Showing posts with label DATA BROKERS. Show all posts
Showing posts with label DATA BROKERS. Show all posts

Wednesday, May 28, 2014

FEDERAL TRADE COMMISSION SAYS DATA BROKERS NEED TO BE MORE TRANSPARENT

FROM:  U.S. FEDERAL TRADE COMMISSION 
FTC Recommends Congress Require the Data Broker Industry to be More Transparent and Give Consumers Greater Control Over Their Personal Information

Agency Report Shows Data Brokers Collect and Store Billions of Data Elements Covering Nearly Every U.S. Consumer

In a report issued today on the data broker industry, the Federal Trade Commission finds that data brokers operate with a fundamental lack of transparency. The Commission recommends that Congress consider enacting legislation to make data broker practices more visible to consumers and to give consumers greater control over the immense amounts of personal information about them collected and shared by data brokers.

The report, “Data Brokers: A Call for Transparency and Accountability” is the result of a study of nine data brokers, representing a cross-section of the industry, undertaken by the FTC to shed light on the data broker industry. Data brokers obtain and share vast amounts of consumer information, typically behind the scenes, without consumer knowledge. Data brokers sell this information for marketing campaigns and fraud prevention, among other purposes. Although consumers benefit from data broker practices which, for example, help enable consumers to find and enjoy the products and services they prefer, data broker practices also raise privacy concerns.

“The extent of consumer profiling today means that data brokers often know as much – or even more – about us than our family and friends, including our online and in-store purchases, our political and religious affiliations, our income and socioeconomic status, and more,” said FTC Chairwoman Edith Ramirez. “It’s time to bring transparency and accountability to bear on this industry on behalf of consumers, many of whom are unaware that data brokers even exist.”

The report finds that data brokers collect and store billions of data elements covering nearly every U.S. consumer. Just one of the data brokers studied holds information on more than 1.4 billion consumer transactions and 700 billion data elements and another adds more than 3 billion new data points to its database each month.

Among the report’s findings:

Data brokers collect consumer data from extensive online and offline sources, largely without consumers’ knowledge, ranging from consumer purchase data, social media activity, warranty registrations, magazine subscriptions, religious and political affiliations, and other details of consumers’ everyday lives.
Consumer data often passes through multiple layers of data brokers sharing data with each other. In fact, seven of the nine data brokers in the Commission study had shared information with another data broker in the study.

Data brokers combine online and offline data to market to consumers online.
Data brokers combine and analyze data about consumers to make inferences about them, including potentially sensitive inferences such as those related to ethnicity, income, religion, political leanings, age, and health conditions. Potentially sensitive categories from the study are “Urban Scramble” and “Mobile Mixers,” both of which include a high concentration of Latinos and African-Americans with low incomes. The category “Rural Everlasting” includes single men and women over age 66 with “low educational attainment and low net worths.” Other potentially sensitive categories include health-related topics or conditions, such as pregnancy, diabetes, and high cholesterol.

Many of the purposes for which data brokers collect and use data pose risks to consumers, such as unanticipated uses of the data. For example, a category like “Biker Enthusiasts” could be used to offer discounts on motorcycles to a consumer, but could also be used by an insurance provider as a sign of risky behavior.

Some data brokers unnecessarily store data about consumers indefinitely, which may create security risks.

To the extent data brokers currently offer consumers choices about their data, the choices are largely invisible and incomplete.

To help rectify a lack of transparency about data broker industry practices, the Commission encourages Congress to consider enacting legislation that would enable consumers to learn of the existence and activities of data brokers and provide consumers with reasonable access to information about them held by these entities.

For data brokers that provide marketing products, Congress should consider legislation to:

Centralized Portal. Require the creation of a centralized mechanism, such as an Internet portal, where data brokers can identify themselves, describe their information collection and use practices, and provide links to access tools and opt- outs;

Access. Require data brokers to give consumers access to their data, including any sensitive data, at a reasonable level of detail;

Opt-Outs. Require opt-out tools, that is, a way for consumers to suppress the use of their data;

Inferences. Require data brokers to tell consumers that they derive certain inferences from from raw data;

Data Sources. Require data brokers to disclose the names and/or categories of their data sources, to enable consumers to correct wrong information with an original source;

Notice and Choice. Require consumer-facing entities – such as retailers – to provide prominent notice to consumers when they share information with data brokers, along with the ability to opt-out of such sharing; and Sensitive Data. Further protect sensitive information, including health information, by requiring retailers and other consumer-facing entities to obtain affirmative express consent from consumers before such information is collected and shared with data brokers.

For brokers that provide “risk mitigation” products, legislation should:

When a company uses a data broker’s risk mitigation product to limit a consumers’ ability to complete a transaction, require the consumer-facing company to tell consumers which data broker’s information the company relied on;
Require the data broker to allow consumer access to the information used and the ability to correct it, as appropriate.

For brokers that provide “people search” products, legislation should:

Require data brokers to allow consumers to access their own information, opt-out of having the information included in a people search product, disclose the original sources of the information so consumers can correct it, and disclose any limitations of an opt-out feature.    
           
The nine data brokers in the study are Acxiom, CoreLogic, Datalogix, eBureau, ID Analytics, Intelius, PeekYou, Rapleaf and Recorded Future. In December 2012, the Commission voted to issue orders requiring these data brokers to produce the information that was used in the study.

The Commission vote approving the issuance of the report was 4-0, with Commissioner McSweeny not participating.

Thursday, December 19, 2013

FTC OFFICIAL TESTIFIES BEFORE SENATE COMMITTEE REGARDING DATA BROKERS

FROM:  U.S. FEDERAL TRADE COMMISSION 
FTC Testifies on Data Brokers Before Senate Committee on Commerce, Science and Transportation

The Federal Trade Commission provided information to Congress today on the status of its work regarding companies that collect and aggregate consumers’ information and then resell it, known as data brokers.

Testifying on behalf of the Commission before the Senate Committee on Commerce, Science and Transportation, Bureau of Consumer Protection Director Jessica Rich told lawmakers about the FTC’s past and present efforts related to the privacy practices of the data broker industry.

“Because data brokers generally never interact directly with consumers, consumers are typically unaware of their existence, much less the variety of ways they collect, analyze, and sell consumer data,” the testimony states.

The testimony notes that FTC’s work in the data broker industry is not a recent development, pointing to work done by the Commission in the 1990s looking at the privacy practices of data companies not covered under the Fair Credit Reporting Act (FCRA).

In addition, the testimony points to recommendations made by the Commission in its 2012 report on privacy issues about improving the transparency of data brokers’ practices and giving consumers greater control over how their information is used. The recommendations made in the report included giving consumers reasonable access to the data maintained about them by data brokers. The report also noted that the Commission has long supported legislation both to improve consumers’ access rights to data and to improve the transparency of industry practices.

The testimony goes on to address the Commission’s ongoing initiatives regarding data brokers using a three-pronged strategy made up of enforcement actions, research and reports, and education for consumers and businesses.

In describing the FTC’s enforcement efforts in the data broker industry, the testimony notes that the agency has brought nearly 100 cases and obtained more than $30 million in civil penalties for violations of the FCRA. Among the cases highlighted in the testimony are the Commission’s 2012 consent decree with online data broker Spokeo, its case against app developer Filiquarian, and the Commission’s recent consent decree with Certegy Check Services, which resulted in a $3.5 million FCRA fine.

The testimony describes the Commission’s ongoing study of the data broker industry, conducted under its authority in Section 6(b) of the FTC Act. The study is examining the practices of nine companies, and the Commission expects to issue a report outlining the findings in the coming months. In addition, the testimony notes the FTC’s upcoming series of workshops to be held in 2014 on emerging privacy issues, including alternative scoring products sold by data brokers, which are used to predict trends and behaviors of consumers.

Finally, the testimony addresses the Commission’s work in educating businesses and consumers about privacy issues in the data broker industry. The testimony highlights warning letters sent by Commission staff to data brokers that provided tenant-screening services as well as to to marketers of mobile apps that provide employment screening services.

The testimony also mentions a recent undercover effort by Commission staff to determine if data brokers who said they were not covered under FCRA were willing to sell information for FCRA-covered purposes. As a result, ten warning letters were issued to companies.

“These enforcement, policy, and education efforts demonstrate the Commission’s continued commitment to understanding and addressing consumer privacy issues posed by the data broker industry,” the testimony states.

The Commission vote approving the testimony and its inclusion in the formal record was 4-0.

Search This Blog

Translate

White House.gov Press Office Feed