U.S. SEC's Piwowar says skeptical of FINRA's data collection proposal

WASHINGTON (Reuters) - A top U.S. Securities and Exchange Commission official expressed skepticism on Thursday about a plan by Wall Street's self-regulatory group to launch a trading data collection program, saying it may raise privacy concerns.

SEC Republican Commissioner Michael Piwowar said he fears that the Financial Industry Regulatory Authority's proposal, aimed at beefing up its market surveillance, may be unnecessary and could be at risk for cyber attacks or other privacy breaches.

"Is this yet another Washington solution in search of a problem?" Piwowar asked in remarks made during an SEC investor advisory committee meeting.

FINRA's plan, known as the Comprehensive Automated Risk Data System, or CARDS, would require firms to submit vast quantities of data.

FINRA wants the use the information to help it analyze securities transactions from all individual U.S. brokerage accounts to help better identify what it calls "red flags" of sales practice misconduct.

The proposal has been steeped in controversy.

The Securities Industry and Financial Markets Association, the leading Wall Street trade group, has argued the plan is too costly, overly broad, and may put investors at risk of having their private account details hacked.

FINRA has said it would not collect customers' personal details, such as Social Security numbers and names, but SIFMA still fears hackers would still be able to figure out peoples' identities by using other information in the database.

Piwowar's comments on Thursday echoed many of the concerns previously expressed by SIFMA.

In his remarks, he cited a recent study by researchers at the Massachusetts Institute of Technology, which looked at how easy it is to identify individuals using credit card metadata.

The study found that just the dates and locations of four purchases are enough to identify 90 percent of the people in a data set of credit card transactions.

"Some have suggested that making the data anonymous can adequately address privacy concerns. However, a study published two weeks ago by MIT researchers should cause us to re-think that premise," Piwowar said.

(Reporting by Sarah N. Lynch; Editing by Alan Crosby)