A recent Law 360 article (paywall) lays out a possible tell from CFPB Director Rohit Chopra that the FCRA could soon become a vehicle against tech companies. “Although the FCRA is better known as the law that regulates the activities of traditional credit bureaus, background check companies and tenant screening services, Chopra has hinted that he sees Silicon Valley’s collection and monetization of consumer data as potentially within the law’s scope…Not only does coverage invite the possibility of direct supervision by the CFPB, it also comes with a tangle of compliance requirements around data accuracy, transparency and access that aren’t easy — or cheap — to meet.”
We know that the CFPB has taken a heightened interest of late in tech companies,
everything from how these companies police platform access to what they do with the payment data they gather — issues that he has in turn often linked to consumer protections provided under payments-related laws like the Electronic Fund Transfer Act and privacy-related laws like the Gramm-Leach-Bliley Act.
But Chopra also invoked Big Tech earlier this month in connection with an unrelated CFPB advisory opinion on credit reporting, issuing a statement in which he observed that ‘tech giants … may be trafficking data and consumer reports that triggers obligations under the FCRA, including restrictions on permissible purposes.’
Last week, Chopra appeared on Marketplace and in his interview with Kimberly Adams, “Chopra named the FCRA as one of several CFPB-administered laws that he said ‘are directly related to many of Big Tech’s ambitions,'” said Law 360.
Plenty of companies structure their businesses to avoid classification as a consumer reporting agency, the article notes. “But there is nothing to stop the CFPB from conducting its own independent analysis under the FCRA to argue that a tech company is substantively engaged in consumer reporting, despite what its contracts and disclaimers might say.”