How data brokers handle consumers’ personal information.
Members of the Congressional Bi-Partisan Privacy Caucus released the responses of several data brokers to an inquiry into their business practices. Data brokers collect and sell the personal information of consumers to third parties, typically without the knowledge of the consumers themselves.
The lawmakers reported that most of the companies did not consider themselves "data brokers," and that "many questions about how these data brokers operate have been left unanswered, particularly how they analyze personal information to categorize and rate consumers." The Federal Trade Commission recently called for data-broke legislation in a report on consumer privacy.
“The data brokers’ responses offer only a glimpse of the practices of an industry that has operated in the shadows for years,” said the lawmakers in a joint statement. “Many questions about how these data brokers operate have been left unanswered, particularly how they analyze personal information to categorize and rate consumers. This and other practices could affect the lives of nearly all Americans, including children and teens. We want to work with the data broker industry so that it is more open about how it collects, uses, and sells Americans’ information. Until then, we will continue our efforts to learn more about this industry and will push for whatever steps are necessary to make sure Americans know how this industry operates and are granted control over their own information.”
A copy of the responses to the lawmakers, as well as the original letters, can be found HERE.
Findings from the responses include:
All companies except for one – Acxiom – rejected the categorization of their business practices as data brokerage. One company called itself a “data provider”, while another reported that since it only “analyzes” data, they should not be considered a data broker.
Only one company provided details on the number of consumers who request access to their information – Acxiom reported over the last two years as few as 77 people per year, out of the 190 million consumers it has collected information on, requested access to their personal information. Several other companies do not allow access to consumer data stating that information is not identifiable.
In addition to collecting data about consumers from sources such as telephone directories, mobile phones, government agencies, financial institutions and directly from consumers themselves, several data brokers reported mining consumer information from social media sites such as Facebook and LinkedIn.
The companies provided little explanation of the distinction between information they collect and use (e.g, a person is female) versus the information they create by analysis for profiling consumers (e.g. young female interested in weight loss sent coupon for a diet pill).
http://markey.house.gov/press-release/lawmakers-release-information-about-how-data-brokers-handle-consumers%E2%80%99-personal
Protecting consumer privacy in an era of rapid change:
http://www.ftc.gov/os/2012/03/120326privacyreport.pdf
How telecoms sell your private info to the highest bidder.
Have you ever lost your mobile phone and been able to find it through your wireless company’s GPS tracking service? Or have you signed up for a family locator program to check on where your kids are through their phones? If so, you’ve voluntarily entered the world of telco tracking. Unfortunately, these are but the most innocent tracking programs that wireless companies like AT&T and Verizon are engaged in.
Every seven seconds or so, one’s wireless company tracks your position vis-à-vis the nearest cell tower, determining not only your location but how long your call lasts. What a phone company does with this data, let alone with all the other information it gathers, remains the company’s secret.
Earlier this year, Rep. Ed Markey (D-MA) revealed that, in 2011, state and local law enforcement agencies had received approximately 1.3 million records from the nation’s wireless carriers. A wireless customer’s personal information provided to law enforcement entities is fairly comprehensive. It includes geo-locational or GPS data, 911 call responses, text message content, billing records, wiretaps, “ping” location and what are known as cell tower “dumps” (i.e., a carrier provides all the phones numbers of cell users that connect with a discrete tower during a discrete period of time).
Equally insidious, these same wireless providers are aggressively collecting and reselling your usage data. The most widely used method is through a special GPS geo-location program offered by Carrier IQ known as CIQ.
"Data is the new oil," declared Bill Diggins, a Verizon Wireless exec in charge of the telco’s latest data aggregation program, Precision Marketing Insights (PMI). Verizon, along with Sprint, introduced its initial device tracking service in 2007.
But PMI goes further. According to Diggins: "We're able to analyze what people are viewing on their handsets.” He offered the following example: “If you're at an MLB game, we can tell if you're viewing ESPN, we can tell if you're viewing MLB, we can tell what social networking sites you're activating, if you're sending out mobile usage content that's user-generated on video."
Other wireless executives share Diggins' enthusiasm for data collection. Sprint company spokesperson Stephanie Vinge Walsh champions the power of the telecos: “We think it’s a benefit to receive ads targeting your interests rather than ads which may not be relevant.”
Verizon’s PMI program allows it to collect user data from devices running on either an Android or an Apple OS (operating system). According to Verizon, the data collected includes what products and services a consumer is using (e.g., device type, calling features and usage patterns), what apps are on the device and GPS location. In addition, it collects a host of demographic and psychographic information “such as gender, age range, sports fan, frequent diner, or pet owner."
Further, the company acknowledges that all the collected information can be combined into "aggregated and marketing reports." In turn, these reports can be sold to third-party entities like data aggregators and direct marketing firms. However, it insists: "We may combine this information in a manner that does not personally identify you." Some reports indicated that Verizon provides a customer’s home address to third parties.
Diggins identified the company’s long-term goal as insinuating itself into a customer’s mobile wallet. “So we’re able to identify what that customer likes not by filling out forms but by actually analyzing what they do on a day to day basis and serve them with products we know they like because we’ve seen they’ve downloaded and purchased products like that.”
In the meantime, what can a wireless user do? Each of the major wireless providers offers customers various means to limit tracking. Be advised that “opt out” procedures are not easy to find and challenging to implement. The following are good sites to start:
AT&T provides privacy and “opt out” information.
Verizon provides an “opt out” or unsubscribe form.
Sprint provides privacy and “opt out” information.
T-Mobile provides privacy and “opt out” information.
For more information on opt-out options and privacy rights regarding wireless devices, check out these resources.
http://www.alternet.org/civil-liberties/how-telecoms-sell-your-private-info-highest-bidder