Big Data companies, known as data brokers, have been compiling intricate personal profiles on nearly every American shopper, according to an in-depth report from the Federal Trade Commission (FTC).
Data brokers collect and resell billions of intimate details such as whether you own a dog, are a single parent, play the lottery, are a low-income African-American living in the city, or a rural homeowner with high cholesterol. With help from stores, websites and local government, these companies keep track everything about you: age, race, Social Security Number, religious affiliation, political preferences, or whether you own a gun.
“In the nearly two decades since the Commission first began to examine data brokers, little progress has been made to improve transparency and choice,” the FTC said in its report. And with the “availability of more granular information about individual consumers, the need for consumer protections in this area has never been greater.”
Data brokers get some information directly by using browser cookies that monitor consumers’ Web history, online and offline behavior. The companies also funnel publicly posted information from social media sites, including Facebook and Twitter, to create better profiles.
Once in the database, consumer data is combined to create profiles like “Financially Challenged,” “Bible Lifestyle,” “Smoker In Household,” or “Married Sophisticates.” Data brokers then use that data primarily to tailor online advertisements and improve marketing. They can also use the information in more helpful ways, making it easier for you to find what you’re looking for online, and preventing fraud by verifying your identity for financial institutions and flagging suspicious activity on your accounts.
But data brokers were recently caught building and selling more troubling profiles with labels like “AIDS/HIV sufferer,” “alcoholism sufferers,” and even “rape sufferers.” Those lists, which were compiled with confidential information from unknown sources, were then sold and exploited for marketing purposes.
“Data brokers sell lists of people suffering from mental health diseases, cancer, HIV/AIDS, and hundreds of other illnesses,” Pam Dixon, executive director of the World Privacy Forum, said in a U.S. Senate hearing last year. “Data brokers sell lists of people who live in or near trailer parks so that these undesirable consumers can be targeted for suppression. Data brokers sell lists of people who are late on payments, often to those who make predatory offers to those in financial trouble.”
Because the industry is so unregulated, data brokers aren’t required to give up their sources. Data broker executives refused to name their sources in the Senate hearing, Forbes reported. That means no one, not even the government, knows exactly where data brokers get much of their data.
The new FTC report calls for tougher transparency laws so that people can better protect themselves. Data broker companies hover just under consumers’ radar, and most people don’t know they exist and exactly how much information they gather. And because people don’t know these profiles exist, they can’t manage what gets collected or shared.
But the FTC may face resistance from lawmakers. Political campaigns rely on data broker lists to enhance fundraising efforts during elections and better target their voter base, The Washington Post pointed out, so politicians are reluctant to rein in that valuable collection. “[Congress is] not going to vote against their political self-interest,” Jeffrey Chester, executive director of the Center for Digital Democracy, told the Post.
The FTC also warned that because data brokers collect and store billions of personal data records, consumers’ privacy is at risk. So far this year, almost half of Americans have had their private data exposed by hackers, according to a new study. In recent years, consumer privacy has suffered an unprecedented number of blows from a flurry of breaches from big name retailers such as Target and, most recently, eBay and Spotify to technical flaws in individual Websites’ security protections.
Breaches reached an all-time high in 2013, with about one billion records leaked. The Heartbleed bug discovered earlier this year affected nearly 70 percent of the world’s website encryption, exposing millions of passwords, credit card numbers, Social Security Numbers and other personal data. Web browsers, namely Apple’s Safari and Microsoft’s Internet Explorer, have also been hit with security flaws that put online users’ data at risk. Data brokers are just as at risk as any other company, and pose even more of a danger to consumers’ privacy because they collect so much sensitive information, the FTC said.
Because data brokers’ profiles map out an individual’s life and behaviors — favorite coffee shops, shoe size, and whether one buys from mail catalogs — it heightens the potential for identity theft. Hackers could theoretically use these detailed profiles to predict passwords and beat authentication measures, such as the ones used for bank accounts, the report said. The FTC also proposed that new regulation should keep data brokers from collecting information on children under 13. Even when the brokers have policies against collecting data from minors, “they may not check” and their data gets funneled in with everyone else’s and used for marketing.