For decades, the relationship between a bank and its customer was considered a private sanctuary.
But for Neil Castellon and hundreds of other Bank of America customers, that sanctuary was dismantled in the days following January 6, 2021. His recently filed class action lawsuit confirms a reality that NLPC has fought to expose: Bank of America has effectively become an unappointed arm of federal law enforcement.
The details of the Castellon complaint reveal a disturbing narrative of corporate surveillance. Mr. Castellon, a Florida resident, was not a target of a criminal investigation. He hadn’t been charged with a crime or even questioned. Yet, because he used his Bank of America card in the Washington, D.C., area between January 5 and January 7, 2021, he was automatically entered into a digital dragnet.
Bank of America didn’t just hand over a list of people at the Capitol; They swept up anyone who bought a meal, paid for a hotel, or grabbed a coffee in the entire D.C. metro area. Then, they refined that list with a “political filter” that should chill every American. The bank cross-referenced these D.C. travelers with their own historical records to see who had ever purchased a firearm. Because Mr. Castellon was a lawful gun owner, he was vaulted to the top of a “high-risk” list and his private data was handed over to the FBI—voluntarily, without a warrant, and without his knowledge.
This wasn’t an isolated incident or a conspiracy theory. Both Mr. Castellon’s lawsuit and NLPC’s own advocacy are grounded in the explosive findings of the House Judiciary Subcommittee on the Weaponization of the Federal Government. Led by Chairman Jim Jordan, the subcommittee’s reports uncovered how federal agencies like FinCEN and the FBI “commandeered” the financial system.
The subcommittee found that the government encouraged banks to search for broad terms like “MAGA,” “Trump,” and even “religious texts.” Purchases at stores like Bass Pro Shops or Cabela’s were treated as indicators of “extremism.” Bank of America was a primary participant in this scheme, allegedly data-mining its own customers under a premise that lacked any legal process or specific criminal nexus.
Recognizing this threat to civil liberties and shareholder value, NLPC submitted a shareholder proposal for Bank of America’s 2025 annual meeting. We didn’t ask for the impossible; We simply asked the bank to “come clean” and provide a report on its policies regarding these government data-sharing requests.
We believed that the shareholders—the actual owners of the bank—deserved to know if their management exposed the company to massive legal liability by playing “deputy” for the FBI. We pointed out the staggering hypocrisy: Bank of America reportedly did little to expose the suspicious transactions of Jeffrey Epstein for years, yet they couldn’t wait to hand over the data of peaceful American citizens.
Mark Uyeda
Unfortunately, the bank was able to avoid accountability thanks to the Securities and Exchange Commission. In early 2025, Bank of America asked the SEC for permission to ignore our proposal and keep it off the ballot. At the time, the SEC was under the interim leadership of Commissioner Mark Uyeda, an appointee of the Trump administration. Despite the administration’s public stance against “weaponized” government, the SEC sided with the bank.
The SEC used a bureaucratic loophole, agreeing with the company that the issue of government weaponization is “ordinary business.” In the eyes of the SEC, the decision to secretly monitor thousands of customers and hand their data to the FBI is just a boring, day-to-day administrative detail, akin to deciding what color to paint the bank’s lobby. By labeling this a routine management issue, the SEC effectively took the power away from shareholders and gave it back to the very executives who oversaw the privacy breach.
By siding with the bank, the SEC ensured that the very policies leading to the Castellon lawsuit would remain hidden from public view. It is a glaring double standard: the SEC has historically allowed far-left activists to force votes on everything from “racial equity” to climate change, yet they deemed the violation of our Fourth Amendment rights to be too “ordinary” for a vote.
The Castellon lawsuit vindicates the concerns NLPC raised months ago. It proves that the “weaponization” of finance has real-world victims and carries massive legal costs. As we warned in our proposal that the SEC allowed Bank of America to dismiss:
As BofA’s release of customer data relate to the findings in the Weaponization Subcommittee report, the evidence shows no firearms were used at the Jan. 6, 2021 incident, and no one at the U.S. Capitol was injured or killed with one, except one woman protester by an officer. Thus the Company’s actions fall outside the scope of U.S. disclosure laws, and are incongruent with BofA’s assurances that it keeps customer information private. As a result, the Company deceived its customers and betrayed their trust.
And while the SEC continues to allow radical “woke” proposals to move forward, they have blocked NLPC’s efforts to protect the basic constitutional rights of every American.
