New federal database will include 227 million Americans' SSNs, entire credit history...
New federal database will track Americans' credit ratings, other financial information
BY RICHARD POLLOCK | MAY 30, 2014 | 6:00 AM
As many as 227 million Americans may be compelled to disclose intimate details of their families and financial lives -- including their Social Security numbers -- in a new national database being assembled by two federal agencies.
The Federal Housing Finance Agency and the Consumer Financial Protection Bureau posted an April 16 Federal Register notice of an expansion of their joint National Mortgage Database Program to include personally identifiable information that reveals actual users, a reversal of previously stated policy.
FHFA will manage the database and share it with CFPB. A CFPB internal planning document for 2013-17 describes the bureau as monitoring 95 percent of all mortgage transactions.
FHFA officials claim the database is essential to conducting a monthly mortgage survey required by the Housing and Economic Recovery Act of 2008 and to help it prepare an annual report for Congress.
Critics, however, question the need for such a “vast database” for simple reporting purposes.
In a May 15 letter to FHFA Director Mel Watt and CFPB Director Richard Cordray, Rep. Jeb Hensarling, R-Texas, and Sen. Mike Crapo, R-Idaho, charged, "this expansion represents an unwarranted intrusion into the private lives of ordinary Americans."
Crapo is the ranking Republican on the Senate Banking, Housing and Urban Affairs Committee. Hensarling is chairman of the House Financial Services Committee.
Critics also warn the new database will be vulnerable to cyber attacks that could put private information about millions of consumers at risk. They also question the agency’s authority to collect such information.
Earlier this year, Cordray tried to assuage concerned lawmakers during a Jan. 28 hearing of Hensarling's panel, saying repeatedly the database will only contain “aggregate” information with no personal identifiers.
But under the April register notice, the database expansion means it will include a host of data points, including a mortgage owner’s name, address, Social Security number, all credit card and other loan information and account balances.
The database will also encompass a mortgage holder’s entire credit history, including delinquent payments, late payments, minimum payments, high account balances and credit scores, according to the notice.
The two agencies will also assemble “household demographic data,” including racial and ethnic data, gender, marital status, religion, education, employment history, military status, household composition, the number of wage earners and a family’s total wealth and assets.
Only 12 public comments were submitted during the 30-day comment period following the notice's April 16 publication.
The mortgage database is unprecedented and would collect personal mortgage information on every single-family residential first lien loan issued since 1998. Federal officials will continue updating the database into the indefinite future.
The database held information on at least 10.1 million mortgage owners, according to a July 31, 2013, FHFA and CFPB presentation at an international conference on collateral risk.
FHFA has two contracts with CoreLogic, which boasts that it has “access to industry’s largest most comprehensive active and historical mortgage databases of over 227 million loans.”
Cordray confirmed in his January testimony that CoreLogic had been retained for the national mortgage database.
The credit giant Experian is also involved in the mortgage database project, according to an FHFA official who requested anonymity.
Rep. Randy Neugebauer, R-Texas, who sits on the Hensarling panel and who has followed the mortgage database's development, said he was “deeply concerned” about the expansion.
“When you look at the kinds of data that are going to be collected on individuals, just about anything about you is going to be in this database,” he told the Examiner in an interview.
Critics of the database span the financial spectrum, including the U.S. Chamber of Commerce's Center for Capital Markets Competitiveness and the National Association of Federal Credit Unions.
In a May 16 letter to FHFA, NAFCU's regulatory affairs counsel, Angela Meyster, said the database "harbors significant privacy concerns" and "NAFCU believes greater transparency should be provided by the FHFA and CFPB on what this information is being used for."
Meyster told the Examiner that "it goes back to the breadth of information that they’re asking for without really speaking to what they will be used for."
Meyster said she was unconvinced. "It seems they’re just adding information and they’re not really stating where it’s going or what it’s going to be used for. There’s no straightaway answer. They say they are trying to assemble as much information that they can."
Neugebauer agreed. "Why are we collecting this amount of data on this many individuals?" he asked in the interview.
The Chamber of Commerce said that while Congress did ask for regular reports, it never granted FHFA the authority to create the National Mortgage Database.
“Congress did not explicitly require (or even explicitly authorize) the FHFA to build anything resembling the NMD,” the Chamber told Watt in its May 16 letter.
Cordray in his testimony told the House, "We’re making every effort to be very careful" but he could not promise there would never be a data breach.
Neugebauer said the hacker threat is real. "If someone were to breach that system, they could very easily steal somebody’s identity."
Meyster said she doubts the government can protect the data. “We’re essentially concerned that these government systems don’t have the necessary precautions to make sure that individual consumers are identified through the database,” she said.
Computerized theft of government and commercial data is a major concern for federal officials. Indictments were made public last week for five Chinese military members who allegedly hacked into the computer systems of six American corporations.
A December report from the Government Accountability Office on breaches containing personally identifiable information from federal databases shows unlawful data breaches have doubled, from 15,140 reported incidents in 2009 to 22,156 in 2012.
A May 1 White House report on cybersecurity of federal databases also recently warned, "if unchecked, big data could be a tool that substantially expands government power over citizens.”