Data Aggregation Principles
Retreating from an aggressive stance on data aggregation implicit in an
earlier request for input (RFI),1 the CFPB has laid out principles that will guide
its thinking about the extent to which third-party data aggregators can access
personally-identifiable information (PII) housed at banks and other financial
institutions. Most importantly for the long run is a principle establishing that
consumers own their PII and thus have rights to its use, distribution, storage,
and security.