Recently, we blogged about Data Brokers, companies who profit from harvesting and selling your personal information.
Now it appears they don't want us to know how they gather data on us or our children, how (or whether) they safeguard it, or who is buying it.
Concerns have been voiced about the potential damage these businesses could do to individuals, particularly if the information they sell is inaccurate (for example, to prospective employers) or if they are gathering and selling information about children and teens.
Also, privacy advocates are concerned about the lack of a requirement to let consumers opt out of such services or have their data permanently deleted.
Congress Wants to Know
In an attempt to address these concerns, the Bipartisan Congressional Privacy Caucus recently sent Letters of Inquiry to nine major data brokers, asking how they collect, assemble and sell consumer information to third parties.
The letters addressed the need for greater transparency in this multi-billion dollar industry that affects virtually all of us. It asked the data brokers some probing questions about potentially disturbing practices, for example:
- What information they collect about individuals and from where
- Who buys the information and for what reason
- If consumers can access, correct, or delete their information, or opt-out, and how much the companies profit from that
- How they store and protect the information from accidental disclosure
- What data security measures they require from those who buy the information
- Whether or not consumers know their information is being collected and shared
- Whether or not they collect and sell information about children and teens
The Industry's Response
The individual companies have apparently responded through an industry trade group, The Direct Marketing Association.
The DMA failed to answer many of the questions the Congressional caucus asked. Instead, it chose to focus on how its industry allegedly creates jobs, drives the economy, and helps consumers receive ads they want.
The DMA also claims the only harm that might come to consumers from inaccurate marketing data about them is receiving an irrelevant ad; and that letting consumers correct or delete their own information would require adding even more personally identifiable information to their records.
That fails to address the other legitimate concerns raised in the letter, such as an online version of the illegal practice of "redlining", called "weblining" where whole groups of society might not have access to educational, employment and other opportunities because some private ranking system classifies them as low-value prospects, apparently known in the industry as "waste".
The response also fails to address the potentially serious harm that could come to children from unknown information about them being traded on an open market.
Finally, it basically tells Congress that its members are already subject to some regulations and that voluntary regulations are good enough to address society's remaining concerns.
Although the letter implies that the individual data brokers are also going to respond, it is unclear if they are going to do so in any more detail, or at all.
You can read the response for yourself here.