Related Articles
-Editorial
The U.S. government has quietly abandoned a critical effort to protect your personal data, effectively giving data brokers continued freedom to sell highly sensitive information—like your Social Security number, credit score, and exact location—often without your knowledge or consent.
The Consumer Financial Protection Bureau (CFPB) had been developing a rule that would require data brokers to get your permission before selling this information. Proposed under former CFPB director Rohit Chopra, the regulation aimed to apply the same privacy standards that govern credit bureaus to the booming, largely unregulated data broker industry.
But on Tuesday morning, acting CFPB director Russell Vought officially withdrew the proposal. In a quiet notice published in the Federal Register, Vought stated that the rule no longer aligned with the agency’s current interpretation of the Fair Credit Reporting Act. There was no press conference. No formal announcement. Just silence.
Privacy advocates and national security experts immediately voiced concern. “Russell Vought is undoing years of bipartisan work to prop up the predatory surveillance of Americans,” said Sean Vitka, executive director of Demand Progress.
The decision followed a letter from the Financial Technology Association (FTA)—a powerful lobbying group representing banks, lenders, and fintech firms—urging the CFPB to abandon the rule. The FTA argued the regulation could hinder efforts to prevent financial fraud.
Many Americans don’t realize that data brokers operate behind the scenes, building massive digital profiles that detail everything from your shopping habits to your political beliefs. These profiles are bought and sold with little transparency.
In one high-profile case, the Texas Attorney General accused Arity—a firm owned by Allstate—of selling driving data from over 45 million Americans without their consent. Another broker, Gravy Analytics, suffered a major data breach that may have exposed the movements of military personnel and politicians.
This isn’t just an issue of privacy. It’s about physical safety and national security. Domestic abusers use data broker-fueled people-search websites to stalk victims. Foreign actors can purchase data on U.S. service members and use it for blackmail, coercion, or surveillance. A 2023 West Point-funded study concluded the data broker ecosystem poses a direct threat to national security.
With the CFPB’s rule now dead, the status quo remains:
- Scam calls, phishing texts, and spam emails will continue to rise.
- U.S. military members and intelligence officials remain vulnerable to foreign tracking.
- Personal data can still be bought and weaponized by hostile nations.
- Survivors of abuse may find their private information more exposed than ever.
- Insurance companies may use quietly collected data to justify rate hikes—without you ever knowing.
Veteran groups and privacy organizations are demanding accountability. Naveed Shah, an Iraq War veteran and political director of Common Defense, condemned the move: “For the sake of military families and our national security, the administration must reverse course.”
Caroline Kraczon, a consumer protection fellow at the Electronic Privacy Information Center, called the withdrawal “another attack in the administration’s war against consumers.”
Meanwhile, the CFPB itself is being gutted. Over 1,400 employees were laid off last month, leaving just 300 behind. The layoffs are part of a broader federal overhaul driven by Elon Musk’s Department of Government Efficiency (DOGE). Musk has publicly urged President Trump to shut down the CFPB entirely.
As oversight vanishes, Americans are left exposed. Private data will continue to be bought and sold. The people tasked with protecting your privacy? Dismissed. And those profiting from your digital footprint? Thriving.
The bottom line: your personal data is still for sale and now, the watchdog that was supposed to protect it has stepped aside.