Policy Letter

POGO Joins in Urging CFPB to Put More Consumer Complaints Online

Bureau of Consumer Financial Protection

Washington, DC 20552

Re: Consumer Complaint Data Disclosure

Docket No. CFPB-­‐2012-­‐0023

July 19, 2012

Dear Director Cordray:

We the undersigned consumer, civil rights, good government, and community groups, and members of Americans for Financial Reform (AFR), congratulate the Bureau on the inclusion of a public database as an integral part of the CFPB complaint process. This is a bold first step. We firmly believe that public access to consumer complaints is a public service and will have extensive value to both consumers as a pre-purchase tool, and for the Bureau as an effective way of reducing the number of complaints it receives by providing individuals use of the database as an early warning system.

While we appreciate the Bureau’s decision to offer access to a public database, we continue to maintain that access to individual complaints is a key component to allowing consumers to make full and accurate use of the complaint information that is submitted. We are very sensitive to protecting personally identifiable information (PII), and are confident that information can be shared in a way that protects against the identification or re-identification of individuals.

We recognize your willingness to analyze whether there are practical ways to disclose narrative data. We ask that you revise your position of offering the public only elements of each complaint (type and date of complaint, complainant’s zip code, card issuer’s name and general response) to include the narrative. Making detailed complaint information available to the public will only enhance consumers’ ability to inform and protect themselves in the marketplace in a timely manner. Complaint narratives allow individuals to assess a complaint’s validity, determine if the details are pertinent to a consumer’s purchasing decisions, and allow individuals and researchers to detect harmful trends or patterns.

In addition to narratives, far greater detail is needed in complaint categories to make a search an efficient, valuable pre-purchase process. For instance, if a consumer was to search a particular card issuer’s complaints and found a battery of “billing dispute” problems it would not be clear to the consumer what the disputes relate to, or even if the dispute was with the card issuer or the merchant. Identification of the actual financial product or service involved should also be made available. The same specificity is necessary in the company response category. We continue to recommend inclusion of a company’s narrative on individual complaints. If an issuer’s response is listed as “closed with explanation” (as is a large majority) much further detail is needed to make that decision meaningful to consumers. Actual complaint and response information (minus PII) would solve this void. Clear and simple instruction as to how to use database features should also be a primary goal.

We encourage the CFPB to expand public access to complaint data to include all types of financial goods and services that the Bureau has authority over. Had consumers had access to home loan complaint details prior to the financial crisis, it is likely that countless numbers of consumers would have been able to avoid many of the disastrous consequences that they are still trying to overcome.

It is also essential that the CFPB generate annual reports that would allow the public, including researchers, to review lending practice complaints based on frequency data of protected class information (including race/ethnicity, age, gender). Researchers should also be able to receive protected class data from the Bureau upon request, as is now the case from other federal offices. We have specific suggestions on protected class data later in this document.

We will concentrate our comments on specific areas of concern that have been raised with the Bureau regarding re-identification, reputational harm, FOIA, and we will focus on one privacy group’s approach to protecting PII.

Complaint Narratives

Public access to complaint narratives gives individuals the ability to draw their own conclusions about the veracity of each complaint. It allows consumers to identify disreputable practices and unsuccessful resolutions, as well excellent customer service, at the exact point in the decision making process where it can make a difference. We are confident that it is possible to inform the public of complaint details without putting an individual’s personally identifiable information at risk.

We continue to recommend inclusion of narratives unless a consumer opts to keep all or part of his complaint private. In this case, there should be a separate text box in the complaint form where all items submitted would be kept confidential. In cases where a company believes it is necessary to include confidential data in a response they too could have the option of a private portion of the response. Businesses may summarize their position for the public database, and state that in fairness to their customer they have opted to respond in detail privately. Clear instructions would minimize the risk of inadvertent disclosure of private information, and the complaint form could automatically ask consumers to double-check prior to submission.

Publicly available complaint narratives can help shed light on how lending discrimination may occur. Lending discrimination is not easily detected because consumers are without information about the terms, fees, and pricing structures of financial products offered to other similarly situated individuals, and thus have no way to compare their treatment or the products they receive. Providing the public with complaint narratives can help consumers who suspect discrimination with a point of comparison.

Public access to consumer complaint data achieves both transparency and accountability. Data transparency allows the public to hold this new federal agency accountable for its actions and creates a better understanding of how the agency is working on its behalf.

We encourage the CFPB to use search algorithms and staff reviews where necessary to monitor public narrative submissions for private information that should not be placed in the public database.

PII Protection

We welcome the Bureau’s attention to ensuring that consumers’ personally identifiable information remains private. Included is a Privacy Rights Clearinghouse (PRC) attachment that shows how they work to prevent the leakage of personally identifiable information.

The Privacy Rights Clearinghouse (PRC) launched a "Complaint Tool" in January 2012. The PRC uses several opportunities throughout the complaint process to remind users NOT to include personal information after their initial log-in. In fact, the Complaint Tool dedicates an entire page to reminding users to not include PII (including a list of what is considered PII). Users receive a second reminder when reviewing their complaint prior to submission. Finally, on the Submit Your Complaint page, they must click on a box that says "I agree to the Privacy Policy and confirm that there is no confidential personal information in the complaint description." If they do not click on the box that precedes this statement, they are unable to submit the complaint and complete the process. Instead, they receive this page again, this time with polite instructions in red, reminding them to ensure that they have not included personal information in the complaint description. Once submitted, they receive a confirmation code.


We recognize the competing concerns of providing the level of data necessary to identify discriminatory practices while protecting personal information. Fortunately both objectives are achievable, and there are precedents for providing public data - even at the census tract level, such as Home Mortgage Disclosure Act (HMDA) data, without causing re-identification problems. Similarly, HUD provides not only detailed lending data, but also detailed household characteristic data (including income, race/ethnicity, gender etc.) for several million HUD households at the census tract level. There has been no indication of any of re-identification of households or individuals based upon of providing this information to the public for more than a decade. There is no reason to believe results would vary for a financial services complaint database.

In anticipation that the Bureau will expand public access to credit card complaints to the universe of financial complaints that it receives, we suggest that a different metric be used to detect certain problems such as discrimination.

If we want to determine whether foreclosure complaints or payday lending problems are coming from a specific geographic region or a protected class, data at the zip code level is not sufficient to identify illegal or predatory practices. Zip codes in municipal boundaries and in rural and suburban areas are geographically expansive. They are simply too large for identifying specific neighborhoods being impacted.

In contrast, tract level complaint data even provided as aggregate or “frequency” data (totals or percentages), is generally sufficient when compared with other databases such as census data and HMDA data, to identify critical patterns without putting individual’s identities at risk.

In fact, the Census Bureau makes frequency data regarding household and individual characteristics available at the tract level and below. Tracts, though typically much smaller than a zip code, characteristically include approximately 1,500 households. Given the high level of attention (and specific legal constraints) applicable to census data, it is worth noting that the Census Bureau, with few exceptions, is able to provide its primary data compilations at geographic areas even below the tract level – down to the “census block groups” and “census block” levels.

A data source similar to the CFPB complaint database is Section 335 HUD data on defaults and foreclosures of FHA loans which is routinely provided by HUD as frequency data in the form of tallies of the number of loans made in particular time frames and the numbers of loans at different stages of default and foreclosure. HUD provides this data in detail for each individual lender/servicer in the tract. Even with access to loan-by-loan HMDA data, it is quite difficult to identify individual loans from the Section 335 data. In addition to the Section 355 HUD data which is released to the public upon request, HUD’s Office of Policy Development and Research (PD&R) provides on its website detailed data on HUD-assisted households for nearly forty categories of highly personal information (gender, age, disability, race, ethnicity, income). In its “Picture of Subsidized Households” HUD provides not only totals in each category aggregated by census tract, but by each housing development as well.

While due caution is always warranted, and exceptions to not disclose could be made in exceptional cases, the tremendous public benefit of making data public should not be sacrificed at the prospect of highly speculative concerns. For example, there’s a tension between the need to protect highly personal medical information and the use of that information to protect children from being poisoned by lead. When a child has been found by a doctor to have an elevated blood lead-level that child’s housing is typically investigated to find the sources of the lead poisoning. That investigation includes not only the child’s home but other buildings s/he frequents. While an individual’s medical records are carefully protected under the Health Insurance Portability and Accountability Act (HIPAA), once the appropriate health agency has identified the address of any property with a lead hazard, the address is then public information. That information is essential to protect other children (such as future tenants of the same apartment) from becoming poisoned by lead since it can be used to identify patterns of high risk areas that should be targeted for lead-poisoning prevention programs. Courts that have looked at these seemingly competing policy concerns have determined the mere possibility that someone might infer certain medical characteristics (i.e. that a particular child was lead poisoned) from the fact that a particular housing unit had been identified to contain a lead hazard would not, in and of itself, violate privacy protections. (See Cincinnati Enquirer v. Daniels, 108 Ohio St.3d 518 (2006), available at:


Similarly, while cumulative CFPB complaint data generated from individual records might provide revealing or even controversial information, the ability to ascertain the prevalence of irregularities such as disparate racial impact should not be obscured under the rubric of privacy protection, especially after the prevalence of subprime predatory lending targeted at communities of color before and during the mortgage meltdown. This track record of discriminatory lending by major lenders supports the need for the CFPB to generate complaint data in this manner.

Access to Protected Class Data

It is essential that questions pertaining to race, national origin, age, marital status, and gender be broadened on the intake form to give all complainants the opportunity to include these data when filing a complaint, and not limit this information to those who believe they have been discriminated against. It is often too difficult for an individual to know if s/he has been discriminated against in lending practices. Currently, data is only being captured for protected class when someone says that s/he is being discriminated against.

We recommend that the Bureau request protected class information from each complainant, not only those who believe they may have been victims of discrimination, as a means to detect harmful patterns which are not evident to individual victims. Recent examples of discrimination in U.S. Department of Justice (DOJ) cases against Countrywide Financial Corporation[1] and Wells Fargo[2] will provide restitution for more than 234,000 borrowers of color. Prior to DOJ analysis, these individual borrowers had no way to know they were being overcharged. DOJ concluded that there was a disparate impact in Countrywide and Wells Fargo’s lending policies. Without gathering protected class data, the CFPB will not be able to analyze complaint information to fully to meet its mandate to ensure equal access to credit.

Providing protected class information should remain optional and be clearly stated so on intake forms. We suggest that the final question on the intake form request protected class data with a clear and compelling explanation for why these data are so valuable. This information is already requested in every mortgage loan application. This is also the case on the Department of Treasury’s Making Home Affordable (HAMP) program hardship affidavit at https://www.efanniemae.com/sf/formsdocs/forms/pdf/servicingtrans/1021.pdf

The HAMP application reads:

The following information is requested by the federal government in order to monitor compliance with federal statutes that prohibit discrimination in housing. You are not required to furnish this information, but are encouraged to do so. The law provides that a lender or servicer may not discriminate either on the basis of that information, or whether you choose to furnish it. If you furnish the information, please provide both ethnicity and race. [,,,] If you do not wsh to furnish the information, please check the box below.

The form then includes a number of boxes for the applicant to fill in. Protected class data should be analyzed regularly to assess its value in providing useful leads to detect harmful patterns or discriminatory trends.

Requesting this important data can also help prevent the need for discrimination claims as potential offenders discover that incriminating information is being collected.

Reputational Harm

Disclosing complaint data will not unfairly create a blacklist of products or irreversibly tarnish companies’ reputations. The Obama administration has recognized that “disclosure is one of the chief tools that agencies can use to improve the operation of consumer markets.”[3] In practice, disclosure has led to better products and more satisfied customers. For example, increasing accessibility to rating and complaint information via safecar.gov improved the National Highway Traffic Safety Commission’s (NHTSA’s) New Car Assessment Program (NCAP) by encouraging manufacturers to achieve high ratings and voluntarily increase the safety of vehicles.[4]

Including narrative information with complaints could actually reduce the risk of unfair reputational harm to companies by providing context to the complaints. This will help consumers discern which complaints are the most relevant and most legitimate to them, and whether a company’s response is reasonable based on the nature and severity of the complaint.

Opponents of Consumer Product Safety Commission (CPSC) complaint disclosure argued that disclosing unverified claims would incorrectly label products as defective or unsafe and mislead consumers. But as noted in the CFPB’s proposed policy statement, these concerns, even if taken as valid, do not apply here. Complaints must come from cardholders themselves, and issuers are given a sufficient amount of time (30 days) to show they did not issue the card in question. Furthermore, individuals who intentionally make false reports to a government database could face fines or imprisonment. Section 1001 of Title 18 of the United States Code makes it illegal to knowingly make a false statement to the federal government.

There has been no evidence showing that complaint disclosure has unfairly or irrevocably harmed automakers or product manufacturers. There is no reason to believe that financial services companies would have any different result. This would certainly not be the first time an agency has disclosed information that is unfavorable to certain industries or companies. Agencies often disclose public opinions and experiences when they release public comments to agency actions, such as rulemakings, and have never been required to verify the comments or consider how the comments may impact businesses or industries before releasing them.

For companies concerned that their fine customer service performance records may not be reflected in Bureau complaint resolution data, the CFPB would be wise to require businesses to provide clear evidence during supervisory examinations that these firms have in fact satisfactorily resolved the vast majority of their consumer complaints. Data confirming a company’s excellent customer service record would be intended for the Bureau’s own supervisory and enforcement purposes.

Addressing Inaccuracies

There are a number of mechanisms that can limit or correct inaccuracies in complaints that are made available to the public. Furthermore, the possibility of releasing a small amount of incorrect information has never been accepted as a legitimate reason for withholding important information from the public. Opponents of CPSC’s complaint disclosure argued that disclosing unverified claims could incorrectly label products as defective or unsafe and, as a result, mislead consumers. However, a report by the Government Accountability Office (GAO) showed that manufacturers have claimed material inaccuracies in only a fraction of complaints.[5] The GAO’s analysis of CPSC data found that of the 1,085 reports with manufacturer responses that CPSC had published, only 160 were reports with claims of materially inaccurate information; and, of these reports, most were resolved and published within 10 business days. In fact, CPSC was able to resolve 92 percent of the accepted inaccuracy claims within 10 business days of notifying the manufacturer of the report of harm. According to the GAO, most of the claims of inaccuracy “were simple cases where the wrong manufacturer of a product was identified in the report of harm.”

The CFPB could also follow NHTSA’s lead and provide a very clear disclaimer regarding the accuracy of complaints. For example, users of safercar.gov are presented with a disclaimer stating the following: “This database includes information received by NHTSA from consumers either directly or as recorded by the Vehicle Safety Hotline. Not all consumer allegations can be verified.” Such a disclaimer could sufficiently adjust viewer expectations and protect the CFPB.

FOIA Disclosures

The CFPB’s determination to create a publicly accessible database is in line with its existing obligations under the Freedom of Information Act (FOIA) and the agency’s own regulations. FOIA requires agencies to make records affirmatively available to the public by electronic and other means if those records are or will likely be subject to frequent FOIA requests.[6] CFPB’s regulations make clear that this affirmative disclosure requirement applies when the agency receives at least three requests “for substantially the same records.”[7] We believe that public interest in the credit card complaint records will easily trigger the affirmative disclosure requirements under FOIA and the agency’s regulations. The public database, therefore, represents one way to satisfy the agency’s transparency obligations.

We would also like to respond to industry comments that question the agency’s authority to create a public database consistent with FOIA and the Trade Secrets Act. Some commenters state that consumer information, including a card issuer’s identity, is exempt from disclosure under FOIA’s Exemption 4 because disclosure would cause substantial competitive harm to businesses and hinder the government’s ability to obtain similar information in the future.[8] One commenter contends that card issuers’ narratives and their complaint rates by zip code constitute trade secrets, the disclosure of which is prohibited by the Trade Secrets Act.[9]

We believe that these commenters misconstrue FOIA and the Trade Secrets Act. FOIA’s Exemption 4 applies only to trade secrets and commercial or financial information that is privileged or confidential.[10] Consumer complaints—including the name of a card issuer (provided by the consumer) cannot plausibly be considered privileged or confidential business information, as the information is not submitted by businesses. For similar reasons, information obtained voluntarily from consumers and included in the database, such as a complainant’s zip code, cannot constitute a trade secret. We continue to urge the CFPB to offer consumers and businesses both confidential and non-confidential boxes to describe the complaint and the company’s response. This safeguard will ensure that narrative information submitted for inclusion in the public database is not privileged or confidential, and does not otherwise constitute a trade secret. As noted, this precaution combined with other efforts such as the use of algorithms to catch any inadvertent inclusion of identifiable details, and written reminders that personal information should not be included in public sections of complaint forms should prevent any unintended release of information.

Some industry commenters also state that certain information, including card issuers’ names, is prohibited from disclosure under FOIA Exemption 8,[11] which applies to records that are “contained in or related to examination, operating, or condition reports prepared by, on behalf of, or for the use of an agency responsible for the regulation or supervision of financial institutions.”[12] We strongly disagree with these commenters’ overly broad interpretation of Exemption 8. Information contained in the public database, which consumers and businesses will add with full knowledge that it will be publicly available, is not the kind of sensitive information that Exemption 8 is intended to protect. In any event, CFPB may in its discretion disclose that information in response to FOIA requests or through the public database.[13]

We appreciate the Bureau’s decision to create a publicly searchable credit card complaint database for consumers to identify financial services companies that prioritize excellent customer service, and prevent problems upfront. We hope that the CFPB’s strong stand for transparency, coupled with strong measures to protect complainants’ privacy, will be the approach the Bureau will take to swiftly expand access to the database for all types of financial service complaints in the future.

Public access to complete complaint information, in a safe and responsible manner, allows for a more fair and accountable marketplace.

Thank you for considering our suggestions to improve this important consumer-oriented tool.


Americans for Financial Reform

California Reinvestment Coalition

Center for Digital Democracy

Consumer Action

Consumer Federation of America

Consumers Union


Empire Justice Center


National Association of Consumer Advocates

National Consumer Law Center (on behalf of our low income clients)

National Fair Housing Alliance

National People’s Action

Neighborhood Economic Development Advocacy Project (NEDAP)

New Jersey Citizen Action

OMB Watch

Project On Government Oversight (POGO)

Privacy Rights Clearinghouse

Public Citizen

The Institute for College Access & Success and its Project on Student Debt (TICAS)


World Privacy Forum


[ 1] United States of America v. Countrywide Financial Corporation

[ 2] United States of America v. Wells Fargo Bank, NA

[ 3] Memorandum from Cass Sunstein, Administrator, Office of Information and Regulatory Affairs, “Informing Consumers through Smart Disclosure,” Sept. 8, 2011.

[ 4] National Highway Traffic Safety Administration, The New Car Assessment Program Suggested Approaches for Future Program Enhancements National Highway, Jan. 2007, available here. (“The agency has improved the program by adding rating programs, providing information to consumers in a more user friendly format, and substantially increasing accessibility to the information via the website, www.safercar.gov. The program has strongly influenced manufacturers to build vehicles that consistently achieve high ratings, thereby increasing the safety of vehicles.”).

[ 5] Government Accountability Office, Consumer Product Safety Commission: Action Needed to Strengthen Identification of Potentially Unsafe Products, Oct. 11, 2011, available here.

[ 6] 5 U.S.C. § 552(a)(2).

[ 7] 12 C.F.R. § 1070.11(c).

[ 8] See Letter from American Financial Services Association, et al., to Monica Jackson, CFPB (Jan. 30, 2012), at 14; see also Letter from Bill Hampler, American Financial Services Association, to Monica Jackson, CFPB (Jan. 30, 2012), at 1-2; Letter from Nessa Eileen Feddis, American Bankers Association, to Monica Jackson, CFPB (Jan. 30, 2012), at 13.

[ 9] See Letter from American Financial Services Association, et al., supra n.6, at 13.

[ 10] 5 U.S.C. § 552(b)(4).

[ 11] See Letter from American Financial Services Association, et al., supra n.6, at 14.

[ 12] 5 U.S.C. § 552(b)(8).

[ 13] See Gregory v. Fed. Deposit Ins. Corp., 631 F.2d 896, 899 (D.C. Cir. 1980); see also 12 C.F.R. § 1070.11(b) (“Even though a FOIA exemption may apply to the information or records

requested, the CFPB may, if not precluded by law, elect under the circumstances not to apply the exemption.”)