CEI Calls for End to SEC's Consolidated Audit Trail, Citing Constitutional and Privacy Concerns

CEI urges SEC to eliminate its Consolidated Audit Trail database tracking billions of daily market records, citing First, Fourth, and Fifth Amendment violations alongside cybersecurity risks.

The Competitive Enterprise Institute has called for the complete elimination of the Securities and Exchange Commission's Consolidated Audit Trail program, a massive database that tracks tens of billions of daily records covering all orders, cancellations, modifications, and trades across U.S. equity and options markets. In a comment letter filed on June 22, 2026—the deadline for regulatory comments—CEI's Richard Morrison argues the CAT is "a bloated, expensive burden with significant constitutional problems" that should be scrapped entirely.

The CAT program, mandated by the SEC via Rule 613, aggregates data from self-regulatory organizations and broker dealers to help regulators reconstruct market events and investigate potential securities law violations. The SEC issued a concept release in April soliciting comments on whether changes should address "civil liberty, privacy, and confidentiality concerns; cost-efficient technology solutions; and cybersecurity considerations." Morrison's letter responds that the answer is "an overwhelming yes," pointing to multiple legal and practical problems that have accumulated over the decade and a half the program has been in development.

According to Morrison, the CAT raises First Amendment issues relevant to Supreme Court precedents including Americans for Prosperity Foundation v. Bonta (2021) and NAACP v. Alabama (1958). The program also presents "major Fourth Amendment problems" because it shifts from surveilling specific suspects to surveilling everyone, as CEI colleague Wayne Crews noted. Morrison adds that the database even triggers Fifth Amendment concerns related to property takings and self-incrimination. The comment letter emphasizes that maintaining a giant database full of information on "presumptively innocent Americans" creates significant cybersecurity risks, noting that the SEC has had its own problems maintaining its EDGAR database and securing other digital properties.

The constitutional problems stem from the CAT's sweeping scope and mandatory participation requirements. By collecting comprehensive trading data on all market participants rather than targeting suspected wrongdoers, the program creates what privacy advocates see as a dangerous precedent for government surveillance. Morrison draws parallels to concerns raised by analysts like Shoshana Weissmann about "huge, unwieldy government databases" in other contexts, such as age verification for digital media. The CEI letter notes that the program has faced multiple legal challenges and objections throughout its development, particularly from the New Civil Liberties Alliance, with Senior Litigation Counsel Peggy Little serving as a key source on the program's deficiencies.

CEI recommends the SEC terminate the CAT program entirely rather than attempt reforms. The organization argues that the combination of constitutional vulnerabilities, cybersecurity risks, high costs, and privacy invasions makes the database fundamentally incompatible with principles of limited government. With the comment period now closed, the SEC will review submissions from CEI and other stakeholders before deciding whether to modify, maintain, or eliminate the surveillance system that's been tracking American investors' every market move.