What could possibly go wrong? Federal agencies are building a massive database to collect personal financial data

The federal government is building a database that will contain extensive personal financial information for over 200 million Americans, the Washington Examiner reports:

The Federal Housing Finance Agency and the Consumer Financial Protection Bureau posted an April 16 Federal Register notice of an expansion of their joint National Mortgage Database Program to include personally identifiable information that reveals actual users, a reversal of previously stated policy.

FHFA will manage the database and share it with CFPB. A CFPB internal planning document for 2013-17 describes the bureau as monitoring 95 percent of all mortgage transactions.

FHFA officials claim the database is essential to conducting a monthly mortgage survey required by the Housing and Economic Recovery Act of 2008 and to help it prepare an annual report for Congress.

[U]nder the April register notice, the database expansion means it will include a host of data points, including a mortgage owner’s name, address, Social Security number, all credit card and other loan information and account balances.

The database will also encompass a mortgage holder’s entire credit history, including delinquent payments, late payments, minimum payments, high account balances and credit scores, according to the notice.

The two agencies will also assemble “household demographic data,” including racial and ethnic data, gender, marital status, religion, education, employment history, military status, household composition, the number of wage earners and a family’s total wealth and assets.

The National Mortgage Database (NMD) website insists that “We Are Protecting Your Information”:

Information in the database will not identify any individual and we have put safeguards in place to ensure that information in the database is handled in accordance with federal privacy laws and the Fair Credit Reporting Act.

Critics like the U.S. Chamber’s Center for Capital Market Competitiveness disagree with this assertion. A CCMC letter to the FHFA states that the database “will intrude unnecessarily upon Americans’ privacy, increase the risk of financial fraud and identity theft, and undermine consumer confidence in the security of their financial information.”

CCMC has a number of criticisms with the database:

  • “The FHFA has not clearly stated the need for the NMD” nor has it explained “why existing databases or a more limited version of the NMD might not meet the FHFA’s purposes.”
  • The FHFA “lacks clear authority to gather, store, and analyze the vast amounts of sensitive personal and financial information that will be tracked in the NMD.”
  • Federal privacy law “does not allow an agency [FHFA] (here likely acting beyond its authority) to share confidential information with another agency [CFPB] simply because they share similar policy goals.”
  • The FHFA hasn’t adequately explained how this tempting target for hackers will be protected.

Since the FHFA will be sharing the database with the CFPB, it’s important to look at some questionable behavior from this agency. Last month, it was discovered that the agency will spend nearly $400,000 on an all-staff meeting in Washington, D.C. in July. Also earlier this year we found out that a renovation of its Washington, D.C. headquarters has “soared to $145.1 million from a prior estimate of $95 million.”

The CFPB is housed inside the Federal Reserve and isn’t funded by Congress, it is, in the words of Rep. Jeb Henserling (R-TX), Chairman of the House Financial Services Committee, “unaccountable to the American people.”

Both agencies can say, “Trust us,” but in the case of the CFPB, its fiscal track record and the lack of institutional accountability should make us question its ability to keep that promise.

Follow Sean Hackbarth on Twitter at @seanhackbarth and the U.S. Chamber at @uschamber.

EDITORS NOTE: The featured image is by Photographer: Justin Grimes/Flickr. Licensed under a Creative Commons Attribution-Share Alike 2.0 Generic license.