New Consumer 'Protection' Head Is No Stranger to Privacy Violation Scandals
"It's not about the man." That's what Senate Democrats said about GOP opposition to Consumer Financial Protection Bureau director Richard Cordray before his successful confirmation vote on Tuesday, after enough Republicans caved to Senate Majority Leader Harry Reid's threat of the "nuclear option" of ending the 60-vote cloture rule for debate on nominees.
"There are no objections to him on substance," White House spokesman Jay Carney declared earlier this year. And the most of the establishment Washington press corps - save Bloomberg News Service - dutifully relayed Carney s sentiments. This week, the Associated Press transcribed President Obama's comments that "Republicans in the Senate refused to give Rich a simple yes or no vote, not because they didn't think he was the right person for the job, but because they didn't like the law that set up the consumer watchdog in the first place," without citing any voices to dispute this.
But, it was - or, it should have been - largely about the man. In his 19-month "recess" tenure at CFPB, Cordray has established a pattern of mismanagement and abuse. Most frighteningly, under Cordray's leadership, the CFPB is building an extensive database of tens of millions of Americans' private financial transactions; it smacks of the National Security Agency scandal, but lacks the justification of fighting terrorism. Cordray also displayed a disturbingly cavalier attitude toward Americans' privacy as attorney general of Ohio. Senators shouldn't be afraid to question his fitness to serve.
And, Cordray wasn't all that sensitive to abuses of private data in his previous position of Ohio attorney general. In fall 2008, after Joe "the Plumber" Wurzelbacher complained to candidate Barack Obama about his tax hikes in a famous exchange, three employees of the Ohio Department of Jobs and Family Services accessed his confidential data through state databases. Each of the employees resigned or was dismissed after an inspector general's finding that the databases were improperly accessed.
Yet, AG Cordray chose to use taxpayer funds to pay the employees' legal bills when Wurzelbacher sued them. Cordray himself pointed out to the Dayton Daily News that the state was not required to defend employees when they acted "manifestly outside the scope of [their] official employment or official responsibilities, with malicious purpose, in bad faith or in a wanton or reckless manner."
To be sure, Republicans have also raised important concerns about the process by which Cordray became head of the CFPB to begin with, as well as about the bureau's lack of accountability under any director. The day President Obama installed Cordray through a recess appointment, he also appointed three members to the National Labor Relations Board. Two federal courts have ruled the NLRB appointments unconstitutional because they occurred when Congress was not officially in recess.
Senate Republicans, as well as experts on bureaucracy, have also objected to the lack of checks on the CFPB: The bureau does not get its funding from congressional appropriations, but from the bank fees paid to the Federal Reserve; it has all the powers of an independent agency such as the Securities and Exchange Commission but is run by a single director instead of a deliberative board that includes members of the minority party; and, once confirmed, a director will serve a five-year term and be virtually unremovable by the next president. My organization, the Competitive Enterprise Institute, is a plaintiff in a lawsuit challenging the constitutionality of both the "recess" appointment and the separation-of-powers violations in the CFPB's structure.
But, through his reckless actions as head of the CFPB during his unconstitutional tenure there,
Cordray has made this fight about "the man." More senators and the press should have followed the lead of Senate Banking Committee ranking member Mike Crapo (R., Idaho), who has been diligently digging into details about the CFPB's NSA-style database. Cordray and colleagues have revealed little information about the database, and it does not seem to be authorized by the Dodd-Frank "financial reform" statute that set up the bureau.
Crapo, a consistent advocate of privacy who called for limits on the surveillance provisions of the PATRIOT Act during the Bush administration, declared forcefully at an April hearing, "The bureau was founded with a mission to watch out for American consumers, not to watch them." Crapo also made these points in his excellent speech on the Senate floor before Cordray's confirmation vote. And if liberal critics of the NSA were as consistent on privacy rights as Crapo is, the CFPB's massive data-collection efforts would make them shudder.
"The Consumer Financial Protection Bureau is demanding records from the banks and is buying anonymous information about at least 10 million consumers," Bloomberg reported in April. And at a House Financial Services Committee hearing last week, CFPB acting deputy director Steven Antonakes, while refusing to answer questions about how many Americans the bureau currently has data on, revealed that bureau hopes to monitor 900 million credit-card accounts. As The Daily Caller's Brendan Bordelon points out, this represents nearly 80 percent of the U.S. credit-card market.
Cordray has two responses when asked about this database. One is that these mounds of data are needed for the CFPB to understand the markets it is regulating. "Big data is the cutting edge of analysis and research right now," Cordray said in response to Crapo at the April hearing. "It is the way of the world." (See just after 19:00 in the video.) The other is not to worry, since the CFPB blocks out "personally identifiable information," such as names and Social Security numbers.
As to the first point, the CFPB has yet to explain why it can't "understand" markets with statistical sampling of at most a few thousand consumers. That's the way other agencies have done it for decades.
And on the "anonymizing" of data, as Cordray and other CFPB officials call it, the process is unclear, and the CFPB is evasive in answering the questions raised by the agencies' contracts with data firms. At the House hearing last week, Representative Sean Duffy (R., Wis.) cited a contract obtained by the watchdog group Judicial Watch indicating that an individual's age, postal code, and Census block identifier are all included in the CFPB database. Privacy experts also say that handling and storage of such voluminous amounts of confidential data will almost certainly be vulnerable to hacking and abuse.
When Republican Mike DeWine, Ohio's current AG, hammered Cordray on the campaign trail in 2010 for giving aid and comfort to these privacy violators, Ohio voters rejected Cordray.
The U.S. Senate should have followed their lead, and the press should have given all of Cordray's issues the full hearing the American public deserved.
Editor's Note - John Berlau is senior fellow for finance and access to capital at the Competitive Enterprise Institute. CEI research associate Kyle Tassinari contributed to this article.