[House Hearing, 114 Congress]
[From the U.S. Government Publishing Office]
EXAMINING THE CONSUMER FINANCIAL
PROTECTION BUREAU'S MASS DATA
COLLECTION PROGRAM
=======================================================================
HEARING
BEFORE THE
SUBCOMMITTEE ON OVERSIGHT
AND INVESTIGATIONS
OF THE
COMMITTEE ON FINANCIAL SERVICES
U.S. HOUSE OF REPRESENTATIVES
ONE HUNDRED FOURTEENTH CONGRESS
FIRST SESSION
__________
DECEMBER 16, 2015
__________
Printed for the use of the Committee on Financial Services
Serial No. 114-66
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
U.S. GOVERNMENT PUBLISHING OFFICE
99-797 PDF WASHINGTON : 2016
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Publishing
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800;
DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC,
Washington, DC 20402-0001
HOUSE COMMITTEE ON FINANCIAL SERVICES
JEB HENSARLING, Texas, Chairman
PATRICK T. McHENRY, North Carolina, MAXINE WATERS, California, Ranking
Vice Chairman Member
PETER T. KING, New York CAROLYN B. MALONEY, New York
EDWARD R. ROYCE, California NYDIA M. VELAZQUEZ, New York
FRANK D. LUCAS, Oklahoma BRAD SHERMAN, California
SCOTT GARRETT, New Jersey GREGORY W. MEEKS, New York
RANDY NEUGEBAUER, Texas MICHAEL E. CAPUANO, Massachusetts
STEVAN PEARCE, New Mexico RUBEN HINOJOSA, Texas
BILL POSEY, Florida WM. LACY CLAY, Missouri
MICHAEL G. FITZPATRICK, STEPHEN F. LYNCH, Massachusetts
Pennsylvania DAVID SCOTT, Georgia
LYNN A. WESTMORELAND, Georgia AL GREEN, Texas
BLAINE LUETKEMEYER, Missouri EMANUEL CLEAVER, Missouri
BILL HUIZENGA, Michigan GWEN MOORE, Wisconsin
SEAN P. DUFFY, Wisconsin KEITH ELLISON, Minnesota
ROBERT HURT, Virginia ED PERLMUTTER, Colorado
STEVE STIVERS, Ohio JAMES A. HIMES, Connecticut
STEPHEN LEE FINCHER, Tennessee JOHN C. CARNEY, Jr., Delaware
MARLIN A. STUTZMAN, Indiana TERRI A. SEWELL, Alabama
MICK MULVANEY, South Carolina BILL FOSTER, Illinois
RANDY HULTGREN, Illinois DANIEL T. KILDEE, Michigan
DENNIS A. ROSS, Florida PATRICK MURPHY, Florida
ROBERT PITTENGER, North Carolina JOHN K. DELANEY, Maryland
ANN WAGNER, Missouri KYRSTEN SINEMA, Arizona
ANDY BARR, Kentucky JOYCE BEATTY, Ohio
KEITH J. ROTHFUS, Pennsylvania DENNY HECK, Washington
LUKE MESSER, Indiana JUAN VARGAS, California
DAVID SCHWEIKERT, Arizona
FRANK GUINTA, New Hampshire
SCOTT TIPTON, Colorado
ROGER WILLIAMS, Texas
BRUCE POLIQUIN, Maine
MIA LOVE, Utah
FRENCH HILL, Arkansas
TOM EMMER, Minnesota
Shannon McGahn, Staff Director
James H. Clinger, Chief Counsel
Subcommittee on Oversight and Investigations
SEAN P. DUFFY, Wisconsin, Chairman
MICHAEL G. FITZPATRICK, AL GREEN, Texas, Ranking Member
Pennsylvania, Vice Chairman MICHAEL E. CAPUANO, Massachusetts
PETER T. KING, New York EMANUEL CLEAVER, Missouri
PATRICK T. McHENRY, North Carolina KEITH ELLISON, Minnesota
ROBERT HURT, Virginia JOHN K. DELANEY, Maryland
STEPHEN LEE FINCHER, Tennessee JOYCE BEATTY, Ohio
MICK MULVANEY, South Carolina DENNY HECK, Washington
RANDY HULTGREN, Illinois KYRSTEN SINEMA, Arizona
ANN WAGNER, Missouri JUAN VARGAS, California
SCOTT TIPTON, Colorado
BRUCE POLIQUIN, Maine
FRENCH HILL, Arkansas
C O N T E N T S
----------
Page
Hearing held on:
December 16, 2015............................................ 1
Appendix:
December 16, 2015............................................ 43
WITNESSES
Wednesday, December 16, 2015
Abernathy, Wayne A., Executive Vice President for Financial
Institutions Policy and Regulatory Affairs, American Bankers
Association.................................................... 7
Calabria, Mark A., Director, Financial Regulation Studies, Cato
Institute...................................................... 9
Gingrich, Hon. Newt, former Speaker, U.S. House of
Representatives................................................ 5
Gupta, Deepak, Founding Principal, Gupta Wessler PLLC............ 11
APPENDIX
Prepared statements:
Abernathy, Wayne A........................................... 44
Calabria, Mark A............................................. 55
Gingrich, Hon. Newt.......................................... 67
Gupta, Deepak................................................ 71
Additional Material Submitted for the Record
Ellison, Hon. Keith:
Screen visuals displayed during the hearing.................. 77
EXAMINING THE CONSUMER FINANCIAL
PROTECTION BUREAU'S MASS DATA
COLLECTION PROGRAM
----------
Wednesday, December 16, 2015
U.S. House of Representatives,
Subcommittee on Oversight
and Investigations,
Committee on Financial Services,
Washington, D.C.
The subcommittee met, pursuant to notice, at 11:03 a.m., in
room 2128, Rayburn House Office Building, Hon. Sean P. Duffy
[chairman of the subcommittee] presiding.
Members present: Representatives Duffy, Fitzpatrick,
Fincher, Hultgren, Tipton, Poliquin, Hill; Green, Cleaver,
Ellison, Beatty, Sinema, and Vargas.
Ex officio present: Representative Waters.
Also present: Representative Love.
Chairman Duffy. The Oversight and Investigations
Subcommittee will come to order.
The title of today's subcommittee hearing is, ``Examining
the Consumer Financial Protection Bureau's Mass Data Collection
Program.''
Without objection, the Chair is authorized to declare a
recess of the subcommittee at any time.
The Chair now recognizes himself for 4 minutes to give an
opening statement.
The Consumer Financial Protection Bureau (CFPB) is
fundamentally tasked with protecting Americans from unfair,
deceptive, and abusive financial practices. Ironically, as a
result of its massive data collection activities, the CFPB is
putting all Americans, all of us, at risk.
From January 2012 to July of 2014, the CFPB carried out 12
large-scale data collections, including the monthly collection
of data affecting hundreds of millions of credit card accounts,
173 million mortgages, as well as information on 10.7 million
consumer credit reports. Five of these data collections are
ongoing.
Not a day goes by that Americans are not made aware of yet
another breach of their sensitive information. Whether it is in
the public or private sector, vast collections of personal
consumer data are prime targets for cyber attackers.
Aside from the fact that the CFPB does not need to be
collecting these vast amounts of information to carry out its
regulatory mission, it is troubling that it has not taken more
appropriate steps to secure this data. In fact, before this
committee last year, CFPB Director Cordray said that he could
not rule out the potential for a data breach at the Bureau.
We now know--and the American people don't know--how much
personally identifiable information, or PII, the CFPB retains,
how that data is protected, and what the Bureau plans to do
with all that data.
And while the CFPB claims that it collects very little data
that contains PII, collecting non-PII data may also endanger
consumers. A recent study published by an MIT-led team of
researchers found that knowing just four pieces--four pieces--
of information about a person's credit card transactions was
enough to re-identify the anonymous credit card data in 90
percent of the cases that they studied.
The Dodd-Frank Act granted the CFPB expansive and intrusive
authority with very little accountability or oversight.
However, CFPB's data collection programs appear to exceed the
mandates included in Dodd-Frank. Under the guise of its
supervisory, monitoring, and examination authorities, the CFPB
appears to have subordinated consumers' interests with its data
collection programs.
What is more concerning is that while the CFPB claims to be
an information-driven agency, it seems to cherry-pick data to
justify pursuing a politicized rulemaking agenda. From
publishing unverified consumer complaints on its website to
using unreliable methodologies for estimating race in auto
lending ECOA actions, the agency has proven time and time again
that it will present only the most convenient of ``facts'' for
its purposes.
Manipulating data to validate a regulatory outcome is not
sound public policy. This is junk science. The CFPB should
focus on responding to actual allegations of consumer fraud and
discrimination rather than collecting data for the purposes of
undertaking costly and abusive phishing expeditions.
I welcome our panel of witnesses here today, and I look
forward to hearing from them as they present their testimony.
I now yield 5 minutes to the gentleman from Texas, the
ranking member of the subcommittee, Mr. Green, for his opening
statement.
Mr. Green. Thank you very much, Mr. Chairman.
I would like to thank the witnesses for appearing.
And I would like to acknowledge the presence of the
Honorable former Speaker of the House. And for our purposes
today, because he was the Speaker, I shall refer to him as
``Mr. Speaker.''
I am, Mr. Chairman, antithetical to most of what you said,
and I am also concerned about something that has occurred.
Mr. Speaker, we--or someone owes you an apology. And
someone owes you an apology because on the memos that I have
received and on the witness list, you are acknowledged as the
former Speaker of the House--as indeed, you should be--but
there is no acknowledgement of your affiliation with the U.S.
Consumer Coalition. And, generally speaking, this is what we do
here.
I have a document that I shall ask unanimous consent to be
placed in the record.
Chairman Duffy. Without objection, it is so ordered.
Mr. Green. This document is dated July 23, 2015, from the
Financial Services majority staff, and it is to the members of
the committee, styled, ``The Dodd-Frank Act Five Years Later.''
And it indicates that we are having the Honorable Phil Gramm
appear, and the case that he was a senior partner at U.S.
Policy Metrics, and that he is a former United States Senator;
Honorable R. Bradley Miller, of counsel with Grais & Ellsworth
LLP, and former Member of Congress.
So I am going to ask unanimous consent that the record be
corrected so that it will be indicated on the memo and the
witness list that you are, Mr. Speaker, associated with the
U.S. Consumer Coalition.
I ask unanimous consent.
Chairman Duffy. If that is the case, without objection, it
is so ordered.
Mr. Green. I would also indicate why I have done this, Mr.
Chairman.
I perused quite a few articles concerning this Coalition,
this group. It appears to be a corporate-owned and -subsidized
synthetic grassroots organization. The activists, consumer
organizations, know very little about it. It is a 501(c)(4).
There is no way to ascertain who really funds it. And I think
it is very important for us to know who is really coming after
the CFPB. This organization has a mission statement that
coincides with much of what has occurred here in the Congress
of the United States of America.
I am going to have to yield some time to the ranking
member, but I think it is important for us to go into this. I
have several articles that I will be introducing into the
record.
And having perused the Speaker's statement for today, I am
going to assume that it is just an oversight, because nowhere
in the statement does it indicate his affiliation with the U.S.
Consumer Coalition.
This oversight has occurred more than once, because it
appears that The Wall Street Journal had to issue an
amplification as a result. This is something that has been
called to our attention by virtue of various sources, one being
Media Matters.
So, with this, I will now yield the rest, remainder, and
residue of my time to the ranking member of the full Financial
Services Committee, Ranking Member Waters.
Ms. Waters. Thank you very much. I appreciate the time.
As we sit here today to talk about the CFPB's data
collection practices, the CFPB uses the data it collects to
ensure that potentially harmful products do not permeate the
market, to inform the agency's rulemaking efforts, to conduct
critical supervisory oversight, and to return money to
consumers who have been harmed.
Unfortunately, my colleagues across the aisle are not here
today to discuss data collection practices. Instead, this
hearing is simply another blatant attempt to mischaracterize
the Bureau's data collection activities as harmful to
consumers.
How do we know this? Because the chairman of this
committee, Mr. Hensarling, previously sponsored the PATH Act, a
bill that, if enacted, would have authorized the creation of a
national mortgage data repository that would collect the same
individualized, personalized data that Republicans shame the
CFPB for collecting, and which is the subject of this very
hearing.
Currently, most of the data that the CFPB collects is
public and nonpersonally identifiable. Both the GAO and the
CFPB Inspector General have indicated that the CFPB is
generally in compliance with data privacy and security laws.
Nevertheless, my Republican colleagues are here today to,
again, criticize and undermine an agency that has returned more
than $11 billion to 25 million Americans.
I yield back.
Chairman Duffy. The gentlelady yields back time she does
not have.
The Chair now recognizes the vice chairman of the
subcommittee, the gentleman from Pennsylvania, Mr. Fitzpatrick,
for 1 minute for an opening statement.
Mr. Fitzpatrick. Thank you, Mr. Chairman, for the hearing.
And welcome to the witnesses this morning.
Increasingly, our cyber infrastructure and private records
are becoming targets of both state and non-state actors alike.
I don't have to remind everyone here about the theft of
personal information from the Office of Personnel Management--I
suspect we all received that letter--or any of the other
significant breaches of consumer data that have occurred.
For these reasons, it is alarming that any organization,
especially an agency of the Federal Government of the United
States, would collect consumer data and store it in a single
location, as the Consumer Financial Protection Bureau does,
especially when, according to a GAO study, the CFPB lacks
procedures and documentation for these collecting practices or
security protocols to store private consumer information in a
manner safe from hackers.
What's more, it seems that no type of data is off limits to
the CFPB. While Congress has not been provided a complete
picture of these actions, we know that one of these mass
collections yielded data on 173 million loans.
So we look forward to the hearing, today's witness
testimony, and we hope that it allows all of us to develop a
better understanding of this practice and if there is a reason
or legitimate need for these aggressive Federal practices to
continue.
I yield back.
Chairman Duffy. The gentleman yields back.
I now want to welcome our witnesses.
And because I do want to at one point get to our testimony,
I am not going to spend an hour relating all of the things that
Speaker Gingrich has done. What I have realized recently,
though, is that he is a fiction author; he wrote a great book,
which my wife just completed. It is a page-turner. I didn't
realize that. But I am going to stick to the basics. He was
elected to Congress in 1978 from the Sixth District of Georgia
and, as we all know, was the Speaker of the House from 1995
through 1998.
Speaker Gingrich, welcome, and thank you for being here.
I also want to welcome Mr. Wayne Abernathy. He is the
executive vice president for financial institutions policy and
regulatory affairs at the American Bankers Association.
Welcome.
Dr. Calabria, welcome again. Dr. Calabria is the director
of financial regulation studies at the Cato Institute.
And finally last, but not least, Mr. Deepak Gupta is the
founding principal of Gupta Wessler, an appellate litigation
boutique in Washington, D.C.
Welcome, panel.
Each of you are going to be recognized for 5 minutes to
give an oral presentation of your testimony.
And without objection, your written statements will be made
a part of the record. Once the witnesses have finished
presenting their testimony, each member of the subcommittee
will have 5 minutes within which to ask the panel questions.
Just as a reminder--many of you know this--on the table you
have three lights: green means go; yellow means you have a
minute left; and red means your time is up. I would just note
that if you get a question while your light is yellow, I will
give you the leniency to finish your question as it goes into
red, but please don't go on for a minute or two. Otherwise, I
will just start tapping my gavel, and we will try to wrap it
up.
And with that, Speaker Gingrich, welcome, and you are now
recognized for your 5-minute presentation.
STATEMENT OF THE HONORABLE NEWT GINGRICH, FORMER SPEAKER, U.S.
HOUSE OF REPRESENTATIVES
Mr. Gingrich. Good morning, and thank you for allowing me
to be here. It is an honor to be with you on this important
issue.
I do want to say about Mr. Green's concern that if either
he or his staff had read my testimony, they would find that on
page 3, I describe my relationship as an adviser to the U.S.
Consumer Coalition.
But the subject of today's hearing is important in a narrow
sense, in that we have an agency that is collecting more
information about Americans' private lives than any bureaucracy
deserves, for reasons unrelated to national security.
But it is also important in a broader sense. Today, the
Consumer Financial Protection Bureau is so far outside the
historic American system of constitutionally limited government
and the rule of law that it is the perfect case study of the
pathologies that infect our bureaucracies at the Federal level.
It is dictatorial. It is unaccountable. It is practically
unrestrained and expanding on its already expansive mandate
from Congress. And it is contemptuous of the rights, values,
and preferences of ordinary Americans.
The CFPB is all of these things, as are many of our large,
destructive bureaucracies in this City--a huge problem in its
own right. But the CFPB is an especially good symbol of these
pathologies because of its unique structure among regulatory
agencies.
In the Dodd-Frank Wall Street Reform and Consumer
Protection Act that created the Bureau, Congress--very
unwisely, in my opinion--gave up two of its core constitutional
powers for reining in Executive Branch agencies.
First, the CFPB is not subject to the annual congressional
appropriations process and instead is funded out of a fixed
portion of the Federal Reserve's budget. So, in effect, you
have a bureaucratic slush fund that is self-defined by the
bureaucracies on their behalf.
Second, its Director can be fired only by the President and
then only under limited circumstances because Dodd-Frank
protects him from being removed by Congress.
For all practical purposes, this means the bureaucracy is
free to do whatever it wants within the broadest imaginable
interpretation of its authority without fear of losing its
funding or its leadership. This is a very dangerous recipe for
petty dictatorship and is completely foreign to the American
model.
I always remind people of Lord Acton's famous dictum:
``Power tends to corrupt. Absolute power corrupts absolutely.''
Notice he drops the ``tends.'' There is no better example of
the corruption of power than this agency, which is totally
secret, totally unaccountable, spends a vast amount of money,
has huge cost overruns, and is doing whatever it wants to
whomever it feels like doing it to.
We know this formula is dangerous because we have watched
the Bureau's behavior over the past 4 years. We have seen the
contempt with which it treats Congress and the American people.
The CFPB is prohibited from regulating car dealers, but it
has done so anyway, using absurdly inaccurate techniques--
which, by the way, in the private sector would lead to lawsuits
over fraud--to accuse them of racial discrimination and extract
fines from car companies and auto finance companies. This says
your government is a bully and your government is a
blackmailer.
The topic of this hearing is another good example of the
CFPB's overreach, one I also discussed in my own article in The
Wall Street Journal last summer. The CFPB is prohibited in
Section 1022 of Dodd-Frank from collecting personally
identifiable information on Americans, but the Bureau is doing
so anyway. And it is doing so on a massive scale that rivals
the NSA's most controversial collection programs but for much
less compelling reasons.
The CFPB has said it aims to monitor at least 95 percent of
all credit card transactions in the United States by 2016.
Toward that end, the Bureau is already collecting and analyzing
data from at least 600 million credit card accounts each month.
That is 7 billion records in the last year alone.
And it is not just credit card data. The CFPB is gathering
data on 22 million private-label mortgages every month, 5.5
million student loans, 2 million bank accounts with overdraft
fees, and on hundreds of thousands of auto sales, credit
scores, and deposit advance loans.
These secretive and intrusive data-gathering operations are
taking place without consumers' knowledge and without the
ability for consumers to opt out. Unless they have been tuned
in to occasional congressional oversight hearings like this
one, consumers are entirely unaware that government bureaucrats
are poring over their credit card transactions every month
looking for new products to regulate.
The CFPB is scooping up more information about law-abiding
Americans than any government agency should be permitted to
collect for reasons unrelated to national security or law
enforcement.
In fact, in a recent poll conducted by Zogby for the U.S.
Consumer Coalition, which I happen to advise--let me repeat
that, since it is in the record, but I just want to make sure
for particularly Mr. Green's staff that they get it--which I
happen to advise--so I am not secret about the relationship--
just one in five Americans said they believe the CFPB should be
allowed to gather credit card statements without consumers'
knowledge.
For those of you who are concerned about the intelligence
community's direct data collection effort, I don't see how you
can be worried about the potential for abuse and about the, in
fact, justified lack of transparency in national security
agencies and not be concerned about the same dangers in this
large and unaccountable bureaucracy armed with similar kinds of
information.
Think of the absurdity of being told that Homeland Security
will not look at Facebook pages of foreigners out of concern
for their privacy while CFPB is gathering up all of this data.
Let me just say, certainly, if the NSA and the FBI need a
warrant to collect such data on U.S. citizens for the purpose
of preventing terrorism, the CFPB should need to get a warrant,
too.
In closing, what we have in the CFPB is an agency that is
not accountable to Congress or the American people, an agency
that is stretching the boundaries of its authority as far as it
can, and a bureaucracy which for all practical purposes is out
of control. As the American people's elected Representatives in
Congress, this should bother you no matter which side of the
aisle you are on and whatever you think of the Bureau's
preferred regulations.
It is imperative that we move toward abolishing the
Consumer Financial Protection Bureau and, at the very least,
subject it to an annual budgeting and appropriations process,
in addition to restructuring its leadership to make sure it is
accountable to Congress.
Thank you, and I look forward to your questions.
[The prepared statement of Speaker Gingrich can be found on
page 67 of the appendix.]
Chairman Duffy. Mr. Abernathy, you are recognized for 5
minutes.
STATEMENT OF WAYNE A. ABERNATHY, EXECUTIVE VICE PRESIDENT FOR
FINANCIAL INSTITUTIONS POLICY AND REGULATORY AFFAIRS, AMERICAN
BANKERS ASSOCIATION
Mr. Abernathy. Thank you, Chairman Duffy and Ranking Member
Green, for this opportunity to testify. My name is Wayne
Abernathy. I am executive vice president at the American
Bankers Association (ABA).
The customers of ABA's thousands of member banks are
affected by the actions, policies, and decisions of the CFPB.
The Bureau has enormous authority over retail financial
products and those who provide them, and, therefore, over the
people who use them.
This power comes with little more than nominal oversight
and accountability. It would be hard to find a Federal agency
where the gap between regulatory power and public
accountability is greater.
Bureau officials repeatedly assert that the Bureau is a
transparent and data-driven agency. Public exposure and data
are to be the checks on the natural tendency for any such
agency to stray into arbitrary action.
I emphasize the Bureau is governed by one person. No one in
the agency can address him without ultimately bending to that
one person's policy judgment, knowing that at some point in the
discussion it will end with, ``Yes, sir.''
We welcome this subcommittee's inquiry into the question of
how strong a check on arbitrary behavior are the Bureau's data
policies and practices. How much is the Bureau, in fact, data-
driven? And by which data? From which sources? And how would we
know?
Bureau Director Richard Cordray stated the following: ``At
the Consumer Bureau, we are a data-driven agency. The best
decisions will be those that are best informed.''
The Bureau's strategic plan for Fiscal Years 2013 through
2017 includes the following: ``We take in data, manage it,
store it, share it appropriately, and protect it from
unauthorized access.''
And then this from the Bureau's website on a page titled,
``Open Government'': ``Transparency is at the core of our
agenda, and it is a key part of how we operate.''
We support those statements. Bureau practices, however,
have not lived up to these standards, and there is little to
require that they do so. The Dodd-Frank Act extends to the
Bureau impressive authorities for requiring information. The
Act's oversight structure is much less impressive.
Problematic Bureau data practices have undermined the
effective use of data to serve as a check on arbitrary action
and weakened the quality of policymaking, placing at risk the
Bureau's mission to protect consumers. In my written statement,
I discuss several examples, which I will merely list for you at
this point.
The Bureau evades public disclosure laws, such as the
Paperwork Reduction Act, while cherry-picking data. In
selective data samples, the Bureau skews results,
mischaracterizing consumer markets. The Bureau has
misrepresented its data gathering on overdrafts. On its
website, the Bureau publishes unverified complaint information.
In its arbitration study, the Bureau ignores its own data. To
promote its policies on indirect auto lending, the Bureau has
manufactured data that do no exist.
I will explain briefly one of these as an example, the
unverified complaint information.
The Bureau publishes on its official website, at the top of
which are the words, ``An official website of the United States
Government,'' they publish consumer complaints that are
unverified for accuracy or veracity.
The Bureau asserts that, ``by adding their voice, consumers
help improve the financial marketplace.'' But how can this be
true if the information provided is unreliable and misleading?
What does the Bureau offer to protect a consumer from acting on
erroneous information published on the Bureau's own website?
ABA offers four recommendations in our written statement. I
would emphasize our fourth. The governance of the Bureau should
be changed from a sole directorship to governance by a
bipartisan commission. With a bipartisan structure, we gain
light from a variety of viewpoints, different people posing
different questions from different backgrounds, all more likely
to poke and prod the data, and all of them likely to be
intolerant of information legerdemain.
On behalf of ABA and its member banks of all business
models, serving hundreds of millions of people, our customers
and your constituents impacted by Bureau decisions by the
Consumer Bureau, I want to thank this subcommittee for this
very important inquiry. I would be happy to respond to any
questions you may have.
[The prepared statement of Mr. Abernathy can be found on
page 44 of the appendix.]
Chairman Duffy. Thank you.
Dr. Calabria, you are recognized for 5 minutes.
STATEMENT OF MARK A. CALABRIA, DIRECTOR, FINANCIAL REGULATION
STUDIES, CATO INSTITUTE
Mr. Calabria. Chairman Duffy, Ranking Member Green, and
distinguished members of the subcommittee, I thank you for the
invitation to appear at today's important hearing.
Let me first say that the concerns I will raise are not
unique to the CFPB. They apply across the Federal Government.
Let me also note that my colleagues and I at the Cato
Institute have consistently raised these concerns regardless of
politics or the mission of the agency. We have been vocal,
highlighting abuses in law enforcement and national security. I
would go so far as to say we have spent considerable resources
trying to undo the third-party doctrine, which is the basis of
almost all Federal surveillance.
So, again, this is not something new to us. In fact, we
have spent more time on the PATRIOT Act and the Bank Secrecy
Act than we have on surveillance at the Consumer Financial
Protection Bureau. So, again, this is not something new for us.
Let me also say, as I detail in my testimony, the massive
data collection at the CFPB is one of choice. There is no
explicit mandate or requirement for this level of data
collection. As someone who has previously managed one of the
offices that have been transferred to the CFPB, I can say that
the extent of this data collection is also unnecessary for it
to fulfill its responsibilities.
During my tenure enforcing the Real Estate Settlement
Procedures Act at HUD, we nearly doubled enforcement,
significantly increased enforcement action, and we did so
without having to resort to a massive dragnet of consumer data.
Obviously and unfortunately, some of those actions did not
prevent the financial crisis, but I would have told you then,
as I will tell you today, the problems with RESPA and much of
our consumer financial protection are in the underlying
statutes--which I greatly encourage Congress to revisit--not
from a lack of surveillance.
We have seen this play out in the area of national
security, where the public is repeatedly told that if only we
had more data, various attacks would have been avoided. Yet,
repeatedly, the intelligence failures we witness are not from a
lack of data. They are from an inability or unwillingness to
connect the dots.
Similarly, the financial crisis was met with demands for
more data, as if the overheated housing and mortgage markets
were not obvious enough from the aggregate data. They were
obvious to me over a decade ago. Unfortunately, our regulators
ignored them. And, of course, more data does not necessarily
help you if you continue to ignore it.
The CFPB has not been immune from this false idol of more
data. As the GAO has reported, the CFPB has engaged in at least
12 large-scale data collection efforts. At least three of these
include information that directly identifies individual
consumers. Combining this information with other sources, such
as the other nine, could allow the information also to be
identified on consumers. In my opinion--granted, as a
nonlawyer--I believe these collections do not comply fully with
the Right to Financial Privacy Act.
Let me also state, as a former Federal employee and one
subject to the recent OPM breach, I don't trust any part of the
government with my data, the CFPB or otherwise. In
consolidating all of this financial information in one place,
the CFPB has left consumers extremely vulnerable to hackers and
identity theft.
Those are only threats from outside the Bureau.
Unfortunately, the CFPB's data collection, in my opinion, also
poses significant threats to our Fourth Amendment protections,
which I believe apply to everybody, even financial service
providers. As Justice Douglas observed in his dissent to the
California Bankers case, ``A checking account may well record a
citizen's activities, opinions, and beliefs as fully as the
transcripts of his telephone records.'' Credit cards are
today's checks.
Such concerns are not simply reflections of the Watergate
era. As recently as 2012, Justice Sotomayor, in her concurrence
to United States v. Antoine Jones, correctly observed,
``Awareness that the government may be watching chills
association and expressive freedoms. The government's
unrestrained power to assemble data that reveal private aspects
of identity is susceptible to abuse.'' Those are Justice
Sotomayor's words, not mine.
Justice Sotomayor offers the example of medications
purchased online by online retailers. Such a purchase could
theoretically be identified within the CFPB's data card
collections.
For a variety of reasons, as I think this hearing has
demonstrated across the aisle, the CFPB has become a highly
partisan issue. I think that is unfortunate. Were it to use the
financial records of its critics as an attempt to silence and
intimidate those critics, it would not be the first agency to
do so. And as an institute, at the Cato Institute, where we
receive our donations via credit card, this is a very real risk
and certainly one that we worry about.
I will only quote Justice Thurgood Marshall, who sadly
observed, ``The technique of examining bank records to
investigate political organizations is, unfortunately, not a
rare one.'' And as someone at the Cato Institute who regularly
takes a stand that is occasionally unpopular in Washington, I
certainly share in this concern.
My suggestion would be that the CFPB end these data
collections. I would submit that there is more than enough work
to do actually responding to consumer complaints.
I thank the subcommittee for their time, and I look forward
to your questions.
[The prepared statement of Dr. Calabria can be found on
page 55 of the appendix.]
Chairman Duffy. Mr. Gupta, you are now recognized for 5
minutes for a summary of your opening statement.
STATEMENT OF DEEPAK GUPTA, FOUNDING PRINCIPAL, GUPTA WESSLER
PLLC
Mr. Gupta. Thank you, Chairman Duffy, and Ranking Member
Green.
I will make three points this morning based on my
perspective as a former CFPB official and as an advocate for
consumers, including in data privacy cases.
First, privacy and the security of consumer data are
important issues, and if this subcommittee were really
concerned, there are real problems it could be addressing.
There have been major data breaches recently in which credit
card information was stolen from consumers at Target and Home
Depot, for example.
But this subcommittee hasn't held a single hearing on those
real-world threats. Instead, we are having a hearing about a
set of imagined problems that exist only in the minds of the
CFPB's political opponents.
In fact, if you ask the actual consumer privacy groups,
they voice support for the CFPB's data collection efforts. And
I believe there is a statement that has been entered into the
record today, or will be--As one privacy advocate put it, ``The
reason you don't hear from privacy or consumer groups is that
the CFPB is not doing anything that concerns us, nor, for that
matter, is it doing much differently than other regulators have
always done.''
Second, to the extent that it is doing anything different,
the Bureau's collection of data is creating the kind of
oversight and consumer protection that were missing before the
financial crisis.
For example, the compilation of anonymous account-level
data--I want to stress that; it is anonymous account-level
data--from the CFPB's credit card database has allowed the
Bureau to study important topics, such as credit card marketing
practices and the widespread use of forced arbitration clauses
in consumer contracts, something Congress required the CFPB to
study.
Data collection is crucial to the Bureau's ability to
identify systemic violations of consumer laws, discrepancies in
credit score reporting, and harmful effects of checking account
overdraft programs, to name just a few examples.
The CFPB's data collection ensures that the agency's
regulation and enforcement are data-driven--that is, based on
the best understanding of market trends and empirical reality.
That is the whole point of having expert administrative
agencies in the first place. So unless your profits come from
deceiving consumers, you should welcome the CFPB's data
collection.
Third and finally, the very existence of this hearing
illustrates one danger that can occur when public officials
don't base their actions on data. We have a made-up
controversy, unfortunately, based on made-up facts.
The CFPB is not spying on American citizens. It is not the
NSA. It is not interested in the details of people's personal
activities, nor would the data that the agency is currently
collecting enable it to investigate those activities even if it
were interested in, say, what you plan to buy tomorrow with
your credit card for a Christmas present for your grandmother.
In fact, the vast majority of the data collected by the
CFPB is already public, such as data on mortgages already
recorded in local land records or auto sales on record with the
DMV. And most of it is aggregate data at the account level, not
at the transaction level, designed to give the agency a picture
of what financial institutions, not individual consumers, are
up to.
The GAO looked into this controversy and, in a detailed
review, found that none of the major problems that the CFPB's
opponents have alleged exist. Of the 12 major projects analyzed
by the GAO, only 3 even potentially involved any personal
consumer data, and the GAO found that the CFPB had taken steps
to protect and secure the data it collects, and it has a system
for anonymizing any material involving identifying information.
And I want to correct one factual inaccuracy that I have
heard several times already this morning. None of the ongoing
data collections by the CFPB contains personally identifiable
information. That is a fact that has been verified by the GAO.
Agencies have been collecting this same stuff for years and
nobody has complained, GAO also found.
The story with consumer complaint data is similar. The
Inspector General did an exhaustive review and uncovered no
major problems. Of the 250,000 complaints examined, the IG's
audit found an accuracy rate of 99.99 percent, an error rate of
0.01 percent. I wish that most of the work product that
emanated from this building, for example, could meet that
accuracy standard.
Meanwhile, the financial industry is collecting far more
personally identifiable data that could open up real questions
about consumer privacy. The JPMorgan Chase Institute, for
example, recently released a report that pulled from a data set
of 12 billion individual consumer transactions.
So if we are really worried about the collection of this
kind of data, we should be far more concerned about the private
market that is developing for this data. And with all the real
problems in consumer finance, I think it is unfortunate that
the subcommittee feels the need to hold a hearing today on this
nonissue.
Thank you for inviting me to testify, and I am happy to
answer any questions.
[The prepared statement of Mr. Gupta can be found on page
71 of the appendix.]
Chairman Duffy. Thank you, panel.
The Chair now recognizes the vice chairman of the
subcommittee, the gentleman from Pennsylvania, Mr. Fitzpatrick,
for 5 minutes for questions.
Mr. Fitzpatrick. Thank you, Chairman Duffy, for calling
this hearing. The hearing is critically important, given all
the security breaches that we have been hearing about and
reading about, not only in the private sector of the economy,
from retailers, but, most importantly, in the public sector.
And, in most of those cases, the average American citizen
does not know that their information is being collected by the
Federal Government or that their security has been breached.
They just don't know that.
Speaker Gingrich, you talked about the two Constitutional
provisions that the United States Congress essentially walked
away from in passing Dodd-Frank and creating the CFPB. And then
you testified about all the personally identifiable information
that the CFPB is collecting.
I have two questions. First, are you concerned about the
CFPB's ability to protect and secure that information from
breaches?
And second, when you have an agency of the Federal
Government that essentially lacks accountability or oversight
from the Congress, what is the interest or the vigilance that
the agency would have to actually get down and protect that
information? So how is the CFPB different than other agencies?
Mr. Gingrich. Thank you for the question.
Let me say, first of all, anybody who believes that anyone
has the ability to guarantee security of information is totally
out of touch with the real world. When you look at the size of
the breaches and you look at the number of hackers around the
planet and you look at the intensity with which people are
trying to figure out how to do this, there is no place where
you are going to aggregate information, unless you take it
totally offline, that you are going to have real, true
security.
These systems are growing very rapidly. They are getting
much more sophisticated, and we are going to be in a very
different world. It is like the Wild West. This is not like 10
years ago. And it is going to get worse.
Second, I want to point out that in The Wall Street Journal
article I cited a Stanford study on how to take metadata from
telephones and connect them to get individual identity, and an
MIT study for how to do that with credit cards. So when people
say to you, oh, we are only gathering impersonal information,
the fact is that is a sign they don't understand how big data
has evolved and the fact that you can reassess and redefine
people if you have enough data points.
So I find it much more frightening to have government
bureaucracies that are uncontrolled having that level of
information and power. In the private sector, if I don't like a
company, I can quit. That isn't how it works if you are a
citizen and two bureaucrats show up at your front door.
Mr. Fitzpatrick. Mr. Gupta, if a constituent of mine in
Bucks County, Pennsylvania, had her personal information or her
financial habits stolen in a data breach of the CFPB, how would
you explain to her that it was necessary for the Federal
Government to collect and store this information in the first
place?
Mr. Gupta. I would first explain to her that the whole
premise of the question is false, because, as I said, none of
the ongoing collection efforts by the CFPB involve any
personally identifiable information.
And that is verified by the GAO report, and it is pursuant
to the statutory authority. The authority that this Congress
gave the CFPB to do ongoing market monitoring expressly comes
with a limitation which says that data cannot include
personally identifiable information. And the CFPB, the GAO
found, is complying with that mandate.
So, to the extent there is any personally identifiable
information, it is either going to be because she provided it
as part of a consumer complaint and that information is not
going to be information that would be damaging; it would be
information that allows the agency to get in touch with her--
or, for example, when there is supervision and enforcement and
the agency needs the person's contact information to get in
touch with them to reimburse them if they have been defrauded.
But those are really small exceptions.
Mr. Fitzpatrick. Dr. Calabria, do you concur that my
constituent should have no concern with what the CFPB holds?
Mr. Calabria. I do not concur. Maybe I need to reread the
GAO report a few times, but my read of it is pretty clear that
at least three of those programs do have personally
identifiable information.
And there is also a question of, can you take the
information in those programs and link to other programs that
aren't personally identifiable, and I think that there is a
very real risk there.
Again, as I noted in my testimony, I was a victim of the
OPM breach. And I am very touched that OPM has now made sure
that I get at least a year of credit check free. That is very
touching. I would personally like the Chinese to give me my
information back and not to use it. It is kind of hard to close
that barn door after the horse is out.
So I think we need to be thinking ahead of time. The time
to react is not after the breaches; the point to react is to
not collect this level of data if you don't need it to begin
with.
Mr. Fitzpatrick. I think most of us who also were victims
of those same breach would agree with you, Dr. Calabria.
Thank you. I yield back.
Chairman Duffy. The gentleman yields back.
The Chair now recognizes the ranking member of the full
Financial Services Committee, Ms. Waters, for 5 minutes.
Ms. Waters. Thank you very much.
Let me welcome all of our panelists here today, and
especially Speaker Gingrich. Welcome, welcome, welcome.
Speaker Gingrich, whom are you representing here today?
Mr. Gingrich. I represent myself.
Ms. Waters. What is the name of the PR firm that you work
for?
Mr. Gingrich. The U.S. Consumer Coalition is not a PR firm.
It is an organization which has been raising questions. I work
with them. I have said that publicly. I said it, in fact, in
the testimony we submitted here. And I think the questions they
raise are very good ones.
But my view--
Ms. Waters. The Coalition--
Mr. Gingrich. --is not shaped by that. I am a
conservative--
Ms. Waters. Excuse me. I am not interested in that right
now, Mr. Speaker.
Mr. Gingrich. I apologize.
Ms. Waters. The Coalition has hired a PR firm that you work
for. You work for the PR firm. Is that right?
Mr. Gingrich. We work with the Coalition.
Ms. Waters. Do you work for the PR firm that is hired by
the Coalition?
Mr. Gingrich. I would have to check to see whether it is--
Ms. Waters. Okay.
Mr. Gingrich. But there is no question we work with the
Coalition. We have said--
Mr. Green. Would the ranking member yield, if you would?
Ms. Waters. Yes, the ranking member will yield.
Mr. Green. Mr. Speaker, I have your Wall Street Journal
article wherein there is an indication at the end that you are
a paid adviser to the Wise Public Affairs group. Are you
denying this, Mr. Speaker?
Mr. Gingrich. No, I am not denying--
Mr. Green. That was the question that the ranking member
was asking.
I will yield back to the ranking member.
Ms. Waters. Thank you very much.
And the Coalition is funded by what industries?
Mr. Gingrich. I don't know.
Ms. Waters. Does the Coalition represent any other consumer
groups? Do they advocate for any other consumer groups? Or was
it just organized to deal with their concerns about the
Consumer Financial Protection Bureau?
Mr. Gingrich. My impression is that they think that the
threat from the CFPB is large enough that that is their primary
focus.
Ms. Waters. I am not interested--
Mr. Gingrich. And it is the only bureaucracy--
Ms. Waters. --Mr. Speaker, in your impression. But is that
exactly what they do, just--
Mr. Gingrich. I don't know. You would--
Ms. Waters. --the Consumer Financial Protection Bureau?
Mr. Gingrich. --have to call them and ask them. They asked
me to advise on one thing.
Ms. Waters. I know that you are very smart, Mr. Speaker,
and you wouldn't work for somebody that you didn't know who
they are and what they do. So that is why I ask you.
But let me just move on, because I know you understand how
this place works. You talked about the fact that it is the only
agency that operates in the way that it does, that it is the
only agency that does not have to go before the Appropriations
Committee. Do you really know and understand that to be true?
Mr. Gingrich. That is certainly my impression, but if you
find other agencies that have perpetual life by drawing money
in manners that has nothing to do with the Congress, I think
Congress ought to, frankly, then hold hearings on bringing them
within the Constitution.
Ms. Waters. Are you aware that, for example, the FHFA has
one Director, appointed by the President, who can only be
removed by the President, and does not go before any
Appropriations Committee? Are you aware of that?
Mr. Gingrich. I wasn't aware of that. But, as I just said,
to the degree you would like to give us a list that we could
suggest to Congress that they bring under annual
appropriations, I would be happy to--
Ms. Waters. Mr. Speaker, I know that you know how this
place runs. You ran it with a strong hand, so I know you
understand how it works.
Does the FDIC go before an Appropriations Committee?
Mr. Gingrich. I believe it is subject to congressional
supervision.
Ms. Waters. That is not what I asked.
Mr. Gingrich. I believe it answers to congressional
inquiries.
Ms. Waters. That was not my question.
In terms of what the President is able to do in determining
whether or not a director continues as director--the OCC, for
example, their director can only be fired by the President.
Isn't that right? And the same thing with the FHFA. Is that
correct?
Mr. Gingrich. That is correct.
Ms. Waters. And the Fed, they don't go before an
Appropriations Committee. Is that right?
Mr. Gingrich. That is right. In fact, I have favored
auditing the Fed for that very reason.
Ms. Waters. And the President, for example, can only remove
the head of the SEC. Is that right?
Mr. Gingrich. Yes.
Ms. Waters. Okay. So I just want us to be clear when we
compare the Consumer Financial Protection Bureau with other
agencies.
Some of us are very appreciative that Dodd-Frank created
the Consumer Financial Protection Bureau, because prior to the
meltdown that we had, the recession that we entered into,
nobody was protecting the consumers. We had all of our
oversight agencies who basically were supposed to be
responsible for soundness, et cetera, but they did nothing for
consumers.
And so now we have the Consumer Financial Protection
Bureau, and we have a whole effort to destroy it. The other
side of the aisle have made this the top priority in everything
that they do. And just as Mr. Gupta said, while we had this
breach with Target and others, never have we had a hearing on
any of that.
So I am glad that you are here today, but I want you to
share your knowledge with us and tell--
Chairman Duffy. The gentlelady's time has expired.
Ms. Waters. --us what you know and what you understand
rather than--
Chairman Duffy. The gentlelady's time has expired.
Ms. Waters. --some of the other stuff that I am hearing.
I yield back the balance of my time.
Chairman Duffy. And there is none left.
Mr. Gingrich. Can I make one brief comment?
Chairman Duffy. Maybe you can ask--
Mr. Gingrich. Okay.
Chairman Duffy. I want to stick with the rules.
The Chair now recognizes the gentleman from Colorado, Mr.
Tipton, for 5 minutes. Maybe he will entertain the Speaker's
request.
Mr. Tipton. Thank you, Chairman Duffy.
Mr. Speaker?
Mr. Gingrich. I just wanted to comment--the gentlelady just
pointed out that all of these various bureaucracies that were
responsible for oversight prior to 2007 failed, and so the
answer is, let's build another bureaucracy to look after the
failed bureaucracies, as opposed to looking at why did all
these bureaucracies fail. I think it is a fascinating
difference of opinion.
And I appreciate your pointing out that we actually should
have a study, which Cato may already have, of all of the
agencies that should be under congressional annual
appropriation. I thought that was a very useful contribution.
Mr. Tipton. Thank you, Mr. Speaker.
Mr. Gupta, I would like to start with you, in regards to
personal information. You made the comment that no personal
information is collected. Is gender an identifier?
Mr. Gupta. Is gender an identifier? Gender standing alone,
with nothing else?
Mr. Tipton. How about if we included age? Would that be an
identifier, those two together? How about ethnicity, if we
included those three elements? Are those things that can be
used to identify an individual?
Mr. Gupta. I take your point, and you are right. A
constellation of data can certainly be used to identify someone
without their name. And the CFPB is very concerned about that.
And that is why--
Mr. Tipton. Interestingly--
Mr. Gupta. --if you look at the GAO report, you will see
that they have a data intake team that carefully, carefully
scrubs the data before it even enters the Bureau and is
disseminated to ensure that you don't have a constellation of
data that can be assembled to actually identify anyone.
Mr. Tipton. Well, interestingly, Mr. Gupta, under the CFPB,
with the NMD, they do require the collection of gender, age,
and ethnicity.
Mr. Calabria, would you like to maybe comment on that?
Mr. Calabria. Again, I would agree that only a small number
of information is needed to identify people.
I do want to emphasize, as I pointed out in my testimony,
and as the Federal Reserve Inspector General pointed out, a
significant amount of the CFPB data collection is maintained by
contractors on cloud computing, which in my opinion--granted,
I'm not a tech expert--leaves it particularly vulnerable to
hacking.
So I would certainly encourage the CFPB to bring more of
that data--here, I am going to say it for a second: Cato
Institute, Mark Calabria, encourages less use of contractors
and more government employees, in this case.
Mr. Tipton. Does the GAO report that the CFPB does not have
the security protocols in place to be able to secure this data
scare you?
Mr. Calabria. That is correct. And that is a very big
concern of mine, the security of this data.
Mr. Tipton. If I could follow up again with you, Dr
Calabria, for a long time, I have held the belief that with a
lot of the regulatory bodies, the heart may be in the right
place, but we need to be able to look at outcomes.
And I get a general sense, going back to Speaker Gingrich's
point, that we actually have an institution right now, through
the CFPB, that is completely off the books. Congress has no
real control to be able to actually control it, to be able to
direct it.
Do you have a sense that we have a system in place that is
continuing to build, that is designed to be able to find and
punish, rather than help and improve?
Mr. Calabria. So let me first say, there is a fair amount
of work in the psychology literature about, when people feel
like they are wrapped up in a cause and self-righteous. And I
think that, certainly, the CFPB's attitude is, ``We are a
crusade. We are here to protect the consumer. We are going to
fix the financial crisis.'' And we saw the same thing in the
intelligence community after 9/11. When you get caught up in
this mentality, you get blinders, you get tunnel vision. There
is a lot of psychology research which I think clearly
demonstrates that.
And so what you need--and, again, I would reference one of
the citations in my testimony from something by Cass Sunstein,
of all people, who really argued that you need to have
procedures and checks in place so that dissent is heard.
And this is one of the--the value of a board is that
somebody sits there and says--just like this committee can have
this dialogue and this back-and-forth--is there needs to be
this back-and-forth. And Wayne talked about, at the end of the
day, every employee at the CFPB needs to say, ``yes, sir'' to
Mr. Cordray, and I think that is a real problem.
None of us have all the answers, and you lack this
institution for this dialogue and this back-and-forth and this
give-and-take. You need that. And other places that don't have
this don't do well. It was mentioned that a number of other
agencies--look at OFHEO, who was the regulator for Fannie Mae
and Freddie Mac, and had a single director. We saw how that
turned out.
So, again, the attitude that you can't have this sort of
give-and-take, I think is critically important.
I will also note, the argument you often hear is we need a
single director so it isn't captured by the industry. I am not
a mathematician, but the last I checked, I think it would be
easier to capture one person than it would to capture, say,
five.
Mr. Tipton. One thing that genuinely concerns me about this
is, if we were to apply the same rules to the CFPB that they
are trying to apply to everyone else, if we were getting ready
to make a mortgage--and, again, go back to the comments in
terms of identifiers about gender, age, ethnicity in
determining and making a loan, they are collecting this data
with no consumer knowledge. How would the CFPB address a
private-sector entity in doing that?
Mr. Calabria. Let me make two quick points since you are
out of time.
First of all, the JPMorgan example, I can choose not to use
JPMorgan, and if I do, I can sue them if they distribute my
data in a personal way. And, plus, they suffer. Target took a
big hit. You don't see any of this with the Federal Government,
in terms of these corrections.
But, lastly, I want to say we don't have to wonder how this
works. The HMDA is an example of where there is not personally
identifiable information but you can link it to courthouse
records to figure out the identity. It is not that hard.
Chairman Duffy. The gentleman's time has expired.
The Chair now recognizes the gentleman from Missouri, Mr.
Cleaver, for 5 minutes.
Mr. Cleaver. Thank you very much, Mr. Chairman.
And thank all of you for being here. I appreciate it very
much.
Mr. Speaker, you may have misspoken. You said that the CFPB
was totally secret. And so I am assuming that you weren't--and
this is not a catch-you-wrong question. I am just--when you
made the comment, I just wrote it down, because I didn't think
you were saying that the CFPB was a totally secret agency.
Mr. Gingrich. My impression is, if you look at various
hearings and various interrogatories, that the leader of the
CFPB has remarkably little interest in sharing with Congress a
whole range of information, including the various cost
overruns, including salaries, and so forth. So my impression is
that they are a remarkably secretive operation for a non-
national-security operation.
Mr. Cleaver. Okay. I agree with you if you use ``remarkably
secretive'' as opposed to ``totally secretive.'' Because if it
was totally secretive, we wouldn't have this hearing.
Mr. Gingrich. I am happy to be amended to ``remarkably.''
Mr. Cleaver. Thank you.
Mr. Abernathy, do you think that it is important that we
have evidence-based policies?
Mr. Abernathy. Absolutely, Congressman.
In our view, when you have an agency that is led by just
one individual, without all of the other checks and balances
and oversight that other agencies are subject to, you are left
with just one check, and that is the exposure to the public,
letting the public see what is the information that you used to
make your decisions, and let's have a debate on that to make
sure you are not operating in an arbitrary manner.
I can think of no agency where that is more important than
it would be at the Bureau to make sure that they avoid getting
into arbitrary action. That is why we are so concerned about
their data practices.
Mr. Cleaver. Yes. Here is something that I am interested
in: What county do you live in?
Mr. Abernathy. I live in Fairfax County, Virginia.
Mr. Cleaver. I am not familiar with the way that county
operates, but do you believe that the county has data on your
mortgage?
Mr. Abernathy. I don't have a mortgage anymore. But I
think, when I had a mortgage, they probably had some
information.
But what is interesting about Fairfax County is that they
have a series of seven, I believe, elected officials, and these
officials all are peers of one another, and they check one
another's activities. And that prevents the abuse of data
because they will call somebody else on it. They will say,
Madam Chairman, or whomever, there is more information that you
need to take into account.
There is no one like that at the Bureau. There is no peer
at the Bureau for the Director of the Bureau. Everybody reports
to him.
Mr. Cleaver. Most counties, maybe not in Fairfax, but most
of the other counties around the country have a lot of data on
your mortgage. They have a lot of data on--well, not on your
mortgage, but on people who hold mortgages, a lot of data.
The same thing, I think, holds true when you think about
some of the commercial data that is available. The DMV, does it
not have a lot of data about individuals who drive and about
the machine they drive?
Mr. Abernathy. Yes, they certainly do, Congressman. I think
what makes the Bureau different is that they can put all these
different pieces together.
If you look at the authority that has been given them under
Dodd-Frank, there is virtually nothing that a covered firm, a
firm subject to its jurisdiction, has in terms of information
that the Bureau cannot demand. And, in their recent data
collections, they have been gathering in enormous amounts of
those data and putting it all in one place.
Mr. Cleaver. We have probably had more hearings on the CFPB
than we have had on anything. So I think it is erroneous to say
there is nobody looking at the agency. That is all we do. It
has become the political punching bag of this whole Congress.
And maybe the Speaker was right. Look at the OCC, the FDIC,
and the Federal Reserve; they are all in the data collection
business.
And so, we can create this attitude that this is going to
be a Big Brother operation and they are going to give money to
the Taliban or whatever, and I think we are taking this stuff
too far.
I yield back, Mr. Chairman.
Chairman Duffy. The gentleman yields back.
The Chair now recognizes the gentleman from Maine, Mr.
Poliquin, for 5 minutes.
Mr. Poliquin. Thank you, Mr. Chairman. I appreciate it very
much.
And thank you, gentlemen, for coming here today. I
appreciate it.
I come from the private sector, and for 35 years I have
been running small companies. And when you come from a business
background, you have to be accountable all the time. You have
to be accountable to your employees, to your customers, and to
your suppliers. You have to be accountable to your board. If
you have a product or a service that is overpriced or performs
poorly, you are going to go out of business. Now, it seems to
me that we should do the same thing here in government, but,
unfortunately, it doesn't happen very often.
When I was State treasurer up in Maine, I was on the board
of an independent public housing authority. And shortly after
joining the board, I realized that the executive director had a
5-year term, appointed by the Governor, and couldn't be fired.
The board had no authority. The executive director didn't
report to the board. And it had a funding source that was
independent of appropriations.
Now, after a little bit more digging, we found out that we
had 6,000 families waiting in Maine to come in from the cold so
they could have a safe and warm place to live, and we had a
public housing authority that was spending money on theater
programs for prison inmates.
As well as the fact that any request from the board to get
data on how the operation was performing was just ignored. And
then we found out that they were spending twice as much to
build one-bedroom apartments than it cost to buy a single-
family home on a quarter-acre with a garage, two bathrooms, and
three bedrooms.
So we changed the law. We made sure that the executive
director reported to the board, we put in financial controls,
and we put business people on the board. And, by the time I
left, the cost per unit had dropped to about 35 percent, it was
still going down, and we helped hundreds more families.
Now, I am looking, Mr. Gingrich, at the CFPB. And we have
an independent organization, as you mentioned, that reports to
nobody. The Director has a 5-year contract, and can only be
replaced by the President. They have a revenue stream that is
divorced of appropriations from Congress.
And all I am asking you is, did it make sense when the
Director showed up here 6 months ago and tried to convince us
that it was a darn good idea to spend $216 million on an office
building for their 1,400 employees, to rehab it, they don't own
it, with a two-story waterfall in the building and a reflecting
pool and a playground on the roof? Now, how can we trust these
people to collect the sort of data they are doing here in
America for our families?
In our district, we had a major breach of data security
with the largest health insurance provider in the State.
Thousands of people in my district had their personal data
violated.
So I ask you, Mr. Speaker--you have a lot of experience in
this area--what can we do to fix this? Do you trust this
organization to collect the sort of data that they are? And if
not, how in the dickens do you fix it?
Mr. Gingrich. Thank you. And I have to confess, the entire
story about the Maine housing authority is amazing and would
almost be a study in its own right.
Let me say first of all, just to set the record straight,
both the Department of Justice and the Federal Trade Commission
had consumer protection responsibilities prior to 2008. So this
notion that magically we are going to create a new super-
bureaucracy all on top of the other bureaucracies because this
new bureaucracy will be terrific--and you just described the
arrogance of power.
Since they are totally uncontrolled, and since they are
virtuous and should not be questioned, why shouldn't they have
a waterfall in the atrium? Why shouldn't they be able to walk
in and look up and think, I am here to protect America on my
terms, based on my prejudice, and applying my ideology, and
aren't you lucky to have me as the savior of consumer behavior?
That tells you everything about why this agency ought to be
abolished, whether you want to break it up and put it back at
the FTC and the DOJ, or whatever, One other thing the CFPB will
not tell you is all of their various data-gathering techniques,
but we are told that there are consumer data companies which
sell information to them which includes personal data.
Now, that should be findable, and that is the kind of thing
we ought to say, explain to me why you think you are going to
keep this anonymous, given modern technology and modern
information systems?
Mr. Poliquin. For us here today and those listening, Mr.
Speaker, can you give us another couple of tangible examples,
to the best of your knowledge, of how you connect data
protection with accountability in government agencies like
this?
Mr. Gingrich. As I said earlier, I think anytime you start
centralizing information into specific banks of data, you have
to assume that you are really at high risk.
And I would raise the question--again, we always have the
government show up and tell us, ``Everything is fine,'' until
the next huge data breach, and then they come back to tell us,
``But now, everything is really fine.''
We are in a competition in which there is a free market of
hackers worldwide, all of whom can operate without red tape,
without limitations, without all of our various rules and
regulations, and bureaucratic structures that are stunningly
slow and incompetent. I find no reason to believe this
particular structure is going to be dramatically better than
OPM at protecting data.
And I think aggregating the numbers I gave you earlier,
billions of data points in one place is really defying
everything we have learned about the emergence of a very
aggressive hacking culture.
Mr. Poliquin. Thank you, Mr. Speaker. I appreciate it very
much.
Chairman Duffy. The gentleman's time has expired.
The Chair now recognizes the gentleman from Tennessee, Mr.
Fincher, for 5 minutes.
Mr. Fincher. Thank you, Mr. Chairman.
Mr. Gupta, would you support a five-person governing panel
instead of the one director at the agency?
Mr. Gupta. I would not. I think that, as Ranking Member
Waters mentioned, there are lots of agencies that have single
directors--
Mr. Fincher. Okay. That is it.
Would you support having CFPB under the appropriations
process?
Mr. Gupta. No, I would not.
I think the OCC, and lots of other banking regulators, are
not subject to the appropriations process, but they have an
even worse source of funding, historically. They have gotten
their funding from the entities they are regulating.
Instead, what you have here is a stream of money that comes
from the Federal Reserve Board, and it prevents agency capture.
It prevents the agency from being subject to the thing that
makes Washington broken in every respect, which is the
influence of financial industry money.
Mr. Fincher. Okay. And--
Mr. Gupta. That is why you are having so many hearings, I
assume, on--
Mr. Fincher. What makes Washington broken is too much
Washington and too many bureaucrats.
I think the narrative here that we are hearing from my
colleagues on the other side of the aisle--and no offense to
Ranking Member Waters, she is very passionate about this; she
just happens to be wrong--is that the American people aren't
smart enough to make decisions on their own, so bureaucrats and
politicians in Washington are going to tell them what to do.
Another one of my colleagues trying to compare data
collection at the CFPB to my county in my rural district in
Tennessee is a joke. We look back at a lot of the reasoning
behind Dodd-Frank and behind the CFPB, because the private
sector was out of control, when in a lot of respects it was
Fannie and Freddie that were influencing the private sector and
telling banks who to loan money to.
So, let's get to the facts. The facts are, for a lot of my
friends on the left, they see the private sector as a problem,
and everything should be done in Washington and by bureaucrats
and politicians. This is a slap in the face to the American
people. They are smart enough to figure out what works and what
doesn't, and they don't need people in Washington doing it for
them.
Mr. Abernathy, if the CFPB were to use this data
irresponsibly, are you concerned with a lack of accountability?
And how would we rein them in? They are almost untouchable.
Mr. Abernathy. That is a serious problem, and that is one
of the things that we believe this hearing is bringing out, is
the fact that all you have to act as accountability for the
Bureau is the public exposure of the data that they claim that
they rely upon. And yet, when we look at the decisions that
they have made, rather than relying upon the data to drive what
they do, they cherry-pick the data through processes that they
don't reveal to the public, in order to silence debate rather
than to foment debate by basically saying, this is what the
data tells us we have to do; therefore, there should be no
discussion.
In one case, they have actually demonstrated the value, and
that is with regard to their arbitration study, where they did
put the data out for people to look at, and the data actually
disprove the assumptions they make in their study, but it
encourages a broad discussion by the public. And that is what
we need.
Mr. Fincher. Dr. Calabria?
Mr. Calabria. I want to make a couple of points, but first,
I want to go back to the funding issue.
Let's remind ourselves that the CFPB is funded in the same
way that the Federal Reserve itself is funded. And I think it
is widely accepted that the Federal Reserve fell down on the
job before the crisis despite being outside of the funding
process.
And of course, as we know, Mr. Greenspan, Mr. Bernanke, and
Mrs. Yellen are not accepting campaign contributions from Wall
Street. That is not why they screwed up. They screwed up for a
number of reasons. Of course, you could try to say, well, they
screwed up because Mr. Greenspan has some crazy ideology and
whatever. That is actually an illustration of why you don't
want one single powerful person, because how will you know that
person is not going to get the check and balance?
And, in fact, the only way we know that there were
discussions about subprime lending at the Federal Reserve is
because Ned Gramlich, one of the Board Members, forced that
conversation. And that was a conversation that was at least
had, which would not have been had if it was a single director.
So, again, let me clearly state for the record so that we
don't have to go back over this topic, the CFPB is not the only
part of the Federal Government or our financial regulatory
structure that is broken. I think we can accept that. I don't
subscribe to the two-wrongs-makes-a-right theory of policy. So
just because something is broken over at agency ``A'' does not,
in my opinion, justify us to leave something broken at agency
``B.''
Mr. Fincher. My time is expiring. Let me just say this in
closing.
Hopefully, a Republican Administration will take over in
2017, and my friends across the aisle will be singing a very
different tune at that time, but let's remember that, to your
point, two wrongs don't make a right. We need to call this out
for what it is. And if Republicans were doing it, it would be
wrong also. But let's fix this.
And, please, my friends on that side of the aisle, give the
American people some credit. They are smarter than Washington.
I yield back.
Chairman Duffy. The gentleman's time has expired.
The Chair now recognizes the gentleman from Arkansas, Mr.
Hill, for 5 minutes.
Mr. Hill. Thank you, Mr. Chairman. And thanks for calling
this hearing.
It is certainly good for me to see my old friend, Wayne
Abernathy. We served so long ago on the Senate Banking
Committee staff, Mr. Speaker, that there was no TV in the
Senate. That is how long ago it was. Many moons have passed.
I feel like Rip Van Winkle when I come back to Washington
after 25 years and see this kind of behavior. And this isn't
the first time we have talked about a subject like this at a
hearing. FINRA proposed a proposal called CARDS, where they
would sweep up every brokerage account in the country and every
brokerage transaction and organize it in a way that it would
not be identifiable so that they could just look at it.
And my whole problem with things like this is just because
you can, doesn't mean you should, in these massive data
collections, when a simple sample would do just as well in
trying to look for a trend analysis.
And, further, our whole regulatory system has been based on
looking at institutions and looking at the activities of that
institution on a small-scale basis and making determinations
about, did the executives of that institution do a good or a
bad job with regard to consumer legislation or prudential
regulation. That has not been the sweeping 170 million loan
records, for example, that are now in the hands of the CFPB.
In my district in Arkansas, this spring has been taken up
by working 70 cases of IRS identity theft. And it is all we
talk about in my office: identity theft problems with
federally-stored data. So I have concerns about that.
Mr. Gupta being here, it reinforces, I think, why I ran for
Congress, and why I was glad the people of Arkansas elected me
to Congress. Because once again, I feel like you are the chief
apologist for an intrusive, Big Brother, Big Government
solution.
We have had hearings, sir, in this room on the Target
breach. We had retailers and bankers testify about those
breaches. And we have bills moving in the Energy and Commerce
Committee in this House and in this committee, Financial
Services, to deal with that. So don't make the assumption that
we have not had data breach discussions in--
Mr. Gupta. And I commend you for those efforts. Those are
good efforts.
Mr. Hill. Thank you.
And, also, you stated that this committee is making up
facts, when, in fact, I think The Wall Street Journal was quite
clear, and I commend the staff of this committee. In the made-
up-fact arena, it is the CFPB and their auto finance
investigation that has gotten the world record for made-up
facts in their most recent efforts.
So I would like to get some thoughts, Mr. Speaker, on this
issue of why the CFPB claims it needs all this information in
order to understand the markets it regulates. In my opening
comments, I talked about how individual firms and individual
prudential managers deal with markets, and that is how we have
traditionally regulated it. And they have collected 87 percent
of the credit card market. They have collected 95 percent--it
is trying to get 95 percent of all the credit card accounts.
What do you think is any justification for that, when one
could just do a survey of credit card vendors for a small
sample to meet any analysis, it seems to me, that would have a
public policy benefit? Could you comment on that for me,
please?
Mr. Gingrich. Thank you.
Look, Friedrich Hayek, in ``The Road to Serfdom,'' made the
argument that, once you start toward centralized planning, you
inevitably coerce, and that the centralized planners think of
themselves as virtuous and as having a fact-based approach to
life, when, in fact, they are like the rest of us. They have
ideologies, they have things they like, they have things they
don't like.
It is very funny, in a sense. This is a monster which, if
Democrats thought about it, they would rush to create a
bipartisan board. Imagine you have a President Cruz or a
President Trump and they decided to appoint their version of
this kind of collection agency, and that person was now in
total charge of gathering the data they wanted to gather so
that, let's say, instead of being antigun, as the current group
is, they decided they were pro-gun, and so they decided that
you really ought to have lots of credit if you are a gun
dealership and so forth.
You need to understand, when you put total power in one
person's hands and they can operate in--not total secrecy but
surprising--
Mr. Hill. Remarkable secrecy. Yes.
Mr. Gingrich. --remarkable secrecy, you are creating a
natural pattern that leads to very dangerous behavior, for this
reason: The government always, in the end, is about power and
the ability of the state to coerce. And when you have people in
darkness who are able to exercise the power of the state, they
apply their prejudice and their ideology. And that can destroy
normal people because the government is so big and so powerful.
Mr. Hill. Thank you, Mr. Speaker.
I have Fourth Amendment concerns about this process, as I
did on CARDS. It is not the direction we should be going in
regulation in this country.
And I yield back.
Chairman Duffy. The gentleman's time has expired.
The Chair now recognizes the gentlelady from Ohio, Mrs.
Beatty, for 5 minutes.
Mrs. Beatty. Thank you, Mr. Chairman, and Ranking Member
Green.
Let me first say thank you to the panelists for being here
and that I am also proud to associate myself with the comments
from my ranking member of the Financial Services Committee,
Congresswoman Maxine Waters.
Mr. Chairman and to the witnesses today, certainly this is
an important topic. When I received my overview with the name
of the topic today that we were going to look at, consumer
protection and data security, it kind of puzzles me, as we have
witnesses here, that we don't have anyone here who is actually
from the agency that we are talking about, and that we have
certainly discussed--which probably are important, for us to
hear our different views from our witnesses--that go far beyond
what I think we should be discussing at hand. We are talking
about the establishment and how it was established 5 years ago.
We are talking about the budget. We are talking about
everything but the real issue of what this hearing was
scheduled to do, which I think is unfortunate and a disservice
to me and to our constituents.
I would also be curious as to your expertise, starting with
you, former Mr. Speaker. Can you tell us your expertise as a
cybersecurity expert? I know that you are here as yourself, as
you commented. I also know that you are a paid public affairs
consultant with the Wise Group.
So tell me what your expertise is in this area.
Mr. Gingrich. I wouldn't classify it as expertise, but I
have worked on data issues and on cyber issues for over 25
years. As Speaker of the House, I had a substantial amount of
involvement. I have this year spent time out at the National
Security Agency looking at their things. I served for 6 years
on the Defense Policy Board, and cyber was part of that.
And I can tell you, as a historian, all you have to do is
clip out of the newspapers the increasing frequency of cyber
activities, the increasing frequency of hacking, and the
stunning inability of the American Government to protect
itself, and I think that doesn't require any massive level of
expertise.
I do think it would be wise for the subcommittee to arrange
for a number of people who have cyber capabilities to come in
and explain why this is a dangerous thing. And it is dangerous
at two levels. Remember, it is about a mass data collection
program. So it is dangerous at two levels. We are talking about
breaches and hacking. It is also dangerous because the truth
is, in the age of metadata, you can identify individuals from
supposedly anonymous information. And you may want to have a
hearing and bring in people from places like Carnegie Mellon
and MIT and go through this.
But I will assure you I have spent time with the Army Cyber
Command, I have spent time at NSA. I am not personally a cyber
expert, but I think--
Mrs. Beatty. Okay. Thank you.
Mr. Gingrich. --I am reasonably knowledgeable.
Mrs. Beatty. I am going to move on because of my time.
So based on that, and your clipping out articles and
reading them, and your past experience, let me ask you this:
Some have commented that the CFPB is particularly vulnerable to
hackers because of their heavy reliance on cloud-based
computing. Can you tell me how you feel about that and why? And
what better practices, from your reading and the experience you
have said, would be better? Give me something specific.
Mr. Gingrich. I think if you talk to people at the Pentagon
and at the--
Mrs. Beatty. No, I mean in your opinion, not whom I should
talk to about it. You are here today.
Mr. Gingrich. No, I understand.
Mrs. Beatty. I want to hear from you, not--
Mr. Gingrich. Okay.
Mrs. Beatty. --who I can call or who the Republicans can
bring in. You have shared that you have this experience, and
you have probably been the most critical. And so I want to be
able to discern and be able to separate, is this predisposed
from articles I have clipped out on you and what you have said
that is clearly coming with some predetermined ideas against
the organization and Mr. Cordray.
So let's keep this in the context and give me some
specifics that you have. You are sitting here today, not the
folks that may call or may come here in the future, so let's
hear from you.
Mr. Gingrich. Okay. And I would say, then, three things.
One, I believe if you aggregate this kind of data, you
always have the potential to identify individuals. And I would
be glad to provide you technical experts who will explain that.
Two--
Mrs. Beatty. So, in other words, you don't have any that
you can give me. I can call those folks or wait for my
colleagues to bring in a real expert who is sitting here taking
my time up to hear it. Thank you very much.
Let me go to the second gentleman.
Can you answer that question, please?
Mr. Abernathy. Thank you, Congresswoman.
Our testimony is focusing on the policymaking process, and
the problem that you have when you have a single director with
nobody who can engage that--
Mrs. Beatty. No, that is not my question, about the single
Director.
I'm sorry. My time is--
Mr. Abernathy. That is what our focus is--
Mrs. Beatty. --up. I yield back.
Mr. Abernathy. --and our testimony is about.
Mrs. Beatty. Okay. But that wasn't my question to you. So
let's be clear on that.
Mr. Abernathy. Right.
Chairman Duffy. The gentlelady yields back.
The Chair now recognizes the gentleman from Illinois, Mr.
Hultgren, for 5 minutes.
Mr. Hultgren. Thank you all for being here.
Speaker Gingrich, it's good to see you. One of my favorite
memories of serving over the last 5 years was being with you
and your wife in Tampico and Dixon, Illinois, for Ronald
Reagan's 100th birthday. So I appreciate you being here.
Certainly, he is a hero of mine, and I appreciate the work you
have done talking about him as well.
But I want to get to what I see as a very important subject
here. I am troubled by all the stories that we have heard of
what happens to consumer financial information when it gets
into the wrong hands and how aggressive people are in trying to
get this information. Our government should be held to the
highest standard when it comes to protecting personal
information it holds on the American people.
On October 15th, the CFPB released its final rule to expand
data collection under Regulation C, the Home Mortgage
Disclosure Act, or HMDA. The final rule requires covered banks
and credit unions to collect 48 unique data fields on each
mortgage loan they make. This is more than double the number of
data fields covered lenders are currently required to collect.
Some of the new fields include applicant or borrower age,
credit score, automated underwriting system information, unique
loan identifier, property value, application channel, points
and fees, borrower-paid origination charges, discount points,
lender credits, loan term, prepayment penalty, nonamortizing
loan features, interest rate, and loan originator identifier.
I think we can all agree that this is a lot of information.
And while some of this information is not directly related to
the borrower or terms of the loan, this data can still be
revealing. I understand regulators and the public make use of
this data, but I am also concerned that it could pose privacy
risks for homeowners.
Speaker Gingrich, if I can direct this first question to
you, I think we all remember the Office of Personnel Management
data breach, and I think we have heard some testimony today
about how the CFPB's data security controls may be inadequate.
In light of the incidents like OPM and others within the
government, how can we assure the American people that their
personal information is safe?
Mr. Gingrich. First of all, you can't.
Second, you reminded me that I got one of those letters,
among 21 million people, which said my data had been breached,
and it said, gee, if you want to do something, call this
number. I couldn't imagine anything useful. What were they
going to do? Say, we don't know exactly who breached it, we
don't know exactly where it is, and we don't know exactly how
it will be used? It is just nonsense.
Mr. Hultgren. Yes.
Mr. Gingrich. The fact that you can live through this, you
can watch this scale of failure, and then have some other
bureaucrat sublimely tell you, ``Oh, we are safe,'' they
don't--my first point is they don't know. If you are not
offline, you are, by definition, potentially hackable.
And this is a major crisis for the whole government. This
is not something that--I have worked with John McCain, the
chairman of the Armed Services Committee in the Senate, who is
very worried that we are not able to innovate rapidly enough
inside our bureaucracies to keep up with the private-sector
revolution worldwide. And it is always worldwide. It is
Estonians, it is Romanians, it is Russians, it is Israelis. And
so, we need to understand the threat.
I think that is a significant thing, and I would encourage
the committee to get people from places like Carnegie Mellon
and MIT. Let's meet everybody's concern about the level of
technical expertise. And I think you will find that they will
tell you, ``You should be afraid. You should not be
reassured.''
Mr. Hultgren. I believe you are right. I just had a
briefing this morning with the Department of Energy on
cybersecurity--and some real concerns, real threats, real
experts who are frightened--having nightmares, they talked
about what could happen. And we see this as just as widespread.
I am going to ask a question, just a yes-or-no question,
Speaker Gingrich, Dr. Calabria, and Mr. Abernathy, the CFPB's
final rule did not explicitly state which of this new data
would be made publicly available. It seems to me a study on the
privacy risks and the opportunity for public comment would be
appropriate, just as Speaker Gingrich was talking about.
Mr. Speaker, I think you have already answered. Would you
agree that this is a good position? I think you would say
``yes.''
Mr. Gingrich. Yes.
Mr. Hultgren. Mr. Abernathy?
Mr. Abernathy. I agree, Congressman. Thank you.
Mr. Hultgren. Dr. Calabria?
Mr. Calabria. Yes.
Mr. Hultgren. Let me jump back and focus on Dr. Calabria
and Mr. Abernathy. Do you have any thoughts on why the CFPB
chose to go well beyond the new reporting requirements in
Section 1094 of Dodd-Frank? The CFPB loves to say they are
data-driven in their policy, but doesn't the increased
reporting of this data raise more privacy issues?
Mr. Abernathy. That is one of the serious concerns when you
look at the more than two dozen additional data segments that
the Bureau asked for. And yet, there really is inadequate
discussion as to why they need this data, and what they would
do with it. We need that kind of public debate before they do
the rule rather than afterwards.
Mr. Hultgren. I agree.
Dr. Calabria?
Mr. Calabria. And I would certainly agree with that.
Let me say, even before this, from what was publicly
available for HMDA, you could link to courthouse records and
identify individuals with that data even with the preexisting
databases.
Mr. Hultgren. Yes.
I only have a couple of seconds left.
This feels like such an overreach at such a risky time. I
think it is absolutely the wrong direction to go, for CFPB to
be doing this, and we need to do more to make sure it doesn't
happen.
Mr. Chairman, I yield back.
Chairman Duffy. The gentleman yields back.
The Chair now recognizes the gentlelady from Utah, Mrs.
Love, for 5 minutes.
Mrs. Love. Thank you, Mr. Chairman.
I have to tell you, you have an idea of how dangerously
powerful some of these regulatory agencies are before you get
here, but I can't tell you how shocked I am, getting here and
realizing the casualness, where we talk about collecting
people's private information, the casualness in saying, ``It's
okay. Don't worry about it. We're here to protect you. We know
everything. We're bigger minds than you are, and we can handle
things for you.'' It is absolutely shocking to me, the amount
of power these regulatory agencies have over the American
people.
I have a couple of questions. As I have gotten into
learning a little bit more about the CFPB, I have several
concerns, but I want to focus, first of all, on some of the
data collecting, which raises privacy concerns, and, second of
all, what is being done with that data.
These are the questions--by the way, that is not just
coming from me. They are coming from my constituency. So I do
this work on behalf of them.
We have learned that the way that the CFPB uses data and
interprets the data was highly suspect and that the result, the
supposed redress that the CFPB imposed on the marketplace, was
not correlated with actual harm. There was a lot of guesswork
involved, and the guesswork resulted in the CFPB imposing more
requirements on the auto lending market, which results in
higher costs and less choices for the consumer.
So, now, in addition to the auto sales, the CFPB has also
been collecting data, as we have heard today, regarding credit
reports, credit cards, mortgages, student loans, payday loans,
overdraft fees, and other financial data. Over the past year
that I have been here on this committee, I have been
investigating some of that activity, specifically in regards to
payday loans and overdraft fees.
So my question for the panelists is: What other CFPB
actions do you see on the horizon? What other disappearing
options, as you would say, for services that consumers, when
they are looking at it, need to worry about losing?
Mr. Abernathy. If I may, Congresswoman--
Mrs. Love. Yes.
Mr. Abernathy. --one of the areas we are particularly
concerned about is the ability to serve the market for short-
term and small-amount loans. Our estimate is that there are 54
million customers each year in the market for small loans,
short-term loans--these are loans for less than a year--and the
Bureau is on the verge of decreasing significantly the access
to those kinds of resources.
They have the payday lending rule that they are about to
come out with that, estimates are, will eliminate 80 percent of
that market in one decision. We are concerned that they are
looking at overdraft, where a number of people who have bank
accounts use the opportunity to overdraw their account a little
bit to be able to obtain immediate short-term credit for a
variety of needs, from a vacation to a major emergency that
takes place at their home.
And yet, we have looked at the way they exposed data on
this. One data segment that they put forward indicated that, in
their view, the median average overdraft is $24, for which
people paid $34. If they actually look at what happens with all
of the data for an institution, they would discover that the
amount of credit that customers receive versus what they paid
for it for overdraft is something like 7 to 8 times the amount
of the fee.
But by manipulating the data in ways that no one can really
get at and challenge, they end up promoting policies that could
choke off the opportunity for overdraft to be a source of
credit for millions of people.
Mrs. Love. So far, what I have seen is the people that they
have vowed to protect are the ones who are being hurt the most.
And I just want to say--because I am not here to
necessarily change the minds of my colleagues, because a lot of
the minds have been made up, on both sides of the aisle. I am
here to make sure that we are transparent and we give a fair
warning, a warning to the American people, that if we continue
to allow this to happen, the only people who are at risk are
them, are the American people.
Let me just say right now, this is a fair warning that if
we are not vigilant, if we do not cry out and make our voices
heard that this is, first of all, unacceptable, and second of
all, we are smart enough to make decisions in our homes and for
ourselves--and if we do not do something now, then the only
people who are at risk, who have the risk of losing everything,
are the American people.
I yield back.
Chairman Duffy. The gentlelady yields back.
The Chair now recognizes the gentleman from Minnesota, Mr.
Ellison, for 5 minutes. Welcome.
Mr. Ellison. Let me thank the Chair and the ranking member
and thank the panel. I really appreciate having time to discuss
this issue today.
Mr. Gupta, I would like to ask you a question, if I may.
You made the comment, unless your profits come from deceiving
consumers, you should welcome the CFPB's data collection. Could
you explain what you meant by that?
Mr. Gupta. Sure. Thanks for the question.
The reason we have the CFPB in the first place is because
we had a massive regulatory failure, right? We had a financial
crisis that resulted from all sorts of fringe lending that was
entirely unchecked. People were asleep at the switch. You
didn't have anyone who was looking out for consumer protection.
The Federal Reserve Board was looking out for other things, and
consumer protection took a backseat.
And so we created a single agency that is the voice of the
American consumer. It is actually standing up for American
consumers and trying to prevent the kind of practices--those
practices didn't just harm people who had subprime mortgages,
right? They threatened to harm all of us. They threatened to
tank the American economy and the world economy.
So, unless your business model is based on unfair and
deceptive practices, the kind of thing that the CFPB pursues in
its enforcement actions and its regulations, you should have no
concern about transparency and about the CFPB having that data
and using it as a tool to do better consumer protection.
Mr. Ellison. Thank you.
So, honestly, I have to admit something. When I first saw
the panel lineup, I thought to myself that my friend, Mr.
Gingrich, has a Ph.D. in history and he may know a lot about
that, but what does Newt Gingrich know about big data? I was
just a little surprised by that choice.
But it turns out that you actually do know a lot about big
data, because--let me put it like this. Republicans, in
general, claim that they have collected more than 300 terabytes
of voter data, including more than 725 billion data points on
nearly 200 million American voters. This information is matched
to individuals in voter data files, which also contains
personally identifiable information--home address, phone
number, email.
Not only are Republicans collecting massive amounts of
voter data, some Republicans even rent out the data to other
campaigns. Well, they rent that data to a list of brokers that
lease data to marketing firms and other private entities. For
example, the Presidential campaign for Newt Gingrich, Newt
2012, reported getting $17,000 in the most recent FEC reporting
cycle, even though that campaign dropped out of the primary
more than 3 months before.
A separate company, Gingrich Productions, also uses a list
broker to sell personal information via TMA Direct. For the low
price of $120 a month, you can get access to nearly 500,000
individuals' personal information who were never before on the
market.
So I did have my doubts about whether our panel was
qualified to offer opinions on such a complex topic, but,
clearly, clearly, Speaker Gingrich, you do know something about
making money off big data.
So I guess my question is, if it is okay for you to sell
big data with personal information, why can't the CFPB rely on
anonymous data to protect consumers?
Mr. Gingrich. Look, that is a great question. As often with
you, it was a brilliant setup.
It is true that we have carefully studied the 2008 and 2012
Obama campaigns. And it is true that, while we are still behind
them in gathering metadata and while we don't have quite the
ties they have in Silicon Valley and at major intellectual
centers, we are doing everything we can on the Republican side
to be at least as good as the Obama team at using metadata. So
I appreciate your recognizing that, while we are second, we are
working hard to catch up.
Second, the big difference--and you put your finger on it:
I can't go to somebody and threaten to cut off their bank
loans. I can't go to somebody and threaten to put them in jail.
People who happen to be on my list voluntarily signed up to get
information from Newt Gingrich and can voluntarily get off the
list without having a bureaucrat call and threaten them.
If you look at the power of the government--which is
always, in the end, coercion--and you imagine random
independent bureaucrats who aggregate to themselves the right
to decide what my consumer choices should be, that is real
power. We don't have real power. We are just a private company
doing private things in a free market. And that is why I am so
frightened to see this much power in the government.
Mr. Ellison. And making a good penny at it in personal
data.
Thank you, Mr. Gingrich.
Chairman Duffy. The gentleman yields back.
The Chair now recognizes the ranking member of the
subcommittee, Mr. Green from Texas, for 5 minutes.
Mr. Green. Thank you, Mr. Chairman.
Let me start with a few questions, and I would like for you
to raise your hands if these questions apply to you.
If you are in any way, now or ever, connected to the U.S.
Consumer Coalition, would you kindly raise your hand?
Let the record reflect that Mr. Gingrich has raised his
hand.
If you are now or you have ever been paid by the Wise
Group, if you would raise your hand--the Wise Public Affairs
group.
Thank you.
And, Mr. Gingrich, since you have raised your hand both
times, I would like to know a little bit more about the Wise
Public Affairs Group. But before I get there, I want to go back
to something that you and I have broached earlier, and it has
to do with your statement.
Because, in your statement, you do indicate that you are an
advisor, in an advisory capacity. But I was hoping that you
would do what was done when The Wall Street Journal had to
issue its additional statement, and that is indicate that you
were a paid advisor to the Wise Public Affairs Group. Because
you well know that the Wise Public Affairs Group owns and
operates the U.S. Consumer Coalition.
So I was disappointed that this was not called to our
attention. As has been indicated, this is not the first time
this has been done. You pride yourself in transparency, but,
for some reason, you didn't reveal this money connection. You
were willing to reveal that you just happen to advise, but you
are making a profit based upon this advice because you work for
the Wise Group.
If I have misstated this about your working for the Wise
Public Affairs group and also being connected to the U.S.
Consumer Coalition, would you kindly raise your hand again?
Because I would like to hear from you if you have.
Let the record reflect that what I have said, per Mr.
Gingrich, is accurate.
And this is why we bring this up, Mr. Gingrich: Because
this U.S. Consumer Coalition is out to emasculate the CFPB. It
has published its intent in terms of what it would like to do
to the CFPB.
There are many of us who are of the opinion that the CFPB
serves a meaningful purpose. And we are of the opinion that in
serving this meaningful purpose, the CFPB has done a good
thing. The CFPB makes it possible for consumers to receive
restitution after they have been harmed. And it is unfortunate,
but I think it is fair to say that if the rule that you would
have us adhere to were implemented, then there are many
consumers who would not receive the benefits that they have
received already.
The personally identifiable information of which we speak
is not by law permitted to be used for market monitoring--not
by law. It can't be used. But it can be used for enforcement
activities, which means if you find out that a consumer has
been harmed, you can take that personally identifiable
information and you can then contact that consumer and say,
``You have been harmed,'' as was done with the $4.5 billion in
relief that was given in debt collection, $50 million of it in
civil penalties, I might add; $2 billion to consumers related
to credit card enforcement, $140 million for civil penalties;
$125 million to consumers for auto finance enforcement,
defrauded, taken advantage of, $25 million of it in related
civil penalties; $115 million in relief for mortgage lending
enforcement, $55 million of that in civil penalties; $20
million in relief to consumers for student lending enforcement,
$2 million related to civil monetary penalties; $19 million to
consumers for payday enforcement activities, over $10 million
in related civil monetary penalties.
So if we decide that we are no longer going to allow the
CFPB to aggregate information for enforcement purposes, we now
take away these dollars that are going to consumers, because we
won't be able to find out who they are and contact them. I
suppose there is some nebulous way that someone would conclude
that we could do this, but the truth of the matter is that
enforcement activities benefit seniors.
The CFPB is in the business of helping people, and this
would eviscerate it to the extent that it would be emasculated,
if not eviscerated, such that it could not continue its
enforcement activities and return moneys to seniors who have
been harmed. ``Senior citizens'' is a more appropriate term--
consumers.
I yield back.
Chairman Duffy. The gentleman yields back.
The Chair now recognizes himself for 5 minutes.
Now, taking a page from the ranking member, would the
panel--would you raise your hand if you are surprised that
former Speaker Newt Gingrich is fighting for limited government
and more transparency in government? If you are surprised by
that, raise your hand.
Mr. Gupta, you are not surprised by that. It is consistent
with everything this man has done.
Mr. Gupta. No. I am surprised that he is paid by the
financial industry--
Chairman Duffy. No, no, that wasn't my question. You are
not surprised that he is fighting for limited government and
more transparency.
What I find unique is that my friends across the aisle want
to do everything to attack the former Speaker, when this is
consistent with his life's work.
We are talking about big data and abuse of power. And I
commend the Speaker for coming in and lending his voice to this
very important issue.
Now, a question to the panel: Do you all agree that
American consumers are at risk of having their data taken from
the collection at the CFPB?
Mr. Abernathy. Yes, sir.
Chairman Duffy. Mr. Calabria?
Mr. Calabria. Yes.
Chairman Duffy. Mr. Gingrich?
Mr. Gingrich. Yes.
Chairman Duffy. Mr. Gupta, do you agree with that?
Mr. Gupta. I would say of course there is a risk, but no
more than with any other agency--
Chairman Duffy. Of course, there is--
Mr. Gupta. --and less so than with the private sector.
Chairman Duffy. So, Mr. Gupta, is there another agency out
there that goes by the ``Consumer Financial Protection
Bureau?''
Anyone? Yes or no?
Mr. Gupta. No.
Chairman Duffy. So the one that is here to protect
consumers is also an agency that is putting consumers at risk
with the data that they collect, right? Yes or no?
Mr. Gupta. No. It is a--
Chairman Duffy. You just told me that they were--
Mr. Gupta. It is a false construct, because--
Chairman Duffy. No, it is not a false--listen--
Mr. Gupta. --the risk in the private sector for this data
is far greater--
Chairman Duffy. That is not--
Mr. Gupta. --than it is with the CFPB.
Chairman Duffy. No. I--
Mr. Gupta. And what the CFPB--
Chairman Duffy. I am going to reclaim my time.
Mr. Gupta. --is doing is no different than--
Chairman Duffy. As the Speaker pointed out, there is a big
difference between the private sector and Big Government. If I
choose to go get a license at the DMV, it is government, they
have my information, I know that. If I shop at Target or Home
Depot, they have my information, and I know it.
Does the American consumer actually know that the Consumer
Financial Protection Bureau is collecting their information? Do
you think they know that?
Dr. Calabria?
Mr. Calabria. I don't believe they do.
Chairman Duffy. Okay.
Mr. Abernathy, by chance, does the Consumer Financial
Protection Bureau ask the people whom they claim to protect if
they can collect their personal information?
Mr. Abernathy. No. They go to the institutions with which
people have voluntarily entered into a business relationship
and then gather up all of that data and bring it into the
Bureau.
Chairman Duffy. So they don't ask them, do they?
Mr. Abernathy. They don't.
Chairman Duffy. The very people they claim to protect, they
don't ask for permission to collect the data. And they put
those very people they claim to protect at risk by housing the
data.
Dr. Calabria?
Mr. Calabria. If I could--I guess I should be careful, as a
nonlawyer, but I would remind the committee that the Fourth
Amendment does not apply to the private sector. You can choose.
What the Fourth Amendment does is constrain the government. And
that is what we should not lose sight of here.
Chairman Duffy. I think that is a very good point.
Another concern that I have, I think, Mr. Gupta, you made
the point that this agency is better. It is better because it
is not subject to, I think you said, lobbying and outside
forces. They can do the goodwill of the people without being
subject to the people. Is that basically your point?
Mr. Gupta. No. I mean that all agencies should be held
accountable, and the CFPB is accountable. We have had countless
hearings about that.
Chairman Duffy. No, no--
Mr. Gupta. We talk about it--
Chairman Duffy. I Chair the Oversight Subcommittee. We have
asked for countless documents specifically on this. And if they
don't turn them over to us, do you think that they are
accountable?
Mr. Gupta. I do. They are--
Chairman Duffy. So if they don't give me all of the
documents--
Mr. Gupta. If there is another agency that has had to come
up to the Hill and testify more than the CFPB over the past
couple of years, I am not aware of it.
Chairman Duffy. So, on that point, maybe, Mr. Gingrich,
would the model be better, then, if the EPA, the DOJ, the
Department of Health and Human Services, the Department of
Education all weren't subject to appropriations, if they would
just come and give us a few lip-service hearings a couple of
times a year? Would democracy be better off if we followed Mr.
Gupta's set of ideas?
Mr. Gingrich. Look, I understand why people who want to
coerce and control the American people want to ensure that the
Congress can't represent people in an effective way. If you
think about the logic of that, it is perfect.
But I want to go back to something that your ranking member
said that I am confused by. If, in fact, the CFPB doesn't know
about individuals, how did all that money get back out to
individuals? And how do we know it got to the right
individuals? And isn't it the case that, in fact--I am told
that in the auto loan problem, they actually ended up paying
white Americans for racial discrimination because, in fact,
their algorithms were wrong. So you can't have it both ways.
And the idea of trying to stop 2007 and 2008 makes some
limited sense--although the problems weren't bureaucratic; they
were judgment. But the idea that we leap from that, which would
be a focus on the big banks, to deciding that we are going to
look at everything anybody does in America based on the whim of
one bureaucrat in a hidden institution which is remarkably
secret, to go back to that term--
Chairman Duffy. And I want to--
Mr. Gingrich. --I think is just wrong.
Chairman Duffy. My time is up, but pursuant to clause 4(d)
of the committee's rule 3, the Chair recognizes himself for an
additional 5 minutes. And I will also then recognize the
ranking member after I am done for an additional 5 minutes.
To that point, Speaker Gingrich, I would agree with you.
Personally identifiable information is taken by the CFPB,
contrary to Mr. Gupta's prior testimony.
You would now agree, Mr. Gupta, that the CFPB does collect
personally identifiable information, correct?
Mr. Gupta. I think a lot of things are being--
Chairman Duffy. Yes or no?
Mr. Gupta. --conflated here. You have to be clear.
Chairman Duffy. Mr. Gupta--
Mr. Gupta. The ongoing data collection that is being talked
about--
Chairman Duffy. I am going to reclaim my time. These are
very specific questions.
Mr. Gupta. --does not include personally--
Chairman Duffy. I am going to reclaim my time.
Mr. Gupta. --identifiable information.
Chairman Duffy. A very simple question: Does the CFPB
collect personally identifiable information?
Mr. Gupta. Not as part of the--
Chairman Duffy. Yes or no?
Mr. Gupta. --ongoing market monitoring. The only extent--
Chairman Duffy. So I am going to translate that for the
American people. The answer is: Yes, they do.
Mr. Gupta. Only through the Consumer Complaint Database and
through the supervision process. Those are the only ways in
which any--
Chairman Duffy. So you are--
Mr. Gupta. --personally identifiable information comes in.
Chairman Duffy. I don't care about--
Mr. Gupta. And it is scrubbed before it is used by the
Bureau.
Chairman Duffy. --the parameters, Mr. Gupta, by which you
indicate they collect. They do collect. And GAO in their study
said, under arbitration cases, they collect personally
identifiable information; deposit advance products, they
collect personally identifiable information; and storefront
payday loans, they collected personally identifiable
information.
So they do collect it, and they do put the American
consumer at risk. That is when they have the information, and
that is not even talking about how we can reverse-engineer the
data points that they do have--
Mr. Gupta. Mr. Chairman, if I may--
Chairman Duffy. --to subject the American people to cyber
attacks.
Mr. Gupta. Those three examples are the only ones that they
found. The arbitration study was mandated by Congress. There is
no other way to do it if you don't get the arbitration cases--
Chairman Duffy. I am going to reclaim my time. That is very
different than what you tried to first say to this committee,
which was that it wasn't collected, and to now your clarified
statement, it is collected.
Dr. Calabria?
Mr. Gupta. No, what I said was that--
Chairman Duffy. I am done with--
Mr. Gupta. --none of the ongoing market monitoring--
Chairman Duffy. Thank you, Mr. Gupta.
Mr. Gupta. --collections include personal information.
Chairman Duffy. Dr. Calabria?
Mr. Calabria. I just wanted to make two quick points.
One was on the notion of oversight. If we said that somehow
Jamie Dimon is responsible to JPMorgan because he appeared in
front of his board twice a year, we would think that was
ridiculous. If we said that he was accountable because he
appeared before his regulator twice a year, we would say that
is ridiculous. So the notion that hearings are somehow what
constitutes accountability, and that is sufficient for an
agency, I think is, with all due respect, absurd.
But, more importantly, I want to get to the notion of--we
had a financial crisis. It was painful. Everybody agrees with
that. Mr. Gupta lists in his testimony a number of things on
the first page that the CFPB has done. Not one was the cause of
the financial crisis.
In fact, when the CFPB had an opportunity to deal with the
cause of the financial crisis in its qualified mortgage rule,
it punted. It gave up on checking credit, it gave up on
downpayments. Congressman Frank sat before this dais a year-
and-a-half ago and said that the most important part of Dodd-
Frank, the mortgage rules, were essentially gutted.
So, essentially, if we want this agency to actually do
something about the financial crisis, we have to recognize the
financial crisis was not caused by payday lending, it was not
caused by arbitration clauses; it was caused by shoddy
mortgages. And, again, in that instance, the CFPB--
Chairman Duffy. By chance--
Mr. Calabria. --completely punted.
Chairman Duffy. --from the GSEs?
Mr. Calabria. Yes. Again, GSEs are exempt. FHA is exempt.
We have basically said, anybody who had anything to do with the
crisis, with the exception of mortgage brokers--
Chairman Duffy. Is exempt.
Mr. Calabria. --is exempt from the CFPB. So let's not
pretend that this agency has almost even a loose connection to
the financial crisis.
Chairman Duffy. I find it hard to wrap my head around the
fact that, if you are accountable to the American people by way
of the Congress and through appropriations, if you disclose not
just the data that you collect but the purpose for that data--
for what are you using it?
The NSA has been very clear on the parameters on which they
use the data points that they collected on phone records. Tell
me if you disagree that the CFPB has not set out bright
guidelines for how this data is going to be used. They have
told us a few of the things it will be used for, but, Mr.
Abernathy, would you agree that they haven't been clear on how
and the limitations in which this data can be used?
Mr. Abernathy. That is one of the most significant concerns
we have, that they gather in enormous amounts of information,
keep the data in house, and then they parse out only the pieces
of it that will establish the positions that they have already
taken.
It is like being in a court case where the prosecutor says,
here is the information I am going to share, which shows that
you are guilty, but you don't have access to the other
information I have that might tell a different story.
Chairman Duffy. Thank you.
And I want to go to Mr. Gingrich, Speaker Gingrich, for one
quick second before my time expires.
The CFPB, whether you like it or not, has been empowered to
make rules. And I want to make sure that the rules that they
make are good rules, that they actually help the American
consumer and they help the American people.
But, Mr. Gingrich, do you think that they could obtain good
data by way of sampling as opposed to bulk data collection? I
know that you in campaigns have looked at a lot of polling data
that is pretty representative of the country as a whole. Could
we have the same impact if we were sampling as opposed to long-
term bulk data collection?
Mr. Gingrich. I think it depends on what you are trying to
accomplish. If what they want to know is if there are patterns
that should be looked at, you could do all that by polling.
But what you are seeing--if you just think about the logic
of what they are now doing, what you are seeing is an effort to
assimilate all of the consumer behavior of the United States
into one analyzable system for the purpose of a group of
bureaucrats making a decision about whether or not it is an
acceptable behavior.
Now, that is a very practical thing if you are in their
shoes. They would like to have the entire economy at their
fingertips so they have control so they can decide which parts
of the economy are inappropriate. I think that is really,
really dangerous.
Chairman Duffy. And my time has expired.
I now recognize for an additional 5 minutes the ranking
member, Mr. Green.
Mr. Green. Thank you very much, Mr. Chairman.
Let's go to you, Mr. Gupta. Now, Mr. Gupta, would you make
the distinction between market monitoring and the supervisory
activities with reference to enforcement?
Mr. Gupta. Yes. Would you like me to elaborate on that?
Mr. Green. Is the CFPB allowed to collect identifiable
information for market monitoring?
Mr. Gupta. It is not. The Dodd-Frank Act makes that
illegal, and the GAO found that the CFPB is obeying the law.
Mr. Green. And if someone has information to the contrary,
if you have information indicating that the CFPB is collecting
identifiable information for the purpose of market monitoring,
would you kindly raise your hand?
All right, Mr. Abernathy.
Mr. Abernathy. One of our concerns is that we don't know
what the Bureau is collecting--
Mr. Green. But you don't know--
Mr. Abernathy. --and what they are using it for.
Mr. Green. But my question to you is--
Mr. Abernathy. We don't know.
Mr. Green. --do you have any evidence of it actually
happening?
Mr. Abernathy. No one in America--
Mr. Green. You don't have any evidence of--
Mr. Abernathy. --knows what the Bureau--
Mr. Green. So you will now use conjecture and speculation
to in some way skew this issue such that people would be
confused.
That is what this hearing is all about: confusing the
American people so that they will now want to end the CFPB that
happens to be a benefit to them.
And Mr. Gingrich has gone so far as to say in his testimony
that it is imperative that we move toward abolishing the
Consumer Financial Protection Bureau--abolishing it, which, by
the way, is the same desire of some of these entities that he
works for.
It is important for the American people to know who is
working on their behalf. And you can confuse the American
people with enough of this rhetoric that we have heard today,
and they will be absolutely opposed to an entity that benefits
them, has sent back all of this money to them, some $11 billion
in relief to consumers. This would all be evaporated. It would
just go away. They wouldn't have an opportunity to get the
money back that they overpaid or the money that they suffered a
loss with reference to some kind of fraud or scam. They would
just be scammed. They would be defrauded.
The personally identifiable information is used so that we
can send the money to people.
Mr. Gupta, do you agree with this?
Mr. Gupta. I agree wholeheartedly.
Mr. Green. And, also, we might add that, as we go through
this process, it is very interesting that there seems to be a
sort of a stealth campaign that is taking place under the
radar--entities that can't be properly identified; you don't
know who is on the board of directors, if there is a board of
directors; massive amounts of money going to a 501(c)(3); an
entity indicates that it is going to spend over a million
dollars to take out certain Members of Congress. All of these
things are happening just to make sure that the CFPB is
emasculated and eviscerated if possible.
This is unbelievable. I agree with the ranking member; it
is hard for me to get my mind around some of the things that
are going on here. The people of this country are absolutely
being fed bad information. Yes, they are intelligent; yes, they
are smart; yes, they can sift the sand and find pearls of
information, but they can't do it if they are getting bad
information.
And that is what this is all about, which is why we have
put so much emphasis on what has happened with reference to
this stealth organization, this mystery organization.
And, to this end, I would like to correct one thing. I said
501(c)(3), and it is a 501(c)(4) organization. And there is so
much more to be said, but I do want to add into the record a
news article styled, ``Gingrich-Connected PR Firm Issues
Baffling Response to WSJ Disclosure Failure.'' And this is
where the amplification had to take place.
And I would also want to note that, in this Mother Jones
article, there is an indication that the Wise Public Affairs
Group set up this Coalition, this Consumer Coalition, so-called
Consumer Coalition, and that the members of the staff seem to
double as members of the Coalition.
Does anybody know of any board of directors, any member of
a board of directors associated with this Coalition? If you
know of a board member, raise your hand.
No one seems to. It is a mystery.
I yield back the balance of my time.
Chairman Duffy. The gentleman yields back.
I want to thank our witnesses for their testimony, and for
the rigorous debate that took place today.
The Chair notes that some Members may have additional
questions for this panel, which they may wish to submit in
writing. Without objection, the hearing record will remain open
for 5 legislative days for Members to submit written questions
to these witnesses and to place their responses in the record.
Also, without objection, Members will have 5 legislative days
to submit extraneous materials to the Chair for inclusion in
the record.
Without objection, this hearing is now adjourned.
[Whereupon, at 1:00 p.m., the hearing was adjourned.]
A P P E N D I X
December 16, 2015
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
[all]