Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

US Congress looks into data brokerage privacy policies

“The data brokers’ responses offer only a glimpse of the practices of an industry that has operated in the shadows for years,” said the lawmakers in a joint statement
“The data brokers’ responses offer only a glimpse of the practices of an industry that has operated in the shadows for years,” said the lawmakers in a joint statement

The information is often used for targeted advertising and demographic segmentation. The problem, according to the Congressional Bi-Partisan Privacy Caucus, is a lack of transparency into an industry that impacts millions of Americans.

Led by Caucus co-Chairmen Reps. Edward J. Markey (D-Mass.) and Joe Barton (R-Texas), a bipartisan group of lawmakers sent enquiry letters to Acxiom, Epsilon (Alliance Data Systems), Equifax, Experian, Harte-Hanks, Intelius, Fair Isaac, Merkle and Meredith Corp., asking about policies and practices related to privacy, transparency and consumer notification. The answers, the Caucus said, fell short.

“The data brokers’ responses offer only a glimpse of the practices of an industry that has operated in the shadows for years,” said the lawmakers in a joint statement. “Many questions about how these data brokers operate have been left unanswered, particularly how they analyze personal information to categorize and rate consumers. This and other practices could affect the lives of nearly all Americans, including children and teens.”

The goal, the committee said, was to develop more consumer transparency and education around how the industry works so that US citizens can make better informed decisions about where and to whom they offer personal information.

However, it appears that the group has its work cut out for it. Some responses were fuller than others. But all companies except for one – Acxiom – rejected the categorization of their business practices as a data brokerage. One company called itself a “data provider,” while another reported that since it only “analyzes” data, it should not be considered a data broker.

Only one company provided details on the number of consumers who request access to their information – Acxiom reported over the last two years as few as 77 people per year, out of the 190 million consumers it has collected information on, requested access to their personal information. Several other companies do not allow access to consumer data stating that information is not identifiable.

In addition to collecting data about consumers from sources such as telephone directories, mobile phones, government agencies, financial institutions and directly from consumers themselves, several data brokers reported mining consumer information from social media sites such as Facebook and LinkedIn – a fact that few consumers are aware of.

The companies provided little explanation of the distinction between information they collect and use (e.g., a person is female) versus the information they create by analysis for profiling consumers (e.g., young female interested in weight loss sent coupon for a diet pill).

“We want to work with the data broker industry so that it is more open about how it collects, uses and sells Americans’ information,” the lawmakers stated. “Until then, we will continue our efforts to learn more about this industry and will push for whatever steps are necessary to make sure Americans know how this industry operates and are granted control over their own information.”

Other signatories on the letters include Reps. Henry A. Waxman (D-Calif.), Steve Chabot (R-Ohio), G.K. Butterfield (D-N.C.), Bobby L. Rush (D-Ill.), and Jan Schakowsky (D-Ill.).