Navient's privacy practices reflect a business model built on monetizing borrower data. The 2022 settlement revealed systematic use of borrower information for marketing purposes that didn't align with borrower interests. Their privacy policy continues to allow extensive affiliate sharing and marketing use.
| Data Type | Collected | Shared | Sold |
|---|---|---|---|
| Income Information | Yes | Affiliates, Marketing | Yes (GLBA permitted) |
| Employment History | Yes | Affiliates, Verification | No |
| Bank Account Info | Yes | Payment Processors | No |
| Credit Information | Yes | Credit Bureaus, Affiliates | Yes (reporting) |
| Repayment Behavior | Yes | Affiliates, Analytics | Yes (anonymized) |
Navient shares borrower financial data with a network of affiliated companies for marketing purposes. This includes detailed income, debt levels, and repayment patterns that inform targeted marketing for financial products.
State investigations found Navient used data analysis to identify vulnerable borrowers and steer them toward options benefiting Navient (forbearance) rather than borrowers (IDR). While under federal contract, this practice has continued with private loans.
The Gramm-Leach-Bliley Act allows financial institutions to share data for marketing with affiliates and certain third parties. Navient's opt-out process is intentionally friction-heavy, and opting out doesn't stop all sharing.
When accounts become delinquent, extensive borrower data is shared with collection agencies. This includes employment information, contact history, and financial details that collectors use for aggressive collection tactics.
GLBA provides some opt-out rights, but they're limited: