Disclosure of Certain Credit Card Complaint Data, 37558-37569 [2012-15163]

Agencies

• BUREAU OF CONSUMER FINANCIAL PROTECTION

[Federal Register Volume 77, Number 121 (Friday, June 22, 2012)]
[Rules and Regulations]
[Pages 37558-37569]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: 2012-15163]


=======================================================================
-----------------------------------------------------------------------

BUREAU OF CONSUMER FINANCIAL PROTECTION

12 CFR Chapter X

[Docket No. CFPB-2011-0040]


Disclosure of Certain Credit Card Complaint Data

AGENCY: Bureau of Consumer Financial Protection.

ACTION: Notice of final policy statement.

-----------------------------------------------------------------------

SUMMARY: The Bureau of Consumer Financial Protection (the ``Bureau'') 
is

[[Page 37559]]

issuing a final policy statement (the ``Policy Statement'') to provide 
guidance on how the Bureau plans to exercise its discretion to publicly 
disclose certain credit card complaint data that do not include 
personally identifiable information. The Bureau receives credit card 
complaints from consumers under the terms of Title X of the Dodd-Frank 
Wall Street Reform and Consumer Protection Act (the ``Dodd-Frank 
Act''). The Policy Statement also identifies additional ways that the 
Bureau may disclose credit card complaint data but as to which it will 
conduct further study before finalizing its position.

DATES: This Policy Statement is effective on June 19, 2012.

FOR FURTHER INFORMATION CONTACT: Scott Pluta, Office of Consumer 
Response, Bureau of Consumer Financial Protection, at (202) 435-7306; 
or Will Wade-Gery, Division of Research, Markets and Regulations, 
Consumer Financial Protection Bureau, at (202) 435-7700.

SUPPLEMENTARY INFORMATION: 

I. Overview

A. Final Policy Statement

    Under the final Policy Statement, the Bureau plans to disclose data 
associated with credit card complaints in two ways. These disclosures 
are intended to help provide consumers with ``timely and understandable 
information to make responsible decisions about financial 
transactions'' and to enhance the credit card market's ability to 
``operate transparently and efficiently.'' \1\ First, the Bureau plans 
to issue its own periodic reports about complaint data. The Bureau has 
already issued three such reports.\2\ Second, the Bureau plans to 
provide public access to an electronic database containing certain 
fields for each unique \3\ complaint.\4\ As discussed further below, 
the Bureau has adjusted its plans to include certain fields in the 
public database in response to comments on the proposed Policy 
Statement published by the Bureau on December 8, 2011. The public 
database will initially include data from credit card complaints 
submitted on or after June 1, 2012.
---------------------------------------------------------------------------

    \1\ 12 U.S.C. 5511(b)(1) & (5).
    \2\ These are the Consumer Response Annual Report for 2011 
(March 31, 2012) at https://files.consumerfinance.gov/f/201204_cfpb_ConsumerResponseAnnualReport.pdf, the Semi-Annual Report of 
the Consumer Financial Protection Bureau (January 30, 2012) at 
https://www.consumerfinance.gov/reports/semi-annual-report-of-the-consumer-financial-protection-bureau/, and the Consumer Response 
Interim Report on CFPB's Credit Card Complaint Data (November 30, 
2011) at https://www.consumerfinance.gov/reports/consumer-response-interim-report-on-cfpbs-credit-card-complaint-data.
    \3\ The database will not include duplicative complaints 
submitted by the same consumer.
    \4\ The Policy Statement concerns the Bureau's authority to make 
public certain consumer complaint data that it has decided to 
include in the public database in its discretion. The Policy 
Statement does not address the Bureau's authority or obligation to 
disclose additional complaint data pursuant to a request made under 
the Freedom of Information Act, 5 U.S.C. 552.
---------------------------------------------------------------------------

B. Concurrent Notice

    Concurrent with the publication of this Policy Statement, the 
Bureau is publishing a notice in the Federal Register seeking comment 
on a proposed extension of the disclosure system described in the 
Policy Statement to complaints about consumer financial products other 
than credit cards (the ``Concurrent Notice''). In addition to credit 
cards, the Bureau's complaint-handling system (the ``Complaint 
System'') now encompasses mortgages, bank products such as checking and 
savings accounts, and certain other consumer loans. The Bureau 
anticipates that the Complaint System will accept complaints about all 
consumer financial products and services within the Bureau's 
jurisdiction by the end of 2012. Comments in response to the Concurrent 
Notice are due by July 19, 2012.

II. Background

A. Complaint System

    In the proposed Policy Statement, the Bureau generally described 
how the Office of Consumer Response (``Consumer Response'') accepts and 
processes credit card complaints. The Bureau has since revised the 
Complaint System in a number of respects, in part as a result of the 
comments received on the proposed Policy Statement. For example, the 
Bureau has adjusted the permissible entries for the ``issuer response 
category'' field, as summarized in part III.D.5.

B. Overview of Public Comments

    The Bureau received seventeen sets of comments in response to the 
proposed Policy Statement. In some cases, several organizations 
submitted a single comment letter. Eleven industry groups submitted a 
total of nine comment letters. One credit union also commented. One 
financial reform organization, Americans for Financial Reform 
(``AFR''), submitted a single set of comments on behalf of twenty-one 
consumer, civil rights, privacy, and open government groups. Two 
privacy groups that joined that set of comments also submitted their 
own comments, as did one open government group, which submitted 840 
substantially identical comment letters from consumers.\5\ There was 
one additional consumer submission. Finally, one member of Congress 
commented on the proposed Policy Statement.
---------------------------------------------------------------------------

    \5\ One consumer submitted the same letter directly to the 
Bureau.
---------------------------------------------------------------------------

    Almost all comments concerned the public database component of the 
proposed Policy Statement. Industry commenters generally opposed the 
public database. Although they endorsed the intended goals of the 
public database, many industry commenters asserted that the database 
would confuse consumers and unfairly damage the reputation of credit 
card issuers. The disclosure of issuer names in the public database was 
a particular focus of these comments. Some industry commenters further 
asserted that the Bureau lacks legal authority to disclose individual-
level complaint data.
    Consumer groups and consumers also endorsed the goals underlying 
the public database proposal. The AFR submission supported the public 
database, and urged the Bureau to include all narrative fields, subject 
to certain privacy protections. The two privacy groups that joined the 
AFR submission also offered their own written comments advising the 
Bureau to be mindful of the privacy risks associated with broader 
disclosure.
    Many submissions included comments directed to the Bureau's process 
for handling credit card complaints. To the extent that these comments 
also relate to the Policy Statement, the Bureau addresses them below. 
To the extent that they relate only to the Complaint System and not to 
any associated impact on disclosure, the Bureau does not address them 
in this final Policy Statement.\6\ In response to such feedback, 
however, Consumer Response has and will continue to refine and improve 
its Complaint System over time.\7\
---------------------------------------------------------------------------

    \6\ To take one example, one credit union association commented 
that the Policy Statement should address the sanction that will 
apply to an issuer if it fails to respond to a complaint in a timely 
fashion.
    \7\ Consumer Response already maintains several feedback 
mechanisms for participants in the Complaint System.
---------------------------------------------------------------------------

III. Summary of Comments Received, Bureau Response, and Resulting 
Policy Statement Changes

    This section provides a summary of the comments received by subject 
matter. It also summarizes the Bureau's assessment of the comments by 
subject matter and, where applicable, describes

[[Page 37560]]

the resulting changes that the Bureau is making in the final Policy 
Statement. All such changes concern the public database. There are no 
changes to the proposed policy for the Bureau to issue its own 
complaint data reports.

A. The Policy Statement Process

    One trade association commented that the Bureau should engage in a 
public rulemaking under the Administrative Procedures Act to provide 
the public with an opportunity to comment on all aspects of the 
initiative. One issue that the rulemaking should address, according to 
this commenter, is the link between the availability of complaint 
information and informed consumer decision-making.
    The Bureau is committed to transparency and to robust engagement 
with the public regarding its actions. Although not required by law, 
the Bureau solicited and received public comment on the proposed Policy 
Statement. The Bureau received substantial public feedback expressing a 
range of viewpoints, and it has carefully considered the comments 
received, as described in detail below. As stated in the final Policy 
Statement, the Bureau plans to study the effectiveness of its policy on 
an ongoing basis, and plans to continue to engage with the public, 
including regulated entities, as it assesses the efficacy of its 
complaint disclosure policy.

B. Legal Authority for Public Database

    Several trade associations commented that the Dodd-Frank Act does 
not authorize the Bureau to create the proposed public consumer 
complaint. The associations make two arguments.
    First, they contend that the Dodd-Frank Act expressly delineates 
the circumstances and manner in which the Bureau may collect, resolve, 
and share consumer complaints with others. The public database is not 
included. By negative inference, therefore, they argue that the Dodd-
Frank Act does not authorize the database.
    Section 1013(b)(3) of the Dodd-Frank Act requires the Director of 
the Bureau to establish a unit to collect, monitor, and respond to 
consumer complaints regarding consumer financial products and 
services.\8\ This provision requires the Bureau to present an annual 
report to Congress that includes information and analysis of complaint 
numbers, types, and resolutions, and it authorizes the Bureau to share 
consumer complaint information with prudential regulators, the Federal 
Trade Commission, and other Federal and State agencies, subject to 
certain confidentially and data protection standards. According to the 
associations, by delineating entities with which the Bureau may share 
consumer complaint information,\9\ Congress meant such entities to be 
the exclusive recipients of such information.\10\ Furthermore, the 
associations argue, by specifying that the Bureau may share such 
information only to the extent that these specific recipients agree to 
protect the confidentiality of the information shared, Congress 
manifested its intention that this information should otherwise remain 
confidential.\11\
---------------------------------------------------------------------------

    \8\ See 12 U.S.C. 5493(b)(3).
    \9\ One commenter argues that, by specifying in Section 
1013(b)(3) that the Bureau should report to Congress only complaint 
numbers, types, and resolutions, Congress intended to limit the 
Bureau to compiling that information. The commenter argues that the 
collection and reporting of other information--including narrative 
information from consumers--is not authorized.
    \10\ One commenter further asserts that Section 1022(c)(6), 
which authorizes and in some cases requires the Bureau to share 
confidential supervisory information with other agencies, 
demonstrates that Congress intended to exclude the public as an 
acceptable recipient of such information.
    \11\ To the same effect, the trade associations contend that by 
directing the Bureau to share consumer complaint information in a 
manner that protects data integrity, Congress manifested its 
intention that the Bureau share only information that is validated, 
reliable, and objective--standards that the associations argue are 
not met by the complaint data, including, in particular, complaint 
narratives.
---------------------------------------------------------------------------

    The associations also argue that Section 1034 of the Dodd-Frank 
Act, which requires the Bureau to establish ``reasonable procedures to 
provide a timely response to consumers * * * to complaints against, or 
inquiries concerning, a covered person,'' does not authorize the 
creation or publication of a public consumer complaint database that, 
instead of aiding complainants, enables data mining and market 
research.\12\ The associations also contend that, by directing the 
Bureau in Section 1034(d) to enter into agreements with other affected 
federal agencies to facilitate the joint resolution of complaints, 
Congress intended for the Bureau to handle consumer complaints in 
accordance with the procedures of these other agencies, which publish 
only aggregated complaint data.
---------------------------------------------------------------------------

    \12\ 12 U.S.C. 5534(a).
---------------------------------------------------------------------------

    Second, the associations argue that the Dodd-Frank Act's 
restrictions on publishing confidential information block the 
implementation of the proposed public database. They contend that 
Section 1022(c), which authorizes the Bureau to ``monitor for risks to 
consumers in the offering or provision of consumer financial protects 
or services, including developments in markets for such products or 
services,'' \13\ and to ``make public such information * * * as is in 
the public interest,'' only permits the Bureau to make the resulting 
information public through aggregate reporting ``designed to protect 
confidential information.'' \14\ By using non-aggregated formats, the 
associations contend, the proposed database risks compromising the 
confidentiality of individual complaint information.
---------------------------------------------------------------------------

    \13\ 12 U.S.C. 5512(c)(1).
    \14\ 12 U.S.C. 5512(c)(3)(B).
---------------------------------------------------------------------------

    One commenter also argues that Section 1022(c)(4) prohibits the 
Bureau from collecting or sharing information like zip codes or the 
identities of card issuers. Although Section 1022(c)(4)(A) authorizes 
the Bureau to ``gather information from time to time regarding the 
organization, business conduct, markets, and activities of covered 
persons and service providers,'' Section 1022(c)(4)(C) prohibits the 
Bureau from using this authority to ``obtain records from covered 
persons and service providers participating in consumer financial 
services markets for purposes of gathering or analyzing the personally 
identifiable financial information of consumers.'' \15\ The commenter 
asserts that zip codes and card issuer names constitute personally 
identifiable information that the Bureau may not collect or share. The 
same commenter cites Section 1022(c)(8), which requires the Bureau, in 
``collecting information from any person, publicly releasing 
information held by the Bureau, or requiring covered persons to 
publicly report information,'' to ``take steps to ensure that 
proprietary, personal, or confidential consumer information that is 
protected from public disclosure under Section 552(b) or 552a of title 
5, United States Code, or any other provision of law, is not made 
public under this title.'' \16\ The commenter asserts that this 
provision requires the Bureau to keep consumer complaint information 
confidential to the extent that any law, including but not limited to 
the Freedom of Information Act (``FOIA'') or the Privacy Act, requires 
such confidentiality. The commenter argues that credit card issuer 
narratives and complaint rates by zip codes constitute trade secrets of 
credit card issuers that the Trade Secrets Act, 18 U.S.C. 1905, 
prohibits the Bureau from disclosing.
---------------------------------------------------------------------------

    \15\ 12 U.S.C. 5512(c)(4)(A), 5512(c)(4)(C).
    \16\ 12 U.S.C. 5512(c)(8).
---------------------------------------------------------------------------

    The Bureau disagrees with these arguments. First, the Dodd-Frank 
Act expressly authorizes the disclosure addressed in the Policy 
Statement,

[[Page 37561]]

which cannot, therefore, be barred by negative inference. Second, there 
are no applicable confidentiality restrictions that apply to the data 
that will be disclosed in the public database.
    Section 1022 of the Dodd-Frank Act permits the Bureau, in support 
of its rulemaking ``and other functions,'' to monitor and assess risks 
to consumers in the offering or provision of consumer financial 
products or services.\17\ In monitoring and assessing such risks, this 
provision authorizes the Bureau to gather information regarding the 
``business conduct'' of covered persons and service providers.\18\ The 
provision expressly states that ``consumer complaints'' are among the 
types of information that the Bureau may gather for this purpose.\19\
---------------------------------------------------------------------------

    \17\ 12 U.S.C. 5512(c)(1).
    \18\ 12 U.S.C. 5512(c)(4)(A).
    \19\ 12 U.S.C. 5512(c)(4)(B)(i).
---------------------------------------------------------------------------

    Not only does section 1022 permit the Bureau to gather or compile 
consumer complaint information, it also contemplates that the Bureau 
may disclose such information to the public under certain 
circumstances. Section 1022(c)(3)(B) states that the Bureau ``may make 
public such information obtained by the Bureau under this section as is 
in the public interest, through aggregated reports or other appropriate 
formats designed to protect confidential information * * *'' \20\ 
Although commenters focus on the fact that this subparagraph permits 
the Bureau to disclose consumer complaint information in aggregated 
reports, they ignore the fact that the subparagraph also permits the 
Bureau to disclose such information in a non-aggregated format as long 
as it protects the confidentiality of certain information in accordance 
with the other provisions of Section 1022(c).
---------------------------------------------------------------------------

    \20\ 12 U.S.C. 5512(c)(3)(B).
---------------------------------------------------------------------------

    Nothing in Section 1013(b)(3) suggests that Congress, in describing 
one database containing consumer complaint information and the manner 
in which its contents are to be reported to Congress or shared with 
other Federal or State agencies, sought to limit the Bureau's authority 
to disclose information to the public. Likewise, there is no reason to 
interpret Section 1034, which requires the Bureau to establish 
procedures to provide a timely ``response'' to consumers to their 
complaints, to mean that the Bureau may only disclose consumer 
complaint information publicly to complainants, and even then, only to 
the extent necessary to ``respond'' to their complaints.
    The Bureau also disagrees that subpart D of the Bureau's Interim 
Final Rules on the Disclosure of Records and Information,\21\ which the 
Bureau promulgated pursuant to section 1022(c)(6), precludes the Bureau 
from disclosing publicly any information contained within a consumer 
complaint database. Commenters are correct to point out that subpart D 
generally restricts the authority of the Bureau to publicly disclose 
``confidential information,'' including ``confidential consumer 
complaint information.'' \22\ However, such disclosure restrictions 
only apply to the extent that consumer complaint information is 
confidential in nature. The Bureau's regulations define ``confidential 
consumer complaint information'' to mean ``information received or 
generated by the [Bureau], pursuant to [sections 1013 and 1034 of the 
Dodd-Frank Act], that comprises or documents consumer complaints or 
inquiries concerning financial institutions or consumer financial 
products and services and responses thereto, to the extent that such 
information is exempt from disclosure pursuant to 5 U.S.C. 552(b) [the 
FOIA].'' \23\ Because the information to be disclosed in the public 
database is not exempt from disclosure under the FOIA, as discussed in 
more detail in part III.D.1.a below, such information does not 
constitute ``confidential consumer complaint information.'' As a 
result, there is no applicable rule that precludes the Bureau from 
making such information available to the public.
---------------------------------------------------------------------------

    \21\ See 12 CFR 1070.40 through 1070.47.
    \22\ See 12 CFR 1070.41 (prohibiting Bureau employees from 
disclosing confidential information other than as provided in 
subpart D); 12 CFR 1070.2 (defining ``confidential information'' to 
include ``confidential consumer complaint information'').
    \23\ 12 CFR 1070.2(g).
---------------------------------------------------------------------------

C. The Impact of the Public Database on Consumers

    Consumer groups, privacy groups, and consumers commented that the 
public database would help consumers make more informed decisions and 
avoid ``bad actors.'' They also noted that consumers can draw their own 
conclusions from the public database. Several noted that data do not 
need to be fully verified or random to be of some use to outside 
parties. For example, the data might alert outside researchers and 
consumers to potentially harmful trends.
    Industry commenters, by contrast, asserted that the public database 
would mislead consumers because its contents would be unverified, 
unrepresentative, lacking in context, and open to manipulation. Each of 
these general assertions is addressed below. Section D addresses 
industry comments that disclosure of particular data fields--issuer 
name, zip code, credit card complaint type, and discrimination fields--
would be especially inappropriate or misleading.
1. Verification
    Several trade associations commented that the Bureau should not 
disclose unverified data. Some argued that the Bureau should exclude 
complaints lacking factual foundation or legal merit. Others stated 
that consumer complaints were primarily statements of opinion, and not 
subject to objective verification. Several also argued that complaints 
resolved without any showing of company fault should be excluded as 
lacking foundation. One trade association stated that releasing 
unverified complaint data deprives issuers of due process. Privacy and 
consumer groups commented that the lack of verification presented only 
minimal risks to issuers because there are controls to ensure that 
complaints must come from actual cardholders, and issuers are given 
adequate time to dispute their identification.
    The Bureau agrees with industry commenters that its complaint 
process does not provide for across the board verification of claims 
made in complaints. However, as it has previously indicated, the Bureau 
plans to specifically disclaim the accuracy of complaints when the data 
are made available to consumers. Outside of its own affirmative data 
reporting, the Bureau will allow the marketplace of ideas to determine 
what the data show.
    While the Bureau does not validate the factual allegations of 
complaints, it does maintain significant controls to authenticate 
complaints. Issuer names are verified using card numbers and by other 
procedures. Each complaint is checked to ensure that it is submitted by 
the identified consumer or from his or her specifically authorized 
representative. Each submission is also reviewed to determine if it is 
a complaint, an inquiry, or feedback about the Bureau. Submissions in 
the latter two categories are not forwarded to the identified company 
for handling as complaints. Further, each complaint is checked to 
prevent duplicate submissions by a consumer who has already filed with 
the Bureau a complaint on the same issue. Complaints are only forwarded 
to companies when they contain all the required fields, including the 
complaint narrative, the consumer's narrative statement of his or her 
fair resolution, the consumer's contact information, and

[[Page 37562]]

the name of a card issuer within the scope of Section 1025 of the Dodd-
Frank Act.
2. Representativeness
    Several trade associations commented that it is inappropriate for 
the Bureau to publish data that is not randomly sourced. Non-random 
complaints, they contend, cannot provide consumers with useful 
information. One trade association commented that academics and 
researchers would not use such unreliable data.
    The Bureau will inform consumers and any other public database 
users that the data reflect only the credit card complaints that 
consumers submit to the Bureau. Even though similar limitations apply 
to other public complaint databases, however, experience shows that 
outside parties have, in fact, made reasonable use of non-random 
complaint databases disclosed by other agencies. The trade associations 
did not offer any examples of misuse of currently available non-random 
data sets or challenge the utility of the examples cited by the Bureau. 
In addition to those examples, the Bureau notes that two outside 
companies have recently repackaged for consumer use drug and medical 
device data mined from the AERS and MAUDE public complaint databases 
maintained by the Food and Drug Administration.\24\
---------------------------------------------------------------------------

    \24\ M. Beck, Searching for Side Effects, Wall Street Journal 
Online, Jan. 31, 2012.
---------------------------------------------------------------------------

    The trade associations also fail to acknowledge that consumers 
currently make credit card choices with little or no knowledge of 
consumer complaints. It is true that more robust data sets might, in 
theory, be assembled. Consumers would be better informed if the public 
database included complaint data from issuers' internal processes or 
even surveys of complainants and non-complainants. But that does not 
mean that less complete data sets worsen the status quo. So long as 
consumers are aware of the limitations of the data, there is little or 
no reason to believe that complaint data should make the market less 
informed and transparent.
    Industry comments on representativeness also recognized that the 
Bureau is expressly authorized to use complaint data to set priorities 
in its supervision process. Some industry comments also recognized that 
the data could play a role with respect to other statutory obligations, 
such as fair lending enforcement or market monitoring. If complaint 
data can provide the Bureau with meaningful information, then logically 
they may also prove useful to consumers and other reviewers. If the 
data lacked such potential, Congress would not have pointed to public 
complaints as a basis to set important Bureau priorities.\25\ 
Furthermore, credit card issuers have told Consumer Response on 
numerous occasions that they learn valuable information from consumer 
complaints. If the data inform issuers, they have the potential to 
inform consumers as well.
---------------------------------------------------------------------------

    \25\ See 12 U.S.C. 5493(b)(3)(D).
---------------------------------------------------------------------------

3. Context
    Several trade associations commented that Bureau disclaimers about 
the lack of verification or representativeness will not effectively 
warn consumers about the limitations of the public database. The 
associations expressed concern that consumers and the media will 
inevitably see or portray the information as being endorsed by the 
Bureau, notwithstanding the Bureau's disclaimers. In addition, one 
trade group commented that the marketplace of ideas cannot prevent 
consumers from being misled by the public database. Another commented 
that the database fails to distinguish complaints of major and minor 
significance and that without that context, the data are open to 
misinterpretation.
    The Bureau acknowledges the possibility that some consumers may 
draw (or be led to) erroneous conclusions from the data. That is true, 
however, for any market data. In addition, the Bureau's two-part 
disclosure policy--first, its own affirmative reports of data findings 
that it believes may inform consumers, and second, a public database 
that researchers and others can mine for possible data trends--is 
intended to minimize any consumer confusion about the scope of the 
Bureau's own conclusions with respect to the complaint data. The Bureau 
is open, however, to further suggestions from trade associations, 
issuers, and other concerned stakeholders on how best to provide 
additional context for the public database.
4. Manipulation
    Several trade associations commented that third parties like debt 
negotiation companies could use complaint filing as a strategic tool to 
aid their clients. One trade association commented that outside parties 
may artificially inflate complaint counts for litigation purposes. 
Several trade associations claimed that one outside party has filed 
numerous fraud complaints about a single merchant, allegedly for 
improper purposes.
    The Complaint System has a number of protections against 
manipulation. For one, the burden of submitting a complaint is not 
negligible. Consumers must affirm that the information is true to the 
best of their knowledge and belief. The consumer is asked for a 
verifiable account number. If none is provided and the consumer is 
unable to produce verifiable documentation of the account (such as a 
statement), the complaint is not pursued further. As described further 
at part III.D.1.b below, when an issuer offers a reasonable basis to 
challenge its identification, the Bureau does not plan to post the 
relevant complaint to the public database unless and until the correct 
issuer is identified. Furthermore, duplicate complaints from the same 
consumer are consolidated into a single complaint.
    The Bureau maintains additional controls after complaints are 
submitted and issuers are able to alert the Bureau to any suspected 
manipulation. If issuers find this combined package of controls 
insufficient in practice, the Bureau will consider suggestions for 
addressing any problems identified, including enabling an issuer to 
flag in the public database any complaint entry that the issuer 
reasonably believes is not submitted in good faith by or on behalf of 
an individual consumer.

D. The Impact of Specific Public Database Fields on Consumers and 
Credit Card Issuers

1. Issuer Names
a. Legal Authority
    Several trade associations commented that the Bureau lacks 
authority to include issuer names in the public database or its own 
data reporting. The associations argue that the disclosure of this 
information is prohibited by Section 1022(c)(8), which requires the 
Bureau to take steps to protect from public disclosure confidential 
proprietary information that is exempt from disclosure under the FOIA. 
Specifically, they argue that the names of issuers are properly subject 
to Exemption 4 of the FOIA, which permits agencies to withhold trade 
secrets or confidential commercial information that businesses provide 
to it, and that the Bureau must, therefore, withhold from publication 
the names of credit card issuers cited in complaints. Courts generally 
hold that Exemption 4 applies when the submission of confidential 
commercial information is required of a business and the disclosure of 
such information would result in competitive harm to the business or 
would impair the ability of

[[Page 37563]]

an agency to obtain similar information in the future. The associations 
argue that both of these prongs--competitive harm and impairment--are 
satisfied with respect to the disclosure of credit card issuer names. 
They argue that the disclosure of issuer names would make issuers 
reluctant to respond (and/or reticent in responding) to consumer 
complaints and would cause competitive harm if the disclosed complaints 
unfairly or misleadingly identify them as bad actors.
    The Bureau does not agree that issuer names are subject to 
Exemption 4. As a threshold matter, Exemption 4 does not protect the 
names of credit card issuers because such information does not 
constitute ``confidential'' commercial information. The identities of 
the credit card issuers who do business with consumers are not 
typically secrets kept by the credit card issuers. By and large, 
consumers know this information and report it to the Bureau in their 
complaints. Even to the extent that the true names of credit card 
issues are not known to consumers when they file their complaints, this 
information typically becomes known to consumers as part of the 
complaint investigation and resolution process. Information which is in 
the public domain is not ``confidential'' and is therefore not subject 
to Exemption 4.\26\
---------------------------------------------------------------------------

    \26\ See CNA Fin. Corp. v. Donovan, 830 F.2d 1132, 1154 (D.C. 
Cir. 1987) (``To the extent that any data requested under FOIA are 
in the public domain, the submitter is unable to make any claim to 
confidentiality--a sine qua non of Exemption 4'') (italics in 
original); Northwest Coal. for Alt. to Pesticides v. Browner, 941 F. 
Supp. 197, 202 (D.D.C. 1996) (``If the information at issue is 
publicly available through other sources, no showing of competitive 
harm can be made.'').
---------------------------------------------------------------------------

    Further, even if one assumed that the names of credit card issuers 
constitute ``confidential'' commercial information, this information 
still does not qualify for protection under Exemption 4. To qualify for 
such protection, information must be likely either: ``(1) To impair the 
Government's ability to obtain necessary information in the future; or 
(2) to cause substantial harm to the competitive position of the person 
from whom the information was obtained.''\27\ The Bureau concludes that 
the information at issue does not satisfy either prong of this test.
---------------------------------------------------------------------------

    \27\ Nat'l Parks and Conservation Ass'n v. Morton, 498 F.2d 765, 
770 (D.C. Cir. 1974).
---------------------------------------------------------------------------

    First, the proposed disclosure of credit card issuer names is 
unlikely to impair the Bureau's ability to obtain similar information 
in the future. As noted above, it is usually consumers who provide the 
Bureau with the names of credit card issuers to which their complaints 
pertain. The decision by consumers to submit complaints against 
particular credit card issuers is not likely to be affected by the 
Bureau's policy of disclosing the names of the issuers to which 
complaints apply. The Bureau also finds unavailing arguments that its 
proposed policy of disclosing issuer names would make issuers reluctant 
to participate further in the resolution of consumer complaints. 
Section 1034 of the Dodd-Frank Act requires issuers to respond to 
consumer complaints. Courts generally agree that the disclosure of 
information will not impede an agency's efforts to obtain such 
information in the future when the information is provided pursuant to 
statutory obligation.\28\
---------------------------------------------------------------------------

    \28\ See Ctr to Prevent Handgun Violence v. Dep't of the 
Treasury, 981 F. Supp. 20, 23 (D.D.C. 1997).
---------------------------------------------------------------------------

    Second, the Bureau disagrees with commenters that the proposed 
policy of disclosing credit card issuer names is likely to cause credit 
card issuers substantial competitive harm. It is conceivable that 
consumer complaints could contain false or misleading allegations 
against a particular credit card issuer and that publication of the 
names of credit card issuers associated with such complaints could 
expose those issuers to unwarranted public criticism, reputational 
harm, and perhaps even a loss of existing or prospective customers. 
However, such harms can be mitigated through the use of disclaimers 
that warn consumers that the public database contains data reflecting 
unverified complaints that consumers submit to the Bureau. Even to the 
extent that such disclaimers are not sufficient to mitigate these 
harms, courts are clear that Exemption 4 is designed to protect against 
harms that flow from competitors' use of the released information, not 
from any use made by the public at large or by customers.\29\ Thus, 
even the prospect of unwarranted public criticism and harassment,\30\ 
embarrassment,\31\ or distortions of the disclosed information,\32\ are 
not grounds for application of Exemption 4. Moreover, any harm that 
arises from publishing the names of credit card issuers is one that all 
issuers in the industry share. Harms shared among competitors do not 
constitute competitive harms for purposes of Exemption 4.\33\
---------------------------------------------------------------------------

    \29\ See id.
    \30\ See id.
    \31\ See Gen. Elect. Co. v. Nuclear Regulatory Comm'n, 750 F.2d 
1394, 1402 (7th Cir. 1984) (``[T]he competitive harm that attends 
any embarrassing disclosure is not the sort of thing that triggers 
exemption 4.'').
    \32\ See Silverberg v. Dep't of Health and Human Svcs, Civ. A. 
No. 89-2743, 1991 WL 633740, at *4 (D.D.C. Jun. 14, 1991) (holding 
that business ``may suffer embarrassment from potential distortions 
of [the disclosed] information, but the case law is clear that the 
government can not withhold confidential information under Exemption 
Four of FOIA on the grounds it may cause embarrassment'').
    \33\ See People for the Ethical Treatment of Animals v. Dep't of 
Agric., No. Civ. 03 C 195-SBC, 2005 WL 1241141, at *7 (D.D.C. May 
24, 2005) (holding that competitive harm would not arise from 
disclosure of information where ``all banks would suffer the same 
alleged harm'').
---------------------------------------------------------------------------

    The associations also argue that FOIA Exemption 8 requires the 
Bureau to protect the names of issuers from disclosure. Exemption 8 
authorizes Federal financial regulators to protect information relating 
to the examination of financial institutions. The associations contend 
that consumer complaints constitute confidential supervisory 
information and that the disclosure of these complaints would threaten 
the regulatory relationship between financial institutions and the 
Bureau.
    The Bureau disagrees. As noted, Exemption 8 protects information 
that is ``contained in or related to examination, operating, or 
condition reports prepared by, on behalf of, or for the use of an 
agency responsible for the regulation or supervision of financial 
institutions.'' \34\ The scope of this exemption is broad in that it 
applies not only to financial institution examination, operating, or 
condition reports, but also to all manner of information that relates, 
even indirectly, to the supervision process. Notwithstanding the 
breadth of Exemption 8, it typically applies only to information that 
supervisory agencies either generate themselves or receive from 
regulated financial institutions or from other supervisory agencies. 
Exemption 8 does not typically apply to information, like credit card 
issuer names, that consumers supply to supervisory agencies outside of 
the supervisory context, except to the extent that the agencies later 
utilize such information for supervisory purposes.
---------------------------------------------------------------------------

    \34\ 5 U.S.C. 552(b)(8).
---------------------------------------------------------------------------

    Commenters argue otherwise by citing a 1991 FOIA request response 
letter that the Office of the Comptroller of the Currency (``OCC'') 
sent to a FOIA requester.\35\ In the letter, the OCC applies Exemption 
8 to deny a request for the names of banks associated with consumer 
complaints received by the OCC. As its primary authority for its 
decision, the OCC cites an unpublished 1988 district court opinion in 
Consumers Union v. Office of the Comptroller of the Currency.\36\ In 
that case, the court applied the following

[[Page 37564]]

rationale to protect the identities of banks named in consumer 
complaints:
---------------------------------------------------------------------------

    \35\ OCC Interpretive Ltr., 1991 WL 338374 (Jan. 14, 1991).
    \36\ No. 86-1841, slip. op. (D.D.C. Mar. 11, 1988).

    Irrespective of the fact that consumers provided the information 
to defendant and that disclosure of the identities of the banks 
against which complaints were made probably would not undermine 
public confidence, the portion of the computer printout to which 
plaintiff seeks access falls under exemption 8 because this 
information is directly derived from and `contained in * * * 
examination reports * * * prepared by, * * * or for the use of' 
defendant. The uncontroverted evidence shows that the bank charter 
numbers in the computer printout are contained in examination 
reports that fall within the meaning of Exemption 8 because the bank 
charter numbers are matters contained in larger reports, reflecting 
all consumer complaints against banks, which defendant forwards to 
its District offices. These larger reports are `examination reports' 
within the meaning of Exemption 8 because they analyze and summarize 
information concerning consumer complaints.\37\
---------------------------------------------------------------------------

    \37\ Id. at 2-3.

    Unlike the complaint information at issue in Consumers Union, 
however, the information at issue here is not part of an examination 
report. Also, it is not presented within the context of a Bureau 
investigation of issuer conduct. Rather, the complaints exist in raw 
form as part of a database intended for public use and study. 
Accordingly, the Bureau does not believe that Consumers Union is 
analogous.
b. Other Comments on Issuer Name Disclosure
    Consumer groups commented that the disclosure of issuer names 
represents a significant aspect of the Bureau's policy. They noted that 
other complaint databases that disclose the identity of specific 
companies--like NHTSA--have created pressure on companies to improve 
whatever metrics are measured by the public database. As a result, 
these groups expect the Bureau's public database to cause issuers to 
compete more effectively on customer service and product quality. 
Together with privacy and open government groups, consumer groups 
commented that outside groups can use the issuer data to help consumers 
make more informed decisions about credit card use, a factor also cited 
by the numerous consumers who submitted comments through the open 
government organization, OMB Watch.
    Industry groups disputed that disclosing issuer names serves these 
or any policy purposes. They commented that this form of disclosure 
would unfairly damage issuers' reputation and competitive position. One 
trade association indicated that the inclusion of issuer names could 
implicate safety and soundness concerns, particularly in light of viral 
media. Another commented that disclosing issuer names would serve only 
as ``fodder for plaintiffs' lawyers.'' One noted that the public 
database would not take account of the size and nature of the credit 
card business at different financial services providers, which would 
cause consumer confusion. Another suggested that debt sellers would 
attract fewer complaints than issuers that collected their own debts.
    Trade groups agreed that if issuer names were included, they should 
be verified. Several noted that consumers would be particularly likely 
to name the merchant or other partner in connection with private label 
or co-brand cards, and not the actual issuer. Some noted that card 
numbers would not be sufficient for verification because the system 
will accept complaints without a number, and some complaints--like 
declined application complaints--will arise even when there is no card 
number. Several trade associations argued that some complaints are 
really merchant disputes and that the issuer should not be named at 
all.
    The Bureau believes that these industry comments fail to 
acknowledge the system controls that are in place to verify that a 
complaint is from a cardholder and that the issuer is properly 
identified. No issuer will be associated with a complaint if it offers 
a reasonable basis to dispute a commercial relationship with the 
consumer. Currently, the Complaint System provides issuers 15 days to 
contest issuer identity, which experience has shown to be sufficient. 
As noted earlier, there are also system controls to avoid double-
counting duplicate complaints from the same consumer.
    For many complaints, credit card account numbers provide a reliable 
method to verify the identity of the issuer. The Bureau agrees that 
some complaints may identify the issuer as the merchant or other 
partner associated with a co-brand or private label card. In such 
cases, the account number provided will not match to the name provided. 
As a result, the Bureau confirms the account number with the consumer, 
then substitutes the name of the correct issuer. The merchant or other 
partner is not named. The Bureau also recognizes that there are cases 
in which no credit card number is available to the consumer, such as 
declined application complaints. In these cases, the Bureau works 
directly with the consumer to identify the correct issuer from issuer 
correspondence. If the correct issuer cannot be identified in this 
manner, the case will be closed and no data added to the public 
database.
    The Bureau acknowledges, as it did in connection with the proposed 
Policy Statement, that there are significantly varying views among 
stakeholders about whether this kind of data is useful to consumers. 
However, the Bureau continues to believe that this disclosure may allow 
researchers to inform consumers about potentially significant trends 
and patterns in the data. In addition, given that companies have made 
competitive use of other public databases, the Bureau anticipates that 
disclosure has the potential to sharpen competition over product 
quality and customer service.
    Furthermore, as several trade associations conceded and as 
previously noted above, Congress itself recognized that the Bureau may 
properly use consumer complaint data to set supervision, enforcement, 
and market monitoring priorities.\38\ If the Bureau is able to use 
complaint data in this way, there is good reason to allow consumers and 
outside researchers to weigh the importance of complaint data in their 
own research, analysis, and decision-making. Outside review of this 
kind will also help ensure that the Bureau remains accountable for 
tackling the complaints that it receives.
---------------------------------------------------------------------------

    \38\ See, e.g., 12 U.S.C. 5493(b)(3)(D).
---------------------------------------------------------------------------

    Finally, the Bureau notes the general acceptance by consumer and 
industry groups that normalization can improve data utility. Thus, 
although trade associations uniformly opposed the release of issuer 
names in the public database, many recognized the importance of 
normalizing the data that the Bureau decides to release. Only a 
minority of trade groups suggested that normalization was not workable 
and urged that issuer names not be disclosed for this reason as well. 
One association suggested that normalization cover open accounts, 
closed accounts with a balance, accounts without a balance that closed 
within the last year, and prospective accounts declined within the last 
year. Consumer groups also recognized the importance of normalizing 
data, but none offered any indication of the appropriate metrics for 
market share. The Bureau agrees with industry commenters that, if 
possible, normalization should make some account for closed accounts 
with a balance and declined applications because these may generate 
complaints. The Bureau intends to work further with commenters on 
specific normalization

[[Page 37565]]

proposals, and welcomes further operational suggestions on the point.
2. Zip Codes
    Consumer groups commented that the Bureau should add additional 
location fields, such as city and census tract. Several trade 
associations, however, commented that zip code disclosure created risks 
to privacy because zip codes can be combined with other data to 
identify consumers, particularly in sparsely-populated rural zip codes. 
Trade associations also commented that zip code data may be 
misunderstood to imply discriminatory conduct, leading to unfounded 
allegations of discrimination.
    The Bureau is mindful of the privacy implications of zip code 
disclosure. As a result, it will limit zip code disclosures to 5 
digits, even if a consumer provides the full 9-digit zip code. 
Furthermore, as it analyzes narrative disclosure, the Bureau will 
account for zip code disclosures in assessing privacy risks. The Bureau 
will also analyze whether there are ways to disclose more granular 
location fields without creating privacy risks, as suggested by some 
commenters.
    The Bureau may, as one trade group noted, investigate zip code data 
for indications of ``improper trends.'' The Bureau believes that 
consumers and outside researchers should have the same opportunity.
3. Discrimination
    Several trade associations warned against disclosure of any data 
that consumers submit in the discrimination field of the complaint 
form. These groups commented that in light of the seriousness of such 
allegations, the Bureau should not disclose this field unless and until 
it has investigated the allegations and determined that they have 
factual support. In support of their position, these commenters note 
that some consumers who check the discrimination field on the intake 
form fail to include any allegations of discrimination in the narrative 
field.
    The Bureau is continuing to refine its methods for identifying 
discrimination allegations from consumers that submit complaints. 
Accordingly, the Bureau does not plan to disclose discrimination field 
data in the public database at this time. In the interim, the Bureau 
will continue to study the conditions, if any, necessary for the 
appropriate disclosure of such information at the individual complaint 
level. The Bureau may also report discrimination data at aggregated 
levels in its own periodic complaint data reports.
4. Type of Credit Card Issue
    Trade and consumer groups agreed that the Bureau could improve this 
data field in several respects. First, a consumer should be able to 
select several issues for a given complaint. Second, the issue 
categories should be better explained and differentiated. One trade 
association also commented that the Bureau should not rely on consumers 
for this data point.
    The Bureau agrees that a consumer should be able to ``tag'' a 
complaint as implicating more than one issue. It is working to develop 
the required functionality. In addition, the Bureau is weighing 
possible improvements to the issue categories and is considering the 
extent to which Bureau staff should ``tag'' complaints as raising 
certain issues. The Bureau welcomes further input from stakeholders on 
how to improve the issue categories.
5. Issuer Disposition
    Consumer groups commented on the need to include data about the 
issuer's response, the consumer's assessment of that response, and the 
timing of each of those steps, so that a user of the public database 
would know how fast complaints are handled and how often an issuer 
response is disputed. Consumer groups also urged the addition of more 
resolution-related data categories, such as categories that would 
explain why a complaint remains unresolved.
    Several trade associations commented that the ``Closed without 
relief'' issuer response category was not meaningful and should be 
revised. These groups claimed that the category suggests an 
inappropriate response even though certain complaints are appropriately 
closed without any form of relief, such as meritless complaints or 
complaints that have already been appropriately handled by means of the 
issuer's internal complaints process. In addition, there will be 
complaints appropriately closed with non-monetary relief, which, under 
the Bureau's current system, do not meet the monetary criteria for 
``Closed with relief.'' As a result, trade groups expressed concern 
that resolution rates would be undercounted. On that basis, some trade 
groups asked the Bureau to restore its prior resolution-related 
categories: full, partial, and no resolution. Others urged that the 
Bureau subdivide the ``Closed with relief'' category into monetary and 
non-monetary relief subcategories.
    In light of these comments, the Bureau has made several changes to 
the Complaint Systems' issuer response categories.\39\ First, where an 
issuer provides relief to the consumer, the issuer may categorize the 
complaint as either ``Closed with monetary relief'' or ``Closed with 
non-monetary relief.'' To qualify for the ``Closed with monetary 
relief'' category, the company's response must provide objective and 
verifiable monetary relief that is measurable in dollars. To qualify 
for ``Closed with non-monetary relief,'' the response must provide the 
consumer with objective and verifiable relief that does not meet the 
definition of monetary relief. These categories reduce any risk that 
reviewers fail to accord appropriate significance to cases that issuers 
close with non-monetary relief. Second, the Bureau has added a ``Closed 
with explanation'' response category, which may be used when the issuer 
believes that the complaint does not merit substantive relief, and 
instead provides a full explanation to that effect to the consumer. 
This category recognizes that in some instances, a thorough explanation 
will serve to resolve the consumer's complaint. At the same time, it 
allows reviewers and consumers to see in more detail how issuers, 
collectively and separately, resolve the complaints filed against 
them.\40\
---------------------------------------------------------------------------

    \39\ Consumer Response has provided detailed guidance to 
institutions participating in the Complaint System regarding these 
changes. Institutions should not rely on the summary description 
provided herein.
    \40\ If the company provides no substantive or explanatory 
response, it must designate the complaint as ``Closed.'' In 
conjunction with the ``Closed with explanation'' category, this 
residual category differentiates issuers that--having opted against 
substantive relief--choose not to explain their conduct to 
consumers.
---------------------------------------------------------------------------

6. Date Fields
    Finally, the Bureau agrees with the commenters who urged the 
inclusion of relevant dates in the public database. Initially, the 
Bureau will be able to include the date that a complaint is sent to the 
Bureau and the date that the Bureau forwards it to the relevant 
company.\41\ The Bureau is currently developing the technical ability 
to publish other date fields including the date that a company 
responds. When this is feasible, the Bureau plans to include additional 
date fields in the public database.
---------------------------------------------------------------------------

    \41\ There may be a lag between the two dates in part because, 
as noted above, consumers do not always submit complaints with 
sufficient information. In addition, some complaints are received 
via channels that trigger additional processing steps at the Bureau. 
For example, a Web-based complaint will move to the relevant company 
faster than a hard-copy complaint received from another agency that 
must be input into the Bureau's Web-based system.

---------------------------------------------------------------------------

[[Page 37566]]

E. Potential Impacts of Undisclosed Fields

    The Bureau received a number of comments about data fields that the 
proposed Policy Statement did not list for disclosure in the public 
database. The Bureau is not shifting any of these fields into the 
disclosed category in the final Policy Statement, though several fields 
remain under assessment for potential inclusion at a later date.
1. Consumer Narratives
    The issue of disclosing consumer narratives generated the most 
comments. Each consumer comment letter submitted by OMB Watch requested 
access to narratives ``to help me make better financial decisions and 
avoid bad actors.'' Consumer, civil rights, open government, and 
privacy groups uniformly supported disclosure on the grounds that it 
would provide consumers with more useful information on which to base 
financial decisions and would allow reviewers to assess the validity of 
the complaint. As noted, these groups submitted a coordinated proposal 
that would give the consumer a default option to submit narrative 
information for public disclosure. Recognizing the need to protect 
privacy interests, the commenters' proposal calls for the Bureau to use 
algorithms to detect personally identifiable information in narratives 
slated for disclosure, with back-up manual review by staff and 
consumers of any narratives that the algorithm identifies. Subject to 
FOIA limitations, however, the proposal would also provide a consumer 
the chance to opt out of narrative disclosure, in whole or in part. 
Narratives that the consumer opts out would not be disclosed in the 
normal course.
    The two privacy groups expounded on privacy risks in the most 
detail, echoing the Bureau's acknowledgment that a detailed narrative 
may enable re-identification even if it does not contain standard 
personally identifiable information like a name or account number. One 
privacy group noted that the privacy risk from ``non-identifiable'' 
data is increasing all the time. The other noted that after it 
established its own online complaint system, it received a number of 
``extraordinarily detailed and unique complaints'' that would have been 
inappropriate to disclose without express consent and heavy redaction 
or summarization. Although this group supported disclosure on an opt-in 
basis, it urged the Bureau to study a large sample of complaint 
narratives before resolving on its final course.
    Trade groups and industry commenters uniformly opposed disclosure 
of consumer narratives. Several suggested that if the Bureau resolved 
to disclose narratives, it might inadvertently disclose personally 
identifiable information, with potentially significant consequences to 
the affected individuals. These commenters also argued that narrative 
disclosure might undermine the Bureau's mission to the extent that 
consumers, fearing potential disclosure of their personal financial 
information, became reluctant to file complaints. Some industry 
commenters argued against narrative opt-ins or opt-outs, claiming that 
consumers would not take time to read them or to understand the 
consequences of their choices. One privacy group also cautioned against 
the use of opt-in or opt-out approaches on grounds that consumers do 
not generally understand them and will usually select the default 
option, undermining the notion that a consumer has thereby 
``consented'' to publication. As a result, the privacy group urged that 
the Bureau explore the use of data agreements, whereby users could have 
access to select narratives subject to a contractual agreement not to 
attempt re-identification.
    While acknowledging the general lack of consensus in this area, the 
Bureau notes that almost all commenters agreed that the privacy risks 
of narrative disclosure must be carefully addressed if narrative 
disclosure is to take place. Accordingly, the Bureau will not publish 
narrative data until such time as the privacy risks of doing so have 
been carefully and fully addressed. In addition to assessing the 
feasibility of redacting personally identifiable information (``PII'') 
and other re-identifying narrative information, by algorithmic and/or 
manual methods, the Bureau will carefully consider whether there are 
ways to give submitting consumers a meaningful choice of narrative 
disclosure options.
2. Responsive Issuer Narratives
    Consumer groups argued that issuers should have the same ability as 
consumers to offer their responsive narratives for either public 
disclosure or private communication to the consumer. According to these 
commenters, this mechanism would protect consumer privacy, allow for 
effective communication between consumers and issuers, and permit 
issuers to respond publicly to public complaint narratives. Trade 
associations disagreed, arguing that the Gramm-Leach-Bliley Act 
prohibits them from publicly disclosing any PII about their customers. 
In light of the Bureau's current disclosure position on consumer 
narratives, however, the Bureau is not resolving this issue at this 
point.

F. Addition of New Data Fields

    Several consumer groups requested the Bureau to add new data fields 
for collection and disclosure via the public database. One group 
suggested that the database identify the specific card product, not the 
issuer alone. As noted, several groups urged that location data be 
provided at the city or census tract level to help identify 
discriminatory practices. To that same end, several groups urged the 
collection of demographic data on a voluntary basis.
    The Bureau is open to the inclusion of additional data fields and 
will continue to work with external stakeholders to address the value 
of adding such fields. The Bureau notes, however, that additional data 
categories will logically fall into one of two groups, each of which 
implicates different policy concerns and trade-offs. First, the Bureau 
can disclose new data fields by adding them to the intake form for 
consumers to complete. These fields impose additional burden on the 
consumer and may make the submission of a complaint that much less 
likely. Second, the Bureau can derive additional data fields from a 
complaint submitted on the existing intake form. Thus, the Bureau could 
tag complaints by issue or by other criteria. New fields of this type 
would not impose a burden on consumers, but they would impose an 
additional burden on the Complaint System and the Bureau's resources.

G. When Complaint Data Will Be Added to the Public Database

    One consumer group commented that data should be uploaded 10 days 
after the submission of a complaint. This group also urged that the 
issuer be required to respond substantively to the complaint within 
that same 10-day window.\42\ Several trade associations, however, noted 
that the complaint process may allow up to 60 days for a substantive 
response and, on that basis, argued that data for a given complaint 
should not be uploaded until the 60-day period has run. Finally, one 
privacy group endorsed the proposed 30-day lag between a consumer 
submitting a complaint and the Bureau adding the applicable data to the 
public database.
---------------------------------------------------------------------------

    \42\ Under the Bureau's current system, the company has 15 days 
from its receipt of the complaint to state its initial response to 
that complaint. That initial response can seek up to an additional 
45 days to finalize the response.
---------------------------------------------------------------------------

    The Bureau's rationale for the 30-day lag was to ensure that 
issuers have

[[Page 37567]]

sufficient time to determine whether they are the identified issuer 
before any data about the complaint is disclosed. Experience shows, 
however, that issuers do not need more than 15 days from their receipt 
of the complaint to make this determination. As a result, the Bureau 
proposes to revise the posting schedule. Under the revised approach, 
the Bureau will add field data subject to disclosure to the public 
database once the issuer has made a timely response within the 15-day 
window (``Closed with monetary relief,'' ``Closed with non-monetary 
relief,'' ``Closed with explanation,'' ``Closed'' or ``In progress'') 
or has failed to make any response within 15 days. This means that 
almost all complaints will be subject to posting at or before the 15-
day mark, improving the timeliness of data in the public database. 
However, if the company can make a reasonable showing within the 15 
days that the consumer's identification is incorrect, the complaint 
will not be published unless and until the correct issuer is 
identified.\43\
---------------------------------------------------------------------------

    \43\ The Bureau will consider requests for more than 15 days to 
determine identity only on an exceptional, case-by-case basis. If 
the Bureau were to authorize such an extension, it would not post 
the relevant complaint to the database in the interim.
---------------------------------------------------------------------------

    Once data for a given complaint has been posted to the public 
database, any new data fields for that complaint will be added to the 
public database as they become available. Thus, if a company makes a 
late response, its response will be included in the public database, 
but that response would also show as untimely. The Bureau currently 
proposes to update the public database once each day, subject to the 
initial lag period that applies to a given complaint.

H. Posting Data for Complaints Submitted to Other Regulators

    One consumer group commented that the public database should 
include data on complaints that the Bureau forwards to other agencies. 
This group also commented that the Bureau should encourage other 
agencies to submit complaints to the same public database.\44\
---------------------------------------------------------------------------

    \44\ Along the same lines, one trade group objected to the 
disclosure of issuer names in part because the Bureau's database 
would only include complaints against larger financial institutions.
---------------------------------------------------------------------------

    The Bureau agrees that the utility of the public database would be 
improved by the inclusion of as many complaint records as possible. As 
a result, it is open to other regulators providing parallel complaint 
data for inclusion in the public database. Until that can be achieved, 
however, the Bureau does not believe it would be that useful to include 
referred complaints in the public database. The Bureau would not be 
able to describe how and when a referred complaint was responded to, or 
whether the consumer accepted or disputed the outcome. In addition, the 
Bureau would not have verified the existence of a commercial 
relationship between the company and the consumer.

I. Public Database Tools

    Consumer groups recommended a number of particular tools for 
accessing the public database. One group urged that the tools directly 
generate ranking data. Another argued that the access system should be 
able to generate percentage shares for one variable in terms of 
another.
    The Bureau will use a data platform to make the complaints publicly 
available. This platform has a number of important features. First, 
users can search and filter the data across any of the data fields.\45\ 
Second, users can build their own data visualizations, which can then 
be embedded on other Web sites and shared via social media. These 
visualizations can stay up-to-date with the Bureau's public database as 
it receives new data. This makes it easy for reviewers to disseminate 
information from the database, reducing transaction costs in the 
marketplace of ideas. Third, the platform allows users to submit public 
comments for potential refinements and improvements to the public 
database. Fourth, the data will be provided in a machine-readable 
format via an Application Programming Interface. This will allow third 
parties to build their own tools for leveraging the data, further 
reducing transaction costs and improving dissemination.
---------------------------------------------------------------------------

    \45\ For example, the system will enable a user to know the 5-
digit zip code distribution of all billing dispute claims, or the 
complaint-type distribution of all complaints associated with one 
issuer or one time period.
---------------------------------------------------------------------------

J. Extension of Policy Statement to Complaint Data for Other Consumer 
Products and Services

    The Concurrent Notice published in the Federal Register describes 
the Bureau's proposal to extend the Policy Statement to all consumer 
products and services within the Bureau's jurisdiction. Responsive 
comments are due on or before July 19.

IV. Final Policy Statement

    The text of the final Policy Statement is as follows:
1. Purposes of Credit Card Complaint Data Disclosure
    The Bureau receives credit card complaints from consumers. The 
Bureau intends to disclose certain information about credit card 
complaints in a public database and in the Bureau's own periodic 
reports.
    The purpose of this disclosure is to provide consumers with timely 
and understandable information about credit cards and to improve the 
functioning of the credit card market. By enabling more informed 
decisions about credit card use, the Bureau intends for its complaint 
data disclosures to improve the transparency and efficiency of the 
credit card market.
2. Public Access to Data Fields
    Data from complaints that consumers submit will be uploaded to a 
publicly accessible database, as described below.
a. Complaints Included in the Public Database
    To be included in the public database, complaints must: (a) Not be 
duplicative of another complaint at the Bureau from the same consumer; 
(b) not be a whistleblower complaint; (c) within the scope of the 
Bureau's authority under section 1025 of the Consumer Financial 
Protection Act; and (d) be submitted by a consumer (or his or her 
authorized representative) with an authenticated commercial 
relationship with the identified issuer. The public database will 
initially include data from credit card complaints submitted on or 
after June 1, 2012.
b. Fields Included in the Public Database
    For included complaints, the Bureau will upload to the public 
database certain non-narrative fields that do not call for PII. The 
Bureau plans to include these fields:
    (i) Bureau-assigned unique ID number;
    (ii) Channel of submission to Bureau;
    (iii) Date of submission to Bureau;
    (iv) Consumer's 5-digit zip code;
    (v) Subject matter;
    (vi) Date of submission to company;
    (vii) Company name;
    (viii) Company response category;
    (ix) Whether the company response was timely; and
    (x) Whether the consumer disputed the response.\46\
---------------------------------------------------------------------------

    \46\ Additional fields remain under consideration for potential 
inclusion.
---------------------------------------------------------------------------

    The consumer generates data for fields (iv), (v), (vii), and (x). 
The Bureau will authenticate the consumer's identification of the 
relevant company

[[Page 37568]]

in field (vii), and finalize the entry in that field as 
appropriate.\47\ The Bureau intends to use the name of the issuer as 
disclosed in Nilson Report data on the credit card market. If a company 
demonstrates by the 15-day deadline that it has been wrongly 
identified, no data for that complaint will be posted unless and until 
the correct issuer is identified. At the 15-day mark, however, the 
Bureau will post the complaint data with the originally identified 
issuer in field (vii) so long as the Bureau has card number or 
documentary data to support the identification. If the Bureau cannot 
reasonably identify the company, however, the complaint will be closed 
without posting to the public database.
---------------------------------------------------------------------------

    \47\ The consumer's card number generally will enable 
authentication of the correct issuer. If a card number is not 
available, the Bureau works directly with the consumer to identify 
the correct issuer from issuer correspondence such as statements or 
letters. If the correct issuer cannot be identified in this manner, 
no data is posted to the database.
---------------------------------------------------------------------------

    The complaint system automatically populates the two date fields, 
(iii) and (vi). The Bureau completes fields (i), (ii), and (ix).\48\ 
The issuer completes field (viii). If it selects ``Closed with monetary 
relief'' for field (viii), the issuer will also enter the amount of 
monetary relief provided, although that information will not be 
included in the public database.\49\ Field (viii) will show as ``In 
progress'' if the issuer responds with a request within 15 days for the 
full 60-day response period. The issuer's later response will then 
overwrite the ``In progress'' data entry.
---------------------------------------------------------------------------

    \48\ If a response is untimely, at either the 15 or 60-day mark, 
field (ix) will show that the issuer did not respond on a timely 
basis. The issuer's substantive response, if it eventually makes 
one, will still be shown in field (viii), but the untimeliness entry 
will remain.
    \49\ The Bureau is not planning to disclose the consumer's 
claimed amount of monetary loss and, as a result, believes it would 
be inappropriate to disclose, in the individual case, the amount of 
relief provided by the issuer. The Bureau, however, may include non-
individual data on monetary relief in its own periodic reports. The 
Bureau has determined not to include the consumer's claimed amount 
of monetary relief because a review of complaints shows that 
consumers have had difficulty stating the amount and prefer to 
provide a narrative description of the relief that they believe to 
be appropriate.
---------------------------------------------------------------------------

c. When Data Is Included in the Public Database
    The Bureau will generally add field data to the public database for 
a given complaint within 15 days of forwarding the complaint to the 
company in question. If the company responds ``Closed with monetary 
relief,'' ``Closed with non-monetary relief,'' ``Closed with 
explanation,'' ``Closed,'' or ``In progress'' before the 15-day 
deadline for response, the Bureau will then post applicable data for 
that complaint to the public database. If the company fails to respond 
at all by the 15-day deadline, the Bureau will also post data for that 
complaint at that point. In this case, the issuer response category 
field will be blank and the untimely response field will be marked. As 
noted above, if a company demonstrates by the 15-day deadline that it 
has been wrongly identified, no data for that complaint will be posted 
unless and until the correct issuer is identified. Once the Bureau 
discloses some data for a given complaint, it will add to the public 
database any new complaint data that are subject to disclosure as they 
become available. Subject to these various restrictions, data will be 
posted to the public database on a daily basis.
d. Public Access
    A public platform for the public database will enable user-defined 
searches of the posted field data. Each complaint will be linked with a 
unique identifier, enabling reviewers to aggregate the data as they 
choose, including by complaint type, issuer, location, date, or any 
combination of these variables. The data platform will also enable 
users to save and disseminate their data aggregations. These 
aggregations can be automatically updated as the public database 
expands to include more complaints. Finally, users will be able to 
download the data or leverage it via an Application Programming 
Interface.
e. Excluded Fields
    The public database will not include personally identifying fields 
such as a consumer's name, credit card number, or address information 
other than a 5-digit zip code. At least until it can conduct sufficient 
further study, the Bureau will not post to the public database the 
consumer's narrative description of ``what happened'' or his or her 
description of a ``fair resolution.'' The Bureau also will not post a 
company's narrative response. These narrative fields may contain 
personally identifiable information or other information that could 
enable identification. The possibility of disclosure may also suppress 
complaints and/or reduce the specificity of complaint narratives, 
potentially undermining the effectiveness of the complaint process. In 
addition, the company's response may contain material protected from 
disclosure under consumer privacy laws. The Bureau intends to study the 
potential inclusion of narrative fields as described further in section 
4 of this Policy Statement.
3. Regular Bureau Reporting on Complaints
    At periodic intervals, the Bureau intends to publish reports about 
complaint data, which may contain its own analysis of patterns or 
trends that it identifies in the complaint data. So far, the Bureau has 
published three reports containing aggregate complaint data.\50\ The 
Bureau intends for its reporting to provide information that will be 
valuable to consumers and other market participants. Before determining 
what reports to issue beyond those relating to its own handling of 
complaints, the Bureau will study the volume and content of complaints 
that it has received in a given reporting period for patterns or trends 
that it is able to discern from the data. If the data will support it, 
the Bureau intends for its reports to include some standardized metrics 
that would provide comparisons across reporting periods. The reports 
will also describe the Bureau's use of complaint data across the range 
of its statutory authorities during a reporting period. Because 
monetary relief data will not be included in the individual-level 
public database, the Bureau anticipates such data will be included at 
non-individual levels in its own periodic reporting.
---------------------------------------------------------------------------

    \50\ See note 2.
---------------------------------------------------------------------------

4. Matters for Further Study
    Going forward, the Bureau intends to study the effectiveness of its 
credit card complaint disclosure policy in realizing its stated 
purposes. In addition, the Bureau will analyze the narrative fields 
submitted by consumers and issuers. The analysis will assess whether 
there are practical ways to disclose narrative data in a manner that 
will improve consumer understanding without undermining privacy 
interests or the effectiveness of the credit card complaint process and 
without creating unwarranted reputational injury to issuers.
5. Effect of Policy Statement
    This Policy Statement is intended to provide guidance regarding the 
Bureau's exercise of discretion to publicly disclose certain data 
derived from consumer complaints. The Policy Statement does not create 
or confer any substantive or procedural rights on third parties that 
could be enforceable in any administrative or civil proceeding.

    Authority: 12 U.S.C. 5492(a), 5493(b)(3)(C), 5496(c)(4), 
5511(b)(1), (5), 5512(c)(3)(B).


[[Page 37569]]


    Dated: June 14, 2012.
Richard Cordray,
Director, Bureau of Consumer Financial Protection.
[FR Doc. 2012-15163 Filed 6-21-12; 8:45 am]
BILLING CODE 4810-AM-P