Subject: File No. SR-CHX-2016-20
From: Anonymous Anonymous

January 3, 2017

Exchanges have virtually unlimited access to brokerage records for anyone with an account. Brokerage accounts tell a great deal more about someone's assets than most bank accounts. The vast majority of professionals have the vast majority of their liquid or near-liquid wealth in brokerage accounts. With someone's brokerage account a bad actor will have a very good idea of that person's financial standing and how it has changed over time.

Imagine a bad actor with exchange-level access to U.S. brokerage records. That bad actor will know someone's holdings, cash balances, retirement savings, college savings for children (even names of children), spouse names, everyone who has privileges to the account, and activity and changes overtime. That bad actor could build very accurate profiles of someone's family and trusted associates. Using that information a bad actor could possibly identify people who have more or less wealth than they "should" given their occupations. They could identify people under financial stress.

Imagine a bad actor affiliated with a geo-political rival, particularly one which has conducted successful information gathering hacks like those on the federal government's Office of Personnel Management, FBI personnel files, and others. Access to the brokerage accounts of individuals targeted from those hacks could be a very rich source of actionable intelligence for many kinds of mischief including spear phishing attacks.

Imagine a bad actor affiliated with a geo-political rival with access to the proposed comprehensive audit trail of all stock trades the SEC has recently approved. (Access directly via valid credentials or access via malware inserted using valid credentials.) Access to that audit trail could further enhance any other data that geo-political rival has on many thousands of targets it has identified. It could also be used for spear phishing attacks, blackmail attempts, and who knows what else. That rival is certainly already building "fullz" profiles on targets of interest and data from a comprehensive audit trail and broker statements would be very valuable information.

None of this is to imply improper motives of officials at any exchange. A bad actor could form a relationship with an exchange when the exchange has only the best motives. A bad actor could take whatever time it needed though to get the access and information it wanted via its completely innocent exchange partner.