FHFA will manage the database and share it with CFPB. A CFPB internal
planning document for 2013-17 describes the bureau as monitoring 95
percent of all mortgage transactions.
FHFA officials claim the database is essential to conducting a monthly mortgage survey required by the
Housing and Economic Recovery Act of 2008 and to help it prepare an annual report for
Congress.
Critics, however, question the need for such a “vast database” for simple reporting purposes.
In a
May 15 letter to FHFA Director
Mel Watt and CFPB Director
Richard Cordray, Rep.
Jeb Hensarling, R-Texas, and Sen.
Mike Crapo, R-Idaho, charged, “this expansion represents an unwarranted intrusion into the private lives of ordinary Americans.”
Crapo is the ranking Republican on the Senate Banking, Housing and
Urban Affairs Committee. Hensarling is chairman of the House Financial
Services Committee.
Critics also warn the new database will be vulnerable to cyber
attacks that could put private information about millions of consumers
at risk. They also question the agency’s authority to collect such
information.
Earlier this year, Cordray tried to assuage concerned lawmakers during a
Jan. 28 hearing of Hensarling’s panel, saying repeatedly the database will only contain “aggregate” information with no personal identifiers.
But under the April register notice, the database expansion means it
will include a host of data points, including a mortgage owner’s name,
address, Social Security number, all credit card and other loan
information and account balances.
The database will also encompass a mortgage holder’s entire credit
history, including delinquent payments, late payments, minimum payments,
high account balances and credit scores, according to the notice.
The two agencies will also assemble “household demographic data,”
including racial and ethnic data, gender, marital status, religion,
education, employment history, military status, household composition,
the number of wage earners and a family’s total wealth and assets.
Only 12 public comments were submitted during the 30-day comment period following the notice’s April 16 publication.
The mortgage database is unprecedented and would collect personal
mortgage information on every single-family residential first lien loan
issued since 1998. Federal officials will continue updating the database
into the indefinite future.
The database held information on at least 10.1 million mortgage
owners, according to a July 31, 2013, FHFA and CFPB presentation at an
international conference on collateral risk.
FHFA has two contracts with CoreLogic, which boasts that it has
“access to industry’s largest most comprehensive active and historical
mortgage databases of over 227 million loans.”
Cordray confirmed in his January testimony that CoreLogic had been retained for the national mortgage database.
The credit giant Experian is also involved in the mortgage database
project, according to an FHFA official who requested anonymity.
Rep. Randy Neugebauer, R-Texas, who sits on the Hensarling panel and
who has followed the mortgage database’s development, said he was
“deeply concerned” about the expansion.
“When you look at the kinds of data that are going to be collected on
individuals, just about anything about you is going to be in this
database,” he told the
Examiner in an interview.
Critics of the database span the financial spectrum, including the U.S.
Chamber of Commerce‘s Center for Capital Markets Competitiveness and the National Association of Federal Credit Unions.
In a May 16 letter to FHFA, NAFCU’s regulatory affairs counsel,
Angela Meyster, said the database “harbors significant privacy concerns”
and “NAFCU believes greater transparency should be provided by the FHFA
and CFPB on what this information is being used for.”
Meyster told the
Examiner that “it goes back to the breadth
of information that they’re asking for without really speaking to what
they will be used for.”
Meyster said she was unconvinced. “It seems they’re just adding
information and they’re not really stating where it’s going or what it’s
going to be used for. There’s no straightaway answer. They say they are
trying to assemble as much information that they can.”
Neugebauer agreed. “Why are we collecting this amount of data on this many individuals?” he asked in the interview.
The Chamber of Commerce said that while Congress did ask for regular
reports, it never granted FHFA the authority to create the National
Mortgage Database.
“Congress did not explicitly require (or even explicitly authorize)
the FHFA to build anything resembling the NMD,” the Chamber told Watt in
its May 16 letter.
Cordray in his testimony told the House, “We’re making every effort
to be very careful” but he could not promise there would never be a data
breach.
Neugebauer said the hacker threat is real. “If someone were to breach
that system, they could very easily steal somebody’s identity.”
Meyster said she doubts the government can protect the data. “We’re
essentially concerned that these government systems don’t have the
necessary precautions to make sure that individual consumers are
identified through the database,” she said.
Computerized theft of government and commercial data is a major
concern for federal officials. Indictments were made public last week
for
five Chinese military members who allegedly hacked into the computer systems of six American corporations.
A
December report
from the Government Accountability Office on breaches containing
personally identifiable information from federal databases shows
unlawful data breaches have doubled, from 15,140 reported incidents in
2009 to 22,156 in 2012.
A May 1 White House
report on cybersecurity
of federal databases also recently warned, “if unchecked, big data
could be a tool that substantially expands government power over
citizens.”
