Every time you connect your bank account to a budgeting app or crypto exchange, you risk letting a hidden middleman silently steal your financial data—sometimes forever. Firms like Plaid, Yodlee, and MX aren’t just helping apps work; they’re scraping your account details billions of times each month—often without you even asking—and selling that data to the highest bidder.
Worse, they do this through infrastructure banks built and secured—without paying a dime.
At the center of this problem is a 2024 rule from the Consumer Financial Protection Bureau (CFPB), issued under the Biden administration. Known as Section 1033, this rule goes well beyond what Congress authorized. It blocks banks from charging data middlemen fees to access sensitive customer financial information through APIs—secure digital pipelines that banks spent hundreds of millions of dollars developing.
This so-called “consumer access” rule shields data brokers’ unlimited access to bank systems, often at the expense of consumer privacy and security. Consumers are left in the dark about how much access they actually grant—or how long that access lasts.
Join the conversation as a VIP Member