[HN Gopher] CFPB finalizes personal financial data rights rule
___________________________________________________________________
CFPB finalizes personal financial data rights rule
Author : hn_acker
Score : 117 points
Date : 2024-10-30 17:55 UTC (5 hours ago)
(HTM) web link (www.eff.org)
(TXT) w3m dump (www.eff.org)
| toomuchtodo wrote:
| CFPB Announcement: https://www.consumerfinance.gov/about-
| us/newsroom/cfpb-final...
|
| Rule:
| https://files.consumerfinance.gov/f/documents/cfpb_personal-...
| arunabha wrote:
| And right on cue, wall street fights back! Expected, but still
| rankles as bit.
|
| 'JPMorgan CEO Jamie Dimon says 'it's time to fight back' on
| regulation' from
| https://www.reuters.com/business/finance/jpmorgan-ceo-says-i...
|
| The comment from Dimon is the cherry on top.
|
| 'Dimon said he was not against open banking but noted that it
| could compromise consumer data and lead to fraudulent money
| transfers and he was set to fight it.'
|
| His bank is happy to accept fraudulent checks and ACH transfers
| all day long, but his primary opposition to open banking rules is
| his overwhelming concern for his customers. Riiiight.
| toomuchtodo wrote:
| "It is difficult to get a man to understand something, when his
| salary depends on his not understanding it."
|
| You have an entire commercial banking industry that has been
| dependent on being able to capture inexpensive deposits from
| unsophisticated financial services consumers (they make the
| spread between the ~0% they offer on demand deposits and what
| they can lend at), as well as charging exorbitant fees to move
| value around, and that is all coming to an end with open
| banking and FedNow instant payments. Sad folks gonna sad.
| You're a utility, sorry to say.
|
| (obligatory credit union plug here)
| SoftTalker wrote:
| Credit Unions are typically better, but not always. Fees can
| still be high and interest rates low. You still have to
| comparison shop and do some due diligence.
| toomuchtodo wrote:
| Certainly, but they are not profit motivated in the same
| way a commercial bank is. Do your due diligence.
|
| https://mycreditunion.gov/about-credit-unions/find-join-
| star...
| wbl wrote:
| Yeah and S&Ls would never participate in the credit
| cycle.
| PittleyDunkin wrote:
| > Certainly, but they are not profit motivated in the
| same way a commercial bank is. Do your due diligence.
|
| How is profit motivation supposed to help the customers
| of a bank? On paper this is just as customer-hostile as
| with any other industry--profit is waste that
| fundamentally should be going to employees and customers.
| tivert wrote:
| > "It is difficult to get a man to understand something, when
| his salary depends on his not understanding it."
|
| I don't think the issue here is that he doesn't understand. I
| think the issue is he's lying.
|
| He's almost certainly starting with the policy that he wants
| for his own self-interest, then working backwards from that
| to come up with BS arguments for it that sound good. He's not
| an idiot so almost certainly knows full well what he's doing.
| jfengel wrote:
| Yeah, it was nice having a Consumer Financial Protection
| Bureau. It's on the chopping block under Project 2025:
|
| "the next conservative President should order the immediate
| dissolution of the agency--pull down its prior rules,
| regulations and guidance"
|
| So don't get too used to your new financial data rights. We'll
| know Tuesday if you'll ever get a chance to apply them.
| sailfast wrote:
| The notion that a president can do this unilaterally without
| Congress is very strange. While I understand the laws and
| norms around executive authority are often pushed against,
| you cannot legally defund an entire agency by executive
| order. (Or create one for that matter - I'm looking at you
| "Government Efficiency Administration" or whatever the heck
| they keep talking about.
|
| "Down with bureaucracy!" "Isn't that bureaucracy? A whole
| organization that focuses on waste?" "Yeah, but it's MINE. I
| only want down with YOUR bureaucracy."
| jkaplowitz wrote:
| It's true that an executive order cannot legally defund the
| CFPB, but since SCOTUS gave the President the right to
| remove the CFPB Director without cause, the President
| absolutely can cripple the agency by that type of executive
| action rather than by defunding it.
| mikeyouse wrote:
| Even his chosen appointee was a big fan of $1 fines to
| companies who defrauded customers. One of great
| 'victories' of the small government types who've been in
| power is rendering many of the agencies they were
| responsible for to be completely ineffective. Why fight
| to protect the CFPB if they're a tool of the companies
| they're supposed to police? It's extremely important to
| keep these agencies independent and aggressive in seeking
| justice/recompensation.
| jshier wrote:
| Yeah, we saw exactly this across the executive branch the
| last time this guy was in power. Intentionally corrupt or
| feckless appointees who blocked or simply failed to
| approve any action on the part of the agencies they
| nominally ran. What does it matter if you don't
| completely dissolve the EPA if you just have your stooge
| redefine the EPA's job, or what pollution means? Of
| course, that's been the typical Republican approach for
| decades. Now they're full mask off for round two and will
| be working to completely dismantle the administrative
| state altogether.
| dylan604 wrote:
| Why do you think the next conservative president would need
| to do it unilaterally without Congress? There's a good
| chance that the next conservative president would also have
| a conservative Congress.
|
| It's not outlandish at all
| sangnoir wrote:
| They could also flex their newly found immunity when
| executing "official duties"
| PittleyDunkin wrote:
| > you cannot legally defund an entire agency by executive
| order.
|
| Of course you can, if people accept it. This dynamic is
| massive in the last three decades and is only going to
| grow.
| mmooss wrote:
| To add context:
|
| The large banks just destroyed, through intense lobbying, what
| was called Basel III Endgame - a long-planned, carefully
| implemented regulatory structure designed to prevent future
| catastrophes like 2008. The Federal Reserve pretty much openly
| said they gave into pressure.
|
| The problem with capitulating to make peace is that you don't
| get peace: The attacker is emboldened and tries for more, and
| now has precedent and momentum in the eyes of third parties.
| teeray wrote:
| So does this mean we can finally have APIs for personal financial
| software without resorting to the ickiness of putting credentials
| in Plaid?
| ryandrake wrote:
| Giving a third party your banking credentials is not just icky,
| it probably violates your online banking terms of service, and
| is obviously terrible for security. This practice really needs
| to die yesterday.
| hollerith wrote:
| Of course it violates the terms of service written by your
| bank.
|
| Your bank would make it illegal to even talk about your
| banking transactions with anyone other than your bank if they
| could.
| dylan604 wrote:
| at the same time, the banks are happy they don't have to
| spend the money to develop those APIs themselves.
| _boffin_ wrote:
| Actually... not as much as you think. Go read Wells Fargo's
| policies.
|
| The gist of it: if you give it to someone, that's on you.
| sq_ wrote:
| I've been happy to see more and more of the banking-related
| services that I use stop requiring that and give each other
| actual API access.
|
| I absolutely refuse to hand over my credentials and cannot
| wait for the practice to die.
| Aspos wrote:
| The fact that plaid was allowed to exist and grow into a
| monster tells a lot about incompetence/impotence of the
| regulators.
| eternityforest wrote:
| What would actually happen if Plaid or the like was hacked?
| Would people lose money or would they be able to reverse it
| all?
| hggigg wrote:
| Having seen how this shit works behind the scenes I'd rather do
| it manually.
| buffington wrote:
| I'd love to hear what you saw that motivated this. Care to
| share?
| hggigg wrote:
| Account holder migration between two major international
| banks. Subcontracted out to the lowest bidding outsourcer who
| operate some major enterprise messaging bespoke piece of crap
| bought from IBM which is held together with sticky tape,
| string and smeared in dog shit and requires hand holding 24/7
| due to the sheer amount of bugs in it.
|
| I found this out because the company I was contracting for
| was trying to get the open banking API working against one of
| the banks and we ended up having to speak to four parties
| over an simple encoding issue that no one at any org could
| understand. It was basically the spider man pointing meme.
| One set of outsourcers blaming another set of outsourcers
| while their local managers were doing the same. No one even
| understood or communicated the issues.
|
| When you do something at a bank and it takes longer than
| expected it's that sort of shit happening.
| AshamedCaptain wrote:
| ah, you mean there are still more than two banks customer can
| choose from? and for how long?
| stronglikedan wrote:
| Unless you have a _very_ narrow use case, there has _always_
| been a plethora of banks to choose from.
| bob1029 wrote:
| Banking with a more local institution can make all of the
| difference in the experience. It would probably blow your
| mind if you've never done it. Maybe try a mid-size bank that
| operates in a few states if you are concerned with going too
| small.
|
| If you are banking with Wells Fargo or BoA, you are getting
| exactly what you signed up for. A customer base so large that
| they have no choice but to treat you like a row in a database
| (i.e., a piece of shit).
| koolba wrote:
| There's four banks with over $1T in assets, eight with over
| $500B, nineteen with over $200B, and 29 with over $100B:
| https://www.federalreserve.gov/releases/lbr/current/
|
| I'd argue there's exactly four banks to choose from if you
| plan on holding more than the FDIC limits at any one bank as
| I'm not as confident the rest would have an implicit "too-
| big-to-fail" guarantee.
| barryrandall wrote:
| Most of those banks' customers would be better off at one
| of the thousands of credit unions in the US.
| naniwaduni wrote:
| - If you demand more than an FDIC limit of liquidity in
| cash, you're not really in the same market for banking
| services as most natural persons. If the off-the-shelf
| banking products don't do it for you, you should probably
| be shopping around and negotiating.
|
| - Private insurance is stil a thing. Banks are like some of
| the most underwriter-legible institutions known to man.
|
| - Four is a bigger number than two anyway.
| kasey_junk wrote:
| If you are going to hold more than the fdic limits you
| should use one of the myriad of products designed for that
| rather than using hope as a risk management technique.
| They've been around for decades and are a normal part of
| any wealth protection strategy.
|
| For better or worse US governmental policy is to encourage
| myriad amounts of banks, and it's worked given we have more
| than any other nation by a long stretch.
|
| In fact a lot of the disfunction in our banking system
| comes from the fact that we have too many banks.
|
| No knowledgeable person thinks Americans lack for choice in
| banking.
| 0cf8612b2e1e wrote:
| I hate that I am so pessimistic, but I will hold my breath until
| the Supreme Court says why nobody has the authority to tell banks
| what to do.
| Molitor5901 wrote:
| Unfortunately it will still come down to the bank wanting to do
| business with you. I believe at the end of the day, if you
| don't agree to what the bank wants of you, and from you, they
| will debank you. There is no right, or even a law, that the
| bank has to give you an account.
|
| This is a good decision by the CFPB but it's a drop in the
| bucket.
| jerf wrote:
| The Supreme Court did not say that no Federal agency can do
| anything, ever.
|
| You can tell by the way the Federal agencies are still, you
| know, there. Doing things.
| skybrian wrote:
| Dismissing fraud as a problem makes it sound like there's no
| tradeoff here. I think we all know that in real life, fraud
| actually is a pretty big problem? Though they're self-interested,
| I expect that banks know it too.
|
| It doesn't mean you shouldn't be able to export your data, but
| this is a sensitive operation that maybe shouldn't be too easy.
| People are definitely going to be tricked. The individualistic,
| libertarian assumption (that customers are responsible adults who
| know what they're doing) is known to be false by anyone who has
| worked in a customer support role.
| throwaway48476 wrote:
| Fraud is only a problem for international transactions. The
| rest can be handled by lawyers.
| Nifty3929 wrote:
| At great time and expense, while you have bills to pay and
| someone else has your money.
| ilaksh wrote:
| If you don't like what banks do, then learn about the
| technologies that can replace them today.
| barumrho wrote:
| Do you mean bitcoin/crypto or did you have something else in
| mind?
| ilaksh wrote:
| I think most people don't really know what those things are,
| or what the fundamental concepts are, so I recommend people
| research decentralized technologies that are related to money
| from scratch.
| renewiltord wrote:
| This seems impossible without Chevron Deference. I doubt one can
| exercise one's rights under this.
| daft_pink wrote:
| Does anyone else feel like Apple's app store rules have more
| teeth than this? Lobbyists have already or will soon be gutting
| this for sure.
___________________________________________________________________
(page generated 2024-10-30 23:00 UTC)