This month, a strongly worded Washington Post op-ed by Federal Trade
Commissioner Julie Brill calling for transparency in the business
practices of the online data broker industry provoked a heated response.
While the ACLU and other privacy advocates have long had their suspicions about how and why data brokers were tracking individuals, as the commissioner stated in her op-ed:
It took the NSA revelations to make concrete what this exchange means: that firms, governments or individuals, without our knowledge or consent, can amass large amounts of private information about people to use for purposes we don’t expect or understand.
Clearly displeased with the link to the NSA scandal, Linda Woolley—CEO and president of the Direct Marketing Association—fired back with an open letter to the commissioner. In the letter Woolley attacks the commissioner, claiming she disregards the benefits of data collection and unfairly demonizes the entire industry. But the commissioner is right to focus on the data broker industry’s troubling practices.
Interestingly, that massive, secret databases of individuals are being created and sold is not the issue under debate. That’s a simple and open matter of fact. For example:
But Wooley seems to want to focus on what she characterizes as a lack of harm caused by the existence of these databases. Ok, then, let’s talk about harm. Commissioner Brill wrote (and the ACLU has also pointed out) that data brokers are running their data through advanced algorithms that can make “alarmingly personal predictions about our health, financial status, interests, sexual orientation, religious beliefs, politics and habits.” Brill explained that while this may seem benign to some, this data could be used to determine “what offers we receive, what rates we pay, even what jobs we get.”
In 2006, for example, the New York Times reported on a man whose job offer was rescinded after a mistake by Acxiom. He lost a job that would have doubled his salary. Another New York Times report told the story of a 92-year-old veteran who was bilked out of more than $100,000 by criminals who identified him from marketing lists.
While Woolley repeatedly stressed that this kind of data collection is harmless, she still pushed back on granting individuals access to their personal profiles. She even defended secretly sharing the data with third parties the individual has no relationship with and has disclosed no information to. She claims the exchange is “essential for business success” and that these “behind the scenes” deals will enrich people’s experience in the marketplace. Essentially, she’s just asking us to trust them.
Unfortunately, we are not dealing with companies that inspire a lot of trust. While RapLeaf never meant to sell Twombly’s real name with her profile information, the Journal reported they had sold personally identifiable information—such as a unique Facebook ID number, which can be traced back to a person's real name—to at least 12 companies. While RapLeaf has reportedly cleaned up its act, we can’t just assume such mistakes will always be caught and fixed, considering the lack of transparency these companies enjoy, and the rapid development of these new technologies.
Brill wrote that as we discuss the need for transparency surrounding government surveillance, Americans should also have the right to know what commercial data brokers know (or claim to know) about them. To help consumers regain such control, Brill has put forth her “Reclaim Your Name” initiative, which would establish a simple one-stop shop for consumers to see what data aggregators have collected about them, and delete or edit data as they see fit.
While we believe “Reclaim Your Name” is a great first step, ultimately Congress must act to regulate the industry and restore Americans’ robust privacy protections. We applaud the Commissioner for her hard-hitting op-ed, and her initiative.
While the ACLU and other privacy advocates have long had their suspicions about how and why data brokers were tracking individuals, as the commissioner stated in her op-ed:
It took the NSA revelations to make concrete what this exchange means: that firms, governments or individuals, without our knowledge or consent, can amass large amounts of private information about people to use for purposes we don’t expect or understand.
Clearly displeased with the link to the NSA scandal, Linda Woolley—CEO and president of the Direct Marketing Association—fired back with an open letter to the commissioner. In the letter Woolley attacks the commissioner, claiming she disregards the benefits of data collection and unfairly demonizes the entire industry. But the commissioner is right to focus on the data broker industry’s troubling practices.
Interestingly, that massive, secret databases of individuals are being created and sold is not the issue under debate. That’s a simple and open matter of fact. For example:
- One aggregator, PeekYou, boasts, “Our patented technology analyzes content from over sixty social sites, news sources, homepages and blog platforms and identifies the actual people behind it, combining their scattered digital footprints into a comprehensive record of their online identity.”
- RapLeaf advertises as having “Real-Time Data on 80% of U.S. Emails.”
- Brill points out that one of the largest such aggregators, Acxiom, reportedly has information on about 700 million active consumers worldwide, with some 1,500 data points per person.
But Wooley seems to want to focus on what she characterizes as a lack of harm caused by the existence of these databases. Ok, then, let’s talk about harm. Commissioner Brill wrote (and the ACLU has also pointed out) that data brokers are running their data through advanced algorithms that can make “alarmingly personal predictions about our health, financial status, interests, sexual orientation, religious beliefs, politics and habits.” Brill explained that while this may seem benign to some, this data could be used to determine “what offers we receive, what rates we pay, even what jobs we get.”
In 2006, for example, the New York Times reported on a man whose job offer was rescinded after a mistake by Acxiom. He lost a job that would have doubled his salary. Another New York Times report told the story of a 92-year-old veteran who was bilked out of more than $100,000 by criminals who identified him from marketing lists.
While Woolley repeatedly stressed that this kind of data collection is harmless, she still pushed back on granting individuals access to their personal profiles. She even defended secretly sharing the data with third parties the individual has no relationship with and has disclosed no information to. She claims the exchange is “essential for business success” and that these “behind the scenes” deals will enrich people’s experience in the marketplace. Essentially, she’s just asking us to trust them.
Unfortunately, we are not dealing with companies that inspire a lot of trust. While RapLeaf never meant to sell Twombly’s real name with her profile information, the Journal reported they had sold personally identifiable information—such as a unique Facebook ID number, which can be traced back to a person's real name—to at least 12 companies. While RapLeaf has reportedly cleaned up its act, we can’t just assume such mistakes will always be caught and fixed, considering the lack of transparency these companies enjoy, and the rapid development of these new technologies.
Brill wrote that as we discuss the need for transparency surrounding government surveillance, Americans should also have the right to know what commercial data brokers know (or claim to know) about them. To help consumers regain such control, Brill has put forth her “Reclaim Your Name” initiative, which would establish a simple one-stop shop for consumers to see what data aggregators have collected about them, and delete or edit data as they see fit.
While we believe “Reclaim Your Name” is a great first step, ultimately Congress must act to regulate the industry and restore Americans’ robust privacy protections. We applaud the Commissioner for her hard-hitting op-ed, and her initiative.
No comments:
Post a Comment