>> the oversight investigations subcommittee will come to order. the time at the hearing is examining the consumer financial protection bureaus mass data collection program. without objection the chair soccer sadrist to declare recess of the subcommittee at any time and without objection all members will have five legislative days in which to submit extraneous materials to the chair for inclusion in the record. the chair recognizes himself for four minutes to give an opening statement. the consumer financial protection bureau is fundamentally passed with protecting americans from unfair or deceptive and abusive financial practices. ironically as it was sold of a massive data collection activities the cfpb is putting all americans all of us at risk. from january 2012 to july of 2014 the cfpb carried out 12 large-scale data collections including the monthly collection

of data affecting hundreds of millions of credit card accounts, 173 million mortgages as well as information on 10.7 million consumer credit reports. five of these data collections are ongoing. not a day goes by that americans are not made aware of yet another breach of their sensitive information whether it's in the public or private sector vast collections of personal consumer data are prime targets for cyber attackers. aside from the fact that cfpb does not need to be collecting information to carry out its tributary mission it's troubling is not taken more perfect steps to secure this data. in fact before this committee last year cfpb director cordray said he could row of the potential for data breach at the bureau. we now know and the american people don't know how much personal identifiable information or pii they retain.

how that is protected with the bureau plans to do with all that data. will the cpb claims it collects very little data that contains pii collecting non-pii data may endanger consumers. a recent study published by m.i.t. led researchers found that four pieces of information about a person's credit card transactions was enough to re-identifying the anonymous credit card data and 90% of the cases that they study. dodd-frank granted the cfpb expensive and intrusive authority with very little accountability or oversight. however the cfpb's data collection programs appear to exceed the mandate included in dodd-frank. under the guise of its supervisory monitoring and examination authorities the cfpb appears to have subordinated consumer's interest with the data collection programs. what is more concerning for the cfpb claims to be an information

driven agency it seems the cherry-picked data to justify pursuing a politicized rule-making agenda. for publishing unverified consumer complaints on this web site using unreliable methodologies for auto lending the agency has proven time and time again that it will present only the most convenient of quote facts for its purposes. not bleeding data to validate a regulatory outcome is not sound public policy. this is junk science. the cfpb's focus on responding to actual allegations of consumer fraud and discrimination rather than collecting data for the purposes of undertaking costly and abusive expeditions that i welcome our panel here today of witnesses and i look forward to hearing from them as they present their testimony. i nagged you five minutes to the jumo protects is the ranking member mr. green for five

minutes for his opening statement. >> thank you very much mr. chairman but i would like to thank the witnesses for appearing and i would like to acknowledge the presence of the honorable former speaker of the house and for our purposes today because he was the speaker i shall refer to him as mr. speaker. i am mr. chairman antithetical to most of what you said and i am also concerned about something that has occurred. mr. speaker, someone owes you an apology and someone owes you an apology because on the memos that i have received and on the witness list you are acknowledge to to have been the former speaker the former speaker of the house and indeed you should be but there is no acknowledgment of your affiliation with the u.s.

consumer coalition, and generally speaking this is what we do here. i have a document that i shall ask unanimous consent to be placed in the record. >> without objection. at this document is dated july 23, 2015 on the financial services majority staff and its members of the committee about the dodd-frank act five years later. and it indicates that we were having the -- to appear in the case that he was senior partner of u.s. policy metrics and he's a former united states senator. the honorable bradley miller of counsel with grayson ellsworth llc and former member of

congress. i'm going to ask unanimous consent that the record be corrected so that it will be indicated on the memo and the witness list that you are mr. speaker, you are associated with the u.s. consumer coalition. i ask unanimous consent. >> if that's the case, without objection. >> i would also indicate why i have done this mr. chairman. he wrote quite a few articles concerning this coalition, this group. it appears to be a corporate owned and subsidized synthetic grassroots organization.

the activist consumer organizations know very little about it. the 501(c)(4), no way to ascertain who really funds it and i think it's very important for us to know who is really coming after the cfpb, and this organization has a mission statement that coincides with much of what has occurred here in the congress of the united states of america. so i'm going to have to yield some time to the ranking member but i think it's important for us to go into this. i have several articles that i will be entering into the record and having to use the speaker's statement for today. i'm going to assume that is just an oversight because nowhere in the statement does it indicate his affiliation with the u.s. consumer coalition. this oversight has occurred or

than once because it appears that "the wall street journal" said to issue an amplification of the result. this is something that has been called to our attention by various sources, one being media matters. but this i will now yield the remainder and residue of my time to the ranking member. >> thank you very much. i appreciate the time. as we sit here today to talk about the cfpb data collection practices, the cfpb uses the dated users to collect potentially harmful products are not permeate the market to inform the agency's rulemaking effort to conduct critical supervisory oversight and to return money to consumers that have been harmed. unfortunately my colleagues across the aisle are not here today to discuss data collection

practices. instead, this hearing is simply another blatant attempt to mischaracterize the bureau's data collections activity is harmful to consumers. how do we know this? because the chairman of this committee previously sponsored a bill that was enacted with the authorized creation of a national mortgage data repository that will collect the same individualize personalized data that republicans shamed the cfpb for collecting and that's the subject of this very hearing. currently most of the data that the cfpb collects his public and not personally identifiable. but the gao and the cfpb inspector general have indicated that the cfpb is generally compliant with data privacy and security laws. nevertheless my republican colleagues are here today to again criticize and under vine and agencies that is returned more than $11 billion to

25 million americans. i yield back. >> the gentleman yields back the time that she does not have. the chair recognizes the vice-chairman of this committee mr. fitz patrick for an opening statement. >> thank you chairman for the hearing and welcome to the witnesses this morning. increasingly our cyber and the structure and private records are becoming targets of state and nonstate actors alike. i want to remind anyone here that the personal information from the opposite personal management and i suspect we oversee that letter were significant breaches of consumer data that occurred. any organization especially an agency of the federal government in nine states which consumer data and stored in a single location as the cfpb does especially when according to a gao study the cfpb lacks documentation is for the security protocol to store private consumer information in

a manner sake from hackers. what's more it seems though that the date is off limits to the cfpb. while congress has not been provided a complete picture of these actions we know one of these collections yielded data on 173 million laws would tour to the hearing and today's witness testimony we hope that allows us to develop a better understanding of its practice and if there is a legitimate need for federal practices to continue. i yield back. >> the gentleman yields back. i now want to welcome our witnesses and because they do want to at what point guitar testimony and not going to spend an hour giving all of the things speaker gingrich has done. what i have realized recently though he is a fictional author and just wrote a great look which my wife is completing. it's a page-turner. i didn't realize that but i am going to stick to the basics. he was elected to congress in 1970 from the sixth district of georgia and this will now begin the speaker the house in 1995 to

1998. speaker gingrich welcome and thank you for being here. i want to welcome mr. wayne abernathy. the executive vice president for financial institution policy and regulatory affairs at the american bankers association. welcome. dr. calabria welcome again. he is the financial, the director of financial regulation studies at the cato institute and finally but not least mr. deepak gupta is the founding principle of gupta kessler in washington d.c.. welcome panel. each of you are going to be recognized for five minutes to give an oral presentation of your testimony. without objection the witness's testimony will be made part of the record following their oral remarks. once the witnesses have finished their testimony each member the subcommittee will have five minutes within which to ask the panel questions. as her mind of many of you know this but on the table you have three lights. one is green and that means go,

yellow means you have a minute left and red means you're time is up. i would note if you get a question why your light is yellow i will give you the leniency to finisher question is a goes on to read but please go on for a minute or two. the microphones are sensitive so please make sure you are speaking directly into them. in fact speaker gingrich welcome and you are recognized for your five minute presentation. >> good morning and thank you for allowing me to be here. i do want to say about mr. green's concern if either he or his staff would read the testimony they would find on page three i describe my relationship as an advisor to the u.s. consumer coalition but the subject of today's hearing is important and that we have an agency collecting more information about american's private lives than any bureaucracy deserves for reasons unrelated to national security.

it's also important a broader sense. today the consumer financial protection bureau is so far outside the historic american system of constitutionally limited government and the rule of law it's the perfect case study of the pathologists and bureaucracies at the federal level. it's dictatorial, it's unaccountable, is practically unrestrained and expanding on its expansive mandate from congress and its contemptuous for the right studies and preferences of ordinary americans. the cfpb is all of these things as are many of our large district of bureaucracies in the city, a huge problem. the cfpb is an especially good symbol of these methodologies because of its unique structure among regulatory agencies. in the dodd-frank wall street performing consumer protection act that created the bureau congress berrien wisely in my opinion gave up two of its core constitutional powers for

reining in executive branch agencies. first the cfpb is not subject to the annual congressional appropriations process and instead is funded out of a fixed portion of the federal reserve's budget and ineffective at bureaucratic slush fund that is self defined by the brocker sees on their behalf. second instructor can be fired only by the president and then only under limited circumstances because dodd-frank prohibits protection, dodd-frank protection from being removed by congress. for all practical purposes this means the bureaucracy is free to do whatever it wants in the broadest interpretation of its authority without fear of losing its funding or its leadership. this is a very dangerous recipe for petty dictatorship and its completely foreign to the american model. i always remind people lord acton's faith -- famous dictum power tends to corrupt.

absolute power corrupts absolutely and notice he just attends. no better example of the corruption of power than this agency which is totally secret, totally unaccountable spending vast amount of money having huge cost overruns and doing what ever wants to to have to whoever feels like doing it too. we know this is dangerous because we have watched the bureau's behavior over the past four years. we have seen the contempt with which it treats congress and the american people. the cfpb is prohibited from regulating car dealers. it's done so anyway. it's an absurdly inaccurate technique which by the way in the private sector would lead to lawsuits over fraud. accuse them of racial discrimination and extract find from companies and auto finance companies. he your government is a bully and your government is a blackmailer. this hearing is another good example of cfpb soper reached

one i also discussed to my own article in "the wall street journal" last summer. the cfpb is prohibited in section 1022 of dodd-frank from collecting personally identifiable information on americans but the bureau is doing so anyway and it's doing so on a massive scale. the most controversial collection programs are much less compelling reasons. the cfpb says it aims to monitor at least 95% of all credit card transactions in the u.s. by 2016. toward that end the bureau is collecting data from at least 600 million credit card accounts each month. that's 7 billion records in the last year alone. it's not just credit card data. the cfpb is gathering data on private markers every month, 5.5 million student loans, and hundreds of thousands of auto sales credit -- these intrusive

data operating art taking place without consumer's knowledge and without the ability of consumers to opt out. unless there are occasional oversight hearings with his consumers are unaware that government bureaucrats are pouring over their credit card transactions looking for products to regulate. the cfpb is scooping up or information about law-abiding americans than any government agency should be permitted to collect for reasons unrelated to national security or law enforcement. in fact in a recent poll conducted by zogby the dealer's consumer coalition which i happen to -- let me repeat that census director but i want to share particularly with mr. green staff were to happen to advise. i'm not secret about the relationship. one in five americans said the cfpb should be allowed to gather credit card statements without consumer's knowledge. those were concerned about the intelligence data collection effort i don't see how you can

be worried about the potential for abuse and the justified lack of transparency and national security agencies and not be concerned about the same dangers in this large amount of bureaucracy armed with similar kinds of information. this is the absurdity of being told homeland security will not look at facebook pages of foreigners out of concern for the privacy while cfpb is gathering up all this data. let me just say certainly for the purpose of preventing terrorism to cfpb should need a warrant to. what we have at the cpfb is an agency not accountable to congress or the american people. an agency that is stretching the boundaries of its authority as far as a canopy or proceed which for all practical purposes is out of control. as the mac and peoples represents a congress that should bother you no matter what side of the aisle you're on and whatever you think are the preferred regulations. it's imperative that we move moved toward abolishing the

consumer financial protection bureau and at the very least subject it to annual appropriations process in addition to restructuring its leadership to make sure it's accountable to congress. thank you i look forward to your questions. >> mr. abernathy you are recognized for five minutes. >> thank you chairman duffy and ranking member green for this opportunity to testify. my name is wayne abernathy. the customers of thousands of member banks were affected by the actions, policies and decisions of the consumer bureau. the bureau has enormous authority for retail financial property, those who provide them and therefore over the people who use them. this power comes with little more than phenomenal oversight and accountability. it would be hard to find a federal agency where the gap between regulatory power and public accountability is greater

officials repeatedly assert that the bureau as a transparent and data-driven agency. public exposure and data are to be the checks on the natural tendency for any such agency to stray into arbitrary actions. i emphasize the bureau is governed by one person. no one in the agency can address him without ultimately bending to that one person's policy judgment. knowing that at some point in the discussion at will and with yes sir. we welcome the subcommittees inquiry into the question of how strong a check on arbitrary behavior are the bureau's data policy. and practices. how much is the bureau in fact data-driven and by which data, from which sources and how would we know? director cordray stated the

following quote at the consumer bureau we are dated driven agency. the best decisions will be those that are best informed and quote. the bureau strategic plan for fy2013 through 2017 includes the following quote, we take in data manage its storage sure to properly protected from unauthorized access unquote and this from the bureau's web site on a page titled. transparency is at the core of our agenda and it is a key part of how we operate and quote. we support those statements. the bureau practices however have not lived up to the standards and there is little to require that they do so. the dodd-frank at the expense of the bureau impressive authorities while requiring information. the oversight structure is much less impressive. problematic for a data practices

have undermined the effective use of data to serve as a check on arbitrary action and weakens the quality of policymaking placing at risk of bureau's mission to protect consumers. in my written statement i discuss several examples which i will merely list for you at this point. public disclosure laws such as the paperwork reduction act while cherry-picking data. in selected data samples the bureau's skews results and mischaracterizing consumer markets. the bureau has misrepresented its data-gathering on overdrafts unless web site the bureau publishes unverified complaint information. interpreters instead of the bureau ignores its own data. to promote its policy on indirect auto lending the bureau has manufactured data that does not exist. i'll explain briefly one of these as an example. in verified complaint information. the bureau publishes on its

webpage at the top of which are the words and official web site of the united states government. they publish consumer complaints that are unverified for accuracy or ferocity. by adding their voice consumers help improve the financial marketplace and quote. but how can this be true if the information provided is unreliable and misleading? what would disappear offer to protect the consumer from acting on erroneous information published on the bureau's own web site? aba offers for recommendations in our written statement. i would emphasize our report. the governance of the bureau should be changed from a sole directorship to governance by a bipartisan commission. with a bipartisan structure weekend light from a variety of different people posing different questions from different backgrounds all more

likely to poke and prod the data and all of them likely to be intolerant of information. on behalf of aba and its member banks and all business models serving hundreds of millions of people, our customers and your constituents impacted by bureau decisions by the consumer bureau i want to thank the subcommittee for this very important hearing could i would be happy to respond to any questions right now. >> thank you. dr. calabria you recognize. >> i thank you for the invitation to appear in today's word hearing. the concerns i will raise are not unique to the cfpb. they apply across the federal government. let me know that my colleagues and i indicate we have consistently raised these concerns regardless of politics or the mission of the agency that we have been vocal in abuses of law enforcement and national security. we expend more resources trying

to undo party doctrine so again this is not something new to us pretty bad we have spent more time on the patriot acts that we have on surveillance of the consumer protection bureau so against this is nothing new for us. let me also -- the massive data collection is one of choice. there's no explicit mandate or requirement for this level of data collection. if someone who is priebus matches one of the offices that have been transmitted cfpb i can say the extent of this data collection is unnecessary to fulfill its responsibilities. nearly doubled enforcement to increase enforcement action we did so without having to resort to a massive dragnet of consumer data. unfortunately -- the problems with respa and their consumer financial protection are the underlines that choose which i greatly encourage congress to

revisit. we have seen this play out in the air of national security where the public is repeatedly told that if only we had more data various attacks would have been avoided. repeatedly the intelligence failures we witness are not from a lack of data. there are from an inability to connect the dots. similarly the financial crisis was met with demands for more data. the overheated housing and mortgage markets are not obvious enough from aggregate data. they were obvious to me of a decade ago. of course we are regulators ignore them and of course more data does not necessarily help you but you continue to ignore. the cfpb -- has engaged in at least 12 large-scale data collection efforts through the least. these include information not directly identifies individual consumers. combining this information with other sources could allow information to be identified on consumers. in my opinion granted as a monthly or i believe these

collections do not comply with the right to financial privacy act and let me state as a formal federal employee subject to the opm bridge i don't trust any part of the government with my data. the cfpb or otherwise. consolidating this financial information one place the cfpb has left consumers extremely vulnerable to hackers and identity theft. those are the lead threats from outside the bureau. of course in the cfpb data collection poses significant threats to our fourth amendment protections which apply to everybody. bo a checking account may well record the citizens activities opinions believes as fully as the transcript records. credit cards are today's checks. such current concerns are not reflections of the watergate era. as recently as 2012 justice sotomayor correctly observed quote awareness of the government may be watched

associational and expressive freedoms. governments unrestrained power to assemble data that reveals private aspects is susceptible to abuse. justice sotomayor's words not mine. medications purchased on line by retailers such a purchase could theoretically identify data collections. for a variety of reasons is i think this hearing is demonstrated across have the cfpb has become a highly partisan issue. we are to use its records of its critics in it attempt to silence his critics who would not be the first agency to do so in this institute we receive our donations via credit card and this is a very robust and certainly one that we worry about. i will only quote justice thurgood marshall who observe quote the technique of examining bank robert records is unfortunately not a real one. as someone who takes a stand at some pub in washington i shared

the concern. my suggestion would be the cfpb and data collections but i would submit there is more than enough work to do responding to consumer complaints. i think the subcommittee for their time and look forward to your questions. >> mr. gupta you are now recognized for a summary. >> i will make three points this morning based on my perspective as a former cfpb official and an advocate for consumers including data privacy cases. first privacy and the security of consumer data are important issues and if they subcommittee were really concerned there are real problems we could be addressing. a major data of breaches in which credit card information was stolen from consumers at target and home depot for example. the subcommittee hasn't held a single hearing of those real-world threats. instead we are having a hearing of the imagined problems that exist only in the minds of the cfpb political opponents.

in fact if you asked the consumer privacy groups they voice support of cfpb data collection efforts in their state been entered into the record today or will be. as one privacy advocate. the reason you don't hear from privacy or consumer groups is that the cfpb is not doing anything that concerns us nor for that matter isn't doing much differently than other regulators have always done. second, to the extent that is doing anything different the collection of data is creating the kind of oversight and consumer protection that we are we are missing before the financial crisis. for example the compilation of anonymous account level data and i want to stress that anonymous account level data from the credit card database has allowed the bureau to study important topics such as credit card marketing practices and the widespread use of force arbitration clauses in consumer contracts something congress requires the cfpb to study. data collection is crucial to the bureau's ability to identify systemic violations of consumer laws discrepancies and credit

score reporting and harmful effects from checking account overdraft programs to name a few examples. the cfpb data collection insures the agency's regulation and enforcement are data-driven and based on the best understanding of the market trends in empirical reality. that's the whole point of having expert administrative agencies in the first place. unless your profits come from deceiving comes consumers you should welcome the cf db data collection. i'm finally the existence of this hearing illustrates one danger that can occur when public officials don't case actions and data. we have a made-up controversy based on made-up facts. the cfpb is not spying on american citizens. it is not the nsa or does not interest in the details of people's personal activities nor would with the data the agency is currently collecting enable it to investigate those abuses even if it weren't just didn't say what you plan to buy tomorrow with your credit card

for a christmas present for your grandmother. in fact the vast majority of the data collected by the cfpb is already public such as data on mortgages already recorded in land records or auto sales on record with the dmv. most of it is aggregate level data aggregate data be, will moderate the transactional level design to be -- get agency picture what financial institutions not what individual consumers up to. the gao looks into this controversy and a detailed review found that none of the major problems that the cfpb's opponents have alleged exist or that the 12 major projects analyzed by the gao only three potentially involve any personal consumer data and the gao found the cfpb had taken steps to protect and secure the data it collects and has a system for anonymizing any material involving identifying information. i want to correct one and accuracy that i have heard several times already this morning.

none of the ongoing data collections but the cfpb contains personally identifiable information. the fact is then verified by the gao. agencies have been collecting the same things for years and nobody has complained. the story of consumer complaint in december. the inspector. the inspector general did an exhaustive review and uncovered no major problems but the 250,000 complaints examined the igs audit found accuracy rate of 99-point 99% an error rate of 0.01%. i wish most of the work products that emanated from this building for example could meet that accuracy standard. meanwhile the financial industry is collecting far more personally identifiable data that could open up real questions about consumer privacy jpmorgan chase released a report that came from a dataset of 12 million consumer transactions soap we are really worried about the collection of this country's data we should be more concerned about the private market developing this data.

the real problems with consumer finance it's unfortunate subcommittee feels the need to hold a hearing today on this non-issue. thank you for inviting me to testify and i'm happy to answer any questions. >> thank you panel. the chair recognizes by german the panel the gentleman from pennsylvania mr. fitzpatrick for five minutes. >> thank you for calling the hearing. it's critically important given the security breaches we have been hearing about and reading about and the private sector of the economy. most importantly in the public sector and most of those cases the average american citizen does not know that their information is being collected by the federal government or security has been breached. they just don't know that. speaker gingrich he talked about the two constitutional provisions within a state congress essentially walked away from in passing dodd-frank and creating the cfpb and you testified about the personally identifiable information of the

cfpb is collecting. i have two questions. first week concerned about the cfpb's ability to protect and secure that information from breaches and the second question is when you have an agency of the federal government essentially lacks the accountability or oversight from congress what is the interest or the vigilance the agency would have to protect that information? how is the cfpb different from other agencies? >> thank you for the question. let me say first of all anybody who believes that anyone has the ability to guarantee security of information is totally out of touch with the real world. when you look at the size of the breaches in new book of the number of actors around the planet and you look at the intensity which people are trying to figure out how to do this there is no place we can aggregate information unless you take a totally off-line that you will see a real true security. the systems are growing very

rapidly. they're getting much more sophisticated and we are going to be in a very different world words just like the wild west. this is not like 10 years ago and it's going to get worse. second i will point out in "the wall street journal" article i cited a stanford study on how to save metadata from telephones and connect them with individual identity and an m.i.t. study of credit cards of people say we are only gathering in personal information, the fact is they don't understand how that data has evolved in the fact that you can reassess and redefine people if you have enough data points. i find it much more frightening to have government bureaucracies that are uncontrolled having that level of information and power. the private sector, it is and it works if you are a citizen into bureaucrats show up at your front door. >> mr. deepak gupta -- had their

personal information or her fernand shahab was stolen from a database in cfpb how would you explain to her that it was necessary for the federal government to collect and store this information the first place? >> i would first explain to her the premise of the question is false because i said none of the ongoing collection efforts by the cfpb involve any personally identifiable information. that is verified by the gao report and pursuant to the statutory authority to the authority that this congress gave the cfpb to do ongoing market monitoring expressly comes with a limitation that says that market monitoring, that data does not include personally identical fashion to identifiable information and the cfpb is complying with that mandate. it's going to be because she provided as part of a consumer

complaint and that information is not going to be information that would be damaging. with the information it requires and allows agency to get in touch with her or for example when their supervision and enforcement in agency needs of persons information to get in touch with them to return to reimburse them. those are small exceptions. >> do you concur by constituents should have no concern? >> i do not concur. my read of it is clear that at least three of those programs to have personally identify with permission and there's also a question of can you take the information in those programs and link them to other programs that aren't personally identifiable and i think there's a real risk there. again as i noted in my testimony i was a victim of the opm breach. opm has now made sure i get a least a year of credit check free and that's very touching that i would personally like the chinese to give the money information back and not to use it. it's hard to close the barn door after the horses outside think

we need to get ahead. the point to react is not after the breached. >> i think most of us who were affected by the same breach would agree with you. i yield back rays the chair now recognizes the ranking member ms. slaughter for five minutes. >> thank you very much and let me welcome our panel is here today and specially speaker gingrich. welcome, welcome, welcome. speaker gingrich, who are you representing here today? >> i represent myself. >> what is the name of the pr firm you work for? >> the u.s. consumer coalition is not a pr firm. his organization has been raising questions, work with them and i've said that publicly and in fact in the testimony we submitted here. i think the questions they raised are very good ones. >> excuse me i'm not registered

in that right now. the coalition has hired a pr firm that you work for. you work with a pr firm firm. is at right? >> i work with the coalition. >> do work for the pr firm hired by the coalition? >> i would have to check to see. >> okay. >> we work with the coalition. >> with the ranking member yield if you would? mr. speaker i have your "wall street journal" article and there's an indication that the end that you are a paid advisor to the public affairs group that are you denying this mr. speaker? >> that was the question ranking members asking and i yield back to the ranking member. >> thank you very much and the coalition is funded by what industries? >> i don't know.

>> the coalition represents any other consumer groups? to the advocate for any other consumer groups or just organize to do with their concerns and the consumer financial protection bureau? >> my impression is they think that the threat from the cfpb is large enough that is their primary focus. >> mr. speaker is that exactly what they do just the consumer financial protection bureau? >> you'll have to call them and ask them. u.s. made by someone thing. >> i know you're very smart mr. speaker and he would work with somebody that you didn't know, who they are and what they do so that's why ascii but let me just move on because i know you understand how this place works. he talked about the fact that it's the only agency that operates in the way that it does it's the only agency that does not have to go before the appropriations committee.

do you now understand that to be true? >> that is certainly my impression. if you find other agencies that have perpetual life by drawing money and manners that has nothing to do the congress i think congress ought to hold hearings in ring them up in the constitution. >> are you aware of where for example they fhfa has one director appointed by the president and can only be removed by the president and does not go before any appropriations committee? are you aware of that? >> i was not aware of it. as such is said to the degree you'd like to give us it was give us it was that we could suggest a congress that they bring under appropriations. >> sir i knows you know how this plays runs and you ran it with a hands i know you understand how works. does the fdic go before an appropriations committee? >> only one subject to congressional supervision.

>> that was not my question. in terms of what the president is able to do in determining whether or not a director continues as director, the occ for example, the director can only be fired by the present in the same thing with the fhfa. is that correct? >> that's correct. >> and the fed they don't go before appropriations committee. >> they have been auditing the fed for that very reason. santa present can only remove the head of fcc come is that right? >> yes. >> so i want us to be clear when we could compare the consumer financial protection bureau with other agencies some of us are very appreciative that dodd-frank created the consumer financial protection bureau because prior to the meltdown, the recession that we entered into nobody was protecting the consumers. we have all of our oversight

agencies who basically were supposed to be responsible for soundness etc. but they did nothing for consumers. so now we have the consumer financial protection bureau and we have the whole effort to destroy it to the other side of the aisle has made this a top priority and everything that they do. just as mr. gupta said wealthy at this breach with target and others never have we had a hearing on any of that. i'm glad that you are here today but i want you to share your knowledge with us and tell us what you know and what you understand rather than some of the other stuff i'm hearing and i yield back a balance of my time. >> maybe you can ask -- the chair recognizes a drummon from colorado mr. tipton for five minutes. >> thank you chairman duffy. mr. speaker. >> i wanted to comment the gentlelady is pointed out all these perrysburg reseize were

responsible responsible for oversight prior 2007 failed to the answers let's build another prophecy to look after the failed bureaucracies is supposedly being appointed these bureaucracies failed? i think it's a fascinating difference of opinion and i appreciate your pointing out that we should have a study which cato may have of all the agencies that should be under congressional annual appropriations prevent thought that was a useful contribution. >> thank you mr. speaker. mr. gupta i would like to start with you with regard to personal information. you made the comment that no personal information is collected. is gender and identifier? >> is gender and identifier? gender standing alone with nothing else. >> would have included h.? >> there would be i identifier of those two together? >> we included those elements are those things that can be used to identify an individual? >> i take your point and you are right in a constellation of data

can be used to identify someone without their name in the sea of tb is very concerned about that. that's why in the gao report you will see they have the data intake team that carefully describes the data before it enters the bureau and is disseminated to ensure you don't have a constellation of data that can be assembled to identify anybody. >> mr. gupta under the cfpb would be mmbtu -- mnbtu they require gender age and -- mr. calabria we like to comment on that? >> again i would agree they only a small information is. >> as i pointed out in my testimony the federal reserve inspector general pointed out a significant amount of data collection is maintained by contractors on cloud computing which might pinion granted not an expert but leads to hacking.

i would certainly encourage the cfpb to bring that data collection. >> this gao report that cfpb does not have security protocols in place to secure this data? >> that is correct and that is a very big concern of mine the security of this data. >> if i could follow-up with you for a long time. her bodies the heart may be in the right place but we need to look at outcomes predicate a general sense going back to speaker gingrich's point that we have an institution right now to the cfpb that is completely off the books and congress has no control to be able to control it too directed. do you have a sense that we have a system in place that's continuing to build design to be able to find and punish rather than help and improve?

>> there's a fair-mindedness psychology literature but when people feel they are wrapped up in a cause that self-righteous and certainly the cfpb attitude we are crusade, we are going to fix a financial crisis. he saw the same thing in the intelligence community after nine 9/11. when you get caught up in this mentality to get blinders and you get tunnel vision. a lot of research clearly demonstrates that. >> and i would reference one of the citations in my testimony by cass sunstein about people who argued that the need to have procedures and checks in place so dissent is heard. the value of report is that somebody sits there and says just like this committee can have this dialogue in this back-and-forth there needs to be this back-and-forth and wayne talked about at the end of the day every employee at cfpb needs to say yes sir to mr. cordray. none of us have all the answers for this dialogue in this

back-and-forth in this give-and-take. you need that. there are other places that don't have those that don't do well. it was mentioned in another -- a number of agencies. we saw how that turned out. again the attitude come you can't have this give-and-take is critically important and also we need single direction is captured by the industry. i'm not a mathematician but the last i checked a thing would be easier to capture one person than to capture five. >> one thing that concerns me about this if we were to play the same rules to the cfpb that they are trying to apply to everyone else if we were getting ready to -- and again going back to the comments in terms of identifiers about a gender and identity you are collecting data with no consumer knowledge. how is the cfpb address the private sector? >> let me make two quick points. first of all the jpmorgan

example i can choose not to use jpmorgan and i can sue them if they distribute my data in a personal way. target took a big hit. you don't see any of this with the federal government but lastly we don't have to wonder how this works. the example weather is not personally identifiable information that you can leak it to the courthouse identities. not that hard. >> the chair recognizes mr. cleaver for five minutes. >> thank you very much mr. chairman. i thank all of you for being here. appreciate it very much. mr. speaker you may have misspoken and say that the cfpb was totally secret so i'm assuming -- this is not a catcher wrong question but when you made the comment i didn't

think you were saying that the cfpb was the agency. >> my impression is if you look at various hearings and various interrogatories that the leader of the cfpb has remarkably little interest in sharing with congress and whole range of information including the cost overruns including salaries and so forth. my impression is that they are remarkably secretive organization for a non-national securitization. >> i agree with you that is markedly secretive as opposed to totally secretive because it was totally secretive when it was hearing. tonight i'm happy to be amended to remarkably. >> thank you. mr. abernathy, do you think it's

important that we have evidence-based policies? >> absolutely congressman. in our view when you have an agency that would buy just one individual without all of the other checks and balances and oversight get out their agencies are subject to you are left with just one check and that is the exposure to the public. ..

>> >> but they have the series the elected officials and they are peers of one another and check their activities that prevents the use of data because they will say madame chairwoman there is more information you need to take into account no one is like that the bureau of copier or director. and most of those around the country but on people with

mortgages. you and to think about of the of commercial data that is available. does it not have a lot of data about individuals? we back they do. but what makes it different is the queue but the pieces loor dodd/frank there is virtually nothing that they cannot and with those enormous amounts of those data.

>> it is erroneous to say that but that is all that we do end maybe a the speaker was right. with the federal reserve they're all in the data collection business. we can create this attitude to give money to the taliban i did we take this too far. i yield back. >> appreciated very much we appreciate it. coming from the private sector for 35 years running small companies. you