Chances are you‘ve never heard of data brokers, yet they likely know who you are, where you live, your interests, what you buy, and even intimate medical details. Information resellers are controversial companies that scrape massive amounts of data from online and offline sources, compile profiles on each person, and sell that data without obtaining direct consent. While these practices generate profits and useful services, concerns are growing about privacy erosion. So in the era of big data, are data brokers an inventible evil we must live with for modern life to function? Or reckless companies in dire need of regulation? After two decades silently and lucratively mining the details of people‘s private lives, lawmakers are assessing if further oversight and consumer protections are needed to rein in unchecked data harvesting by these opaque giants.
What Exactly Do Data Brokers Do?
Ever wonder how social media ads seem to eerily align with conversations you‘ve just had out loud or web searches you were exploring in incognito mode? That‘s data brokers at work. Data brokers like Acxiom, Oracle, LexisNexis, and Experian scrape information about you from a vast array of online and offline sources to craft intricate profiles cataloging your identity, interests, habits, and much more. They package up groups of people based on personality traits and interests inferred from the data points its algorithms connect about you. Then they sell access to you and others that fit a certain profile to their clients – retailers, tech platforms, advertisers, governments, healthcare providers and more.
While you may willingly give some well-known tech giants like Google permission to use your data for ads, the backchannel data broker economy collects and trades exponentially more data about you from countless sources – online and offline – for purposes undisclosed and often unwanted.
You likely have hundreds of data points about your life and behaviors swirling around in these brokers‘ systems – only a tiny fraction of which you intentionally provided or consented to share. This leaves consumers uneasy about just how much brokers know and who else they are telling.
Where Do Data Brokers Get All This Information?
Data brokers ingest data from a myriad of sources, including:
- Government records – birth certificates, voter registration, property records, court documents
- Past online purchases, browsing history and search terms
- Shopping loyalty card programs that link purchases to your identity
- Social media activity like posts, friends/followers and messages
- Mobile app usage, location and sensor data
- Public internet posts and engagement with ads
- Offline purchases, subscriptions, census data
Advanced identity graph algorithms integrate all these far-flung data breadcrumbs to form comprehensive consumer profiles. Some brokers even purchase data from each other to further enrich their surveillance dossiers on internet users.
Once these varied streams are compiled for each person, only a few disconnected data points are needed to precisely re-identify ‘anonymous‘ consumer groupings. In fact, a Stanford study found that just knowing gender, zip code and date of birth enabled re-identification of 50% of individuals from ‘anonymized‘ credit card metadata.
This is why privacy experts sound alarms about the practices of near-invisible corporate data miners of our personal information.
Breaking Down the Categories of Data Brokers
While often lumped together, there are several distinct types of data brokers that serve different specialties:
Marketing/Advertising Data Brokers
The largest group, these data giants like Acxiom, Oracle and Experian furnish big tech firms, advertisers, political groups and retailers with tracked insights on user interests and online/offline purchasing habits for microtargeted messaging. They enable that eerie feeling you get when you start getting ads for the exact product you were just chatting to a friend about or topics privately researched.
- Key Players: Acxiom, Epsilon, Experian, Oracle
- Sources: Loyalty programs, public records, web trackers, purchases
- Clients: Adtech vendors, advertisers, retailers
People Search/Background Check Data Brokers
These brokers like LexisNexis, Intelius and Spokeo offer personal contact details, addresses, criminal/court records, asset details and even relatives of individuals. Their clients range from debt collectors to suspicious spouses digging into partner fidelity.
- Key Players: LexisNexis, Intelius, Spokeo
- Sources: Public records, court/arrest data, phone books
- Clients: Debt collectors, law firms, private investigators
Health Data Brokers
Selling data to insurance providers or pharmaceutical firms that can discriminate against unhealthy populations, this sector poses some of the greatest risks for exploitation. Firms like IMS Health, Optum and IQVIA deal in sensitive medical data that leaks from insurance claims, prescriptions and doctor visits.
- Key Players: IMS Health, Optum, IQVIA
- Sources: Insurance claims, pharmacy prescriptions
- Clients: Insurance companies, pharma/med device firms
Financial Data Brokers
Equifax, Experian and TransUnion are leading credit agencies that calculate creditworthiness scores from income, loans, bankruptcy filings and payment history data. As keepers of credit access, errors or breaches of their data can be highly damaging.
- Key Players: Equifax, Experian, TransUnion
- Sources: Loan/credit applications, debt repayment history
- Clients: Banks/lenders, debt collectors
By The Numbers: Massive Scale & Growth
A burgeoning industry operating behind the scenes has rapidly grown into a surveillance apparatus cataloging over 95% of the US population. According to Federal Trade Commission estimates:
[- Over $200 billion a year is transacted within the data broker market- At least 4,000 data broker firms now operate globally
- In the US alone – over 5,000 data broker sites trawl through consumer details
- Average American is profiled in over 700 data broker databases that deduced 1,500 data points about them](https://i.upmath.me/svg/%3Csvg%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%20width%3D%22432%22%20height%3D%22100%22%3E%20%20%3Ctext%20x%3D%2210%22%20y%3D%2225%22%3EOver%20%24200%20billion%20a%20year%20is%20transacted%20within%20the%20data%20broker%20market%3C%2Ftext%3E%20%20%3Ctext%20x%3D%2210%22%20y%3D%2250%22%3EAt%20least%204%2C000%20data%20broker%20firms%20now%20operate%20globally%3C%2Ftext%3E%20%20%3Ctext%20x%3D%2210%22%20y%3D%2275%22%3EIn%20the%20US%20alone%20-%20over%205%2C000%20data%20broker%20sites%20trawl%20through%20consumer%20details%3C%2Ftext%3E%20%20%3Ctext%20x%3D%2210%22%20y%3D%22100%22%3EAverage%20American%20is%20profiled%20in%20over%20700%20data%20broker%20databases%20that%20deduced%201%2C500%20data%20points%20about%20them%3C%2Ftext%3E%3C%2Fsvg%3E)
The scope of this hidden data mining operation on the personal details on hundreds of millions yields staggering profits for these brokers.
Real Life Data Broker Risks: Breaches & Scandals
To understand potential downsides of mass private data trafficking, several troubling cases shine a light on what can go wrong:
Facebook & Cambridge Analytica
In one of the more notorious scandals, the now defunct political consulting firm exploited Facebook‘s data access policies to build voter profiles on 87 million Americans from likes, posts and friends. These psychographic models fueled hypertargeted messaging to swing key votes in 2016. The scheme drew global outrage over covert analytics conducted on people‘s information without meaningful consent.
Equifax Breach
In 2017, one of the largest credit bureaus Equifax was massively hacked, exposing the full names, addresses, birth dates and social security numbers of nearly 150 million Americans and driving extensive identity theft. Social security numbers cannot easily be changed, enabling long term fallout.
NHS Medical Records Theft
In perhaps the most tragic case highlighting risks of centralizing sensitive data, a tech employee for the UK‘s National Heath Service abused his access to medical records to blackmail hundreds of patients. He pled guilty in 2018 for using health information to extort sex, money and valuable items from vulnerable victims.
As these examples attest, consolidated personal information often escapes meaningful oversight on access controls or ethical usage – with devastating impacts.
The Legal State of Data Brokers
Given profound implications, you might assume data mining practices involve oversight – but US law has yet to catch up to technological capabilities. As it stands, a patchwork of legislation aimed at financial agencies, healthcare providers and credit bureaus impose some consumer protections like granting data access rights that data brokers simply sidestep. For instance, credit agencies must allow you to review your file while brokers trafficking similar information operate without constraints.
The Federal Trade Commission continues waging a years long campaign urging Congress to enact a federal data privacy law bringing transparency requirements, opt-out rights and consent procedures to rein in reckless misuse of Americans‘ data. But gridlock and fierce lobbying against perceived constraints on innovation leaves most data brokers answerable to little more than their profit motives.
Differing Views: Necessary Evil or Reckless Profiteers?
Given profound implications, perspectives diverge sharply on appropriate policy responses balancing economic priorities and civil liberties. Some argue…
Data Brokers Provide Social Value
- Fraud prevention through identity verification
- Assessing credit risks expands access to financing
- Targeted ads fund free online services
- Understanding trends guides business decisions
- People search assists in finding lost contacts
Vs. Reckless Commercialization of Private Lives
- Brazen stripping of personal autonomy
- Fuels filter bubbles and thought manipulation
- Enables discrimination in lending, jobs etc
- Little visibility or consent to spread of intimate details
Because data broker activities operate remotely on such a vast scale, most consumers remain unaware of the identities, practices or even existence of companies trafficking in their data. Yet revelations keep surfacing of disturbing misuse and security failures.
An Analogy: Personal Data Strip Mining
A useful analogy frames data brokers as strip mining the details of consumers‘ private lives. They penetrate firewalls around private spaces both online and off to extract nuggets of personal preferences and behaviors. This scraped material gets consolidated, refined and traded to buyers wanting to tap into the human experience like a natural resource.
But unlike materials from the earth which replenish over years, our personal information is the only one we have. Once specifics around our identities, interests and lives enter broker systems they could circulate indefinitely. Like any mined resource, what assurances exist that extracted personal data gets used responsibly? That seems doubtful given the externalized incentives of capitalizing on individual‘s information without consent or compensation.
Policy Solutions: Oversight to Balance Innovation & Rights
While some argue data mining drives innovation that outweighs theoretical privacy concerns, research shows that erosion of personal control over information access provokes lasting distress. Bulk data processes profoundly impact individuals yet operate entirely removed from visibility or consent, invalidating claims they naturally balance competing needs. Policy interventions to structure appropriate handling of mined personal data remain vital.
Ideally, consumer privacy legislation would encode rights including:
- Right to know what data a company holds on you
- Access to view or delete held personal data
- Portability to transfer your data to other platforms
- Opt-in consent for data sharing/selling
- Private right of action to sue for damages
Such measures would maintain opportunities for consented data usage fueling desirable services while giving consumers meaningful visibility and control to address misuse. Critically, this would enable appropriate balancing between risks and rewards rather than the current regime of unchecked commercial forces unilaterally determining what merits public exposure.
Of course simplistic bans also risk unintended consequences given digital advertising now funds much of the internet. With care however, oversight mechanisms can ensure corporations take only what data consumers willingly share for agreed uses. This balances innovation with ethical imperatives – preventing reckless strip mining of our most personal details.
Overall there are reasonable arguments on multiple sides given the complexity balancing privacy rights, security, and economic priorities. But given profound implications on personal autonomy, the burden of proof falls heavily on data brokers to justify current harvesting practices rather than on the public to unambiguously object. As with other mediated rights around speech or search and seizure, unfettered commercial access fails to meet this standard absent thoughtful policy.
In Conclusion: Not Inherently Evil But Reckoning Needed
At their core, data brokers fill damages wrought by technology diffuse personal information at scales untenable for individuals to track. Much like emissions from industrialization threatening balances that stood for generations, the byproducts of surveillance capitalism amass faster than existing safeguards contain. This provokes deep Priceconomic harms from secret hoarding of behavioral data as well as grave Security concerns posed by centralized data lakes.
While the most responsible data brokers aim to contribute positively to society, lack of consent and controls on use risk substance abuse. To address harms, policymakers have a duty to constrain reckless practices that cannot self-regulate. But well structured, such interventions need not prevent constructive applications advancing ethical objectives.
Viewed through this lens, the data brokering industry alone cannot shoulder blame for demographic harms inflicted by its accumulation of people‘s information trails. Policy failures enabling unchecked capitalism around individuals‘ most personal details paved the way for current excesses. With ethical oversight and rights-preserving reforms, innovative services can prosper alongside consumer protections – escaping charges of evil for prioritizing profit over public interest absent better incentives. But now legislators must act to balance enduring social value and individual dignity where markets cannot.
