When the National Security Agency scandal came to light, we learned that the government was all up in our email and phones. However, data mining corporations and third-party data brokers who plunder our Internet habits and meanderings have heretofore remained out of the spotlight.
That appears to be changing, if the Federal Trade Commission has any juice on this issue. It has stepped forward and asked Congress if it has time to oversee the behavior of data brokers who collect and sell our personal information.
The problem, according to the FTC, is the lack of transparency and accountability of these third-party brokers. Web users are accustomed to companies that own websites having access to personal information, but data brokers stay in the background, denying visitors the right to know who is collecting their information.
"You may not know them, but data brokers know you," said Edith Ramirez, chairwoman of the FTC. She noted that brokers "operate in the dark" while collecting information about e-commerce transactions, political and religious backgrounds, income and other sensitive, revelatory and potentially damaging information.
In what the FTC refers to as this "Big Data" economy, information is both money and power. Some of what these brokers accumulate can seem innocuous at first, such as whether a consumer is loyal to certain product brands or is generally interested in computers, boats or sports. Many web users, in fact, don't mind when information is used to more efficiently target them with ads or is tailored to their interests.
Things get a bit dodgy when email addresses are sold, or when sensitive medical, financial, marital status, sexual orientation, religious and political information is disseminated. Some of the danger lies in the concept that the web user becomes not just a random visitor to a site, but a personally identified subject who could be at risk if some of this information falls into ill-intentioned hands. If a user's credit rating is imperiled, for example, the consumer may not know how that information was garnered. If a consumer is identified as a motorcycle enthusiast, the consumer may be offered some sweet deals on a Harley or an insurance company may see that person as someone who indulges in risky business. Access to a wealth of personal information can also make an identity thief better-equipped to predict passwords, challenge questions or other authentication credentials.
Of course, some of these brokers' powers are used for good instead of potential evil. Some brokers sell risk-mitigation products, used for client identification or fraud detection. Some brokers allow consumers to update their information. Most allow them to opt out of information disclosure, although making consumers aware of that option can be deliberately camouflaged on a site.
In a 110-page report that studies the actions of nine data brokers, the FTC calls for Congress to enact legislation that would enable consumers to learn of the existence and activities of data brokers and provide consumers with reasonable access to information about them held by these entities.
Data brokers, understandably, believe that they are already abiding by good business practices that eliminate the need for further regulation. Steve Howe, speaking for Axciom (an Arkansas-based data broker), said "I think there is a misunderstanding about what we do. We collect data and we use that data about people to give them more relevant advertising and help businesses make better decisions about marketing to those people."