to consumers and to publish aggregated findings that are in the public interest.” The Bureau’s press release also noted it intends to study the payment system practices of two major Chinese tech companies.
The Bureau made available an example order that contains 55 requests seeking various information and data on several topics, including: (i) “[d]ata harvesting and monetization”; (ii) “[a]ccess restrictions and user choice”; and (iii) documents and information related to payment platforms and compliance with federal consumer protection laws, such as the EFTA and the Gramm-Leach-Bliley Act. Citing consumer data and privacy expectations, the Bureau explained that “[c]onsumers expect certain assurances when dealing with companies that move their money. They expect to be protected from fraud and payments made in error, for their data and privacy to be protected and not shared without their consent, to have responsive customer service, and to be treated equally under relevant law.”
Director Rohit Chopra issued a statement commenting on the purpose of the orders. He noted that the Bureau’s inquiry “is one of many efforts within the Federal Reserve System to plan for the future of real-time payments” and that it “will help to inform regulators and policymakers about the future of our payments system.”