||This article includes a list of references, but its sources remain unclear because it has insufficient inline citations. (August 2011) (Learn how and when to remove this template message)|
An information broker (or data broker) collects information, often about individual people. The data is then sold to companies that use it to target advertising and marketing towards specific groups, to verify a person's identity including for purposes of fraud detection, and to sell to individuals and organizations so they can research particular individuals. Critics, including consumer protection organizations, say the industry is secretive and unaccountable, and should be better regulated. There are also brokers for technology vulnerabilities, which offer a bug bounty to hackers, in turn selling that information on the grey or black market to those who would exploit it, such as foreign government intelligence agencies.
Beginning in the late twentieth century, technological developments such as the development of the internet, increasing computer processing power and declining costs of data storage made it much easier for companies to collect, analyze, store and transfer large amounts of data about individual people. This gave rise to the information broker or data broker industry.
Brokers collect information about individuals from public records and private sources including census and change of address records, motor vehicle and driving records, user-contributed material to social networking sites such as Facebook, Twitter and LinkedIn, media and court reports, voter registration lists, consumer purchase histories, most-wanted lists and terrorist watch lists, bank card transaction records, health care authorities, and web browsing histories. The data are aggregated to create individual profiles, often made up of thousands of individual pieces of information such as a person's age, race, gender, height, weight, marital status, religious affiliation, political affiliation, occupation, household income, net worth, home ownership status, investment habits, product preferences and health-related interests. Brokers then sell the profiles to other organizations that use them mainly to target advertising and marketing towards specific groups, to verify a person's identity including for purposes of fraud detection, and to sell to individuals and organizations so they can research people for various reasons.
Data brokers in the United States include Acxiom, Experian, Epsilon, CoreLogic, Datalogix, eBureau, ID Analytics, inome, PeekYou, Rapleaf, and Recorded Future. Acxiom claims to have files on 10% of the world's population, with about 1500 pieces of information per consumer. quoted in Senate.gov.
Individuals generally cannot find out what data a broker holds on them, how a broker got it, or how it is used. Some data brokers retain all information indefinitely.
Files on individuals are generally sold in lists; examples cited in testimony to the U.S. Congress include lists of rape victims, seniors with dementia, financially vulnerable people, people with HIV, and police officers (by home address). Less controversial are lists of rich people, doctors, or parents.
There are probably between 3500 and 4000 data broker companies, and about a third may provide opt-outs, with some charging over a thousand dollars for them.
Removing information from databases of companies like Acxiom and Epsilon can be a long and difficult process, especially since it can be difficult to know who has your information. Sites like stopdatamining.me offer links to many of these companies as well as what the process may be to help with getting data removed.
Credit scores were first used in the 1950s, but did not become widely known or specifically regulated until the 1990s.
In 1977 Kelly Warnken published the first fee-based information directory, which continues to be published and has expanded to cover international concerns.
A U.S. Senate Committee published A Review of the Data Broker Industry: Collection, Use, and Sale of Consumer Data for Marketing Purposes. It states that "Today, a wide range of companies known as “data brokers” collect and maintain data on hundreds of millions of consumers, which they analyze, package, and sell generally without consumer permission or input." Their main findings were that:
- Data brokers collect a huge volume of detailed information on hundreds of millions of consumers.
- Data brokers sell products that identify financially vulnerable consumers.
- Data broker products provide information about consumer offline behavior to tailor online outreach by marketers.
- Data brokers operate behind a veil of secrecy.
The information produced by data brokers has been criticized for enabling discrimination in pricing, services and opportunities. For example, a May 2014 White House report found that web searches that included black-seeming first names such as Jermaine were more likely to result in ads being displayed that include the word "arrest," compared with web searches including white-seeming first names such as Geoffrey.
An Online Information Broker FAQ is published by Privacy Rights Clearinghouse (PRC), a nonprofit consumer organization in the United States. PRC also maintains a list of information brokers (data brokers, with links to their privacy policies, terms of service, and opt-out privisions.
Data brokers have also faced legal charges for security breaches due to poor data security practices.
Calls for regulation and legislation
A 2007 University of California study, after requesting and analyzing information-sharing practices at 86 companies, found many operating under an opt-out model that it described as inconsistent with consumer expectations, and recommended that the California state legislature require companies to disclose their information-sharing policies using clear, unambiguous language, and consider creating a centralized, user-friendly method for consumers to opt out of information-sharing.
In 2009, the U.S. Federal Trade Commission had recommended the U.S. Congress develop legislation enabling consumers to see the information that data brokers hold about them, a recommendation it renewed in subsequent reports in 2012 and 2014. In 2013, the U.S. Government Accountability Office also called for Congress to consider legislation.
The Data Accountability and Trust Act contained a number of requirements for auditing and verification of accuracy of data held by information brokers, and additional measures in the case of a security breach. The bill also gave identified individuals the means and opportunity to review and correct the data held that related to them. It passed through the United States House of Representatives in the 111th Congress, but failed to pass the United States Senate. It was revived by the 112th Congress in 2011 as H.R. 1707., but died after being referred to committee. The bill was first introduced by Rep. Bobby Rush [D-IL1] on Apr 30, 2009, H.R. 2221
In fiction, information brokers usually find data for a story's main character(s). Fictional information brokers can be of varying importance and have varying methods. For example, a hacker can be an information broker, though they may be simply transferring whatever information they find to the main character(s). Other brokers may have memorized data and tell the main character(s) covertly. Also, a fee is not always involved. The information broker may have an alliance with the main character(s) or be one themselves.
Examples of information brokers in contemporary fiction would be DC Comics' superheroine, the Oracle; Edward G. Robinson's character Sol in the film Soylent Green; the Shadow Broker in the video game series Mass Effect; Nicholas Wayne, Rachel, Elean Duga, Gustav St. Germain, Carol, and the President of the Daily Days newspaper company in Baccano!; or Izaya Orihara in the light novel series Durarara!!. A few of the characters in Neil Stephenson's novel Snow Crash find work selling data as "stringers" for the Central Intelligence Corporation.
- Carvell, Linda P. (2005). Career Opportunities in Library and Information Science. New York: Checkmark Books. pp. 75–79, 171–181.
- Taylor, Allen and James Robert Parish (2009). Career Opportunities in Library and Information Science. New York: Ferguson. pp. 206–212.
- "http://www.whitehouse.gov/sites/default/files/docs/big_data_privacy_report_may_1_2014.pdf" (PDF). Retrieved Aug 17, 2014. External link in
- Beckette, Lois (9 November 2012). "Yes, Companies Are Harvesting – and Selling – Your Facebook Profile". Retrieved 17 August 2014.
- "Congressional Testimony: What Information Do Data Brokers Have on Consumers?".
- "DATA BROKERS: A Call for Transparency and Accountability" (PDF). Federal Trade Commission. Government of the United States. May 2014. Retrieved 13 August 2014.
- "Online Information Broker FAQ". Privacy Rights Clearinghouse. privacyrights.org. October 4, 2010. Retrieved May 6, 2014.
- "Online Information Broker FAQ".
- "- Privacy Rights Clearinghouse".
- "Agency Announces Settlement of Separate Actions Against Retailer TJX, and Data Brokers Reed Elsevier and Seisint for Failing to Provide Adequate Security for Consumers Data".
- Hoofnagle , and Jennifer King, Chris Jay (17 December 2007). "Consumer Information Sharing: Where the Sun Still Don't Shine" (PDF). (working paper). Retrieved 17 August 2014.
- "TC Recommends Congress Require the Data Broker Industry to be More Transparent and Give Consumers Greater Control Over Their Personal Information". Federal Trade Commission. Retrieved 31 May 2014.
- Data Accountability and Trust Act (2011; 112th Congress H.R. 1707). GovTrack.us. Retrieved on 2013-11-12.
- "Data Accountability and Trust Act (2009; 111th Congress H.R. 2221)". govtrack.us. Retrieved November 12, 2013.