Data broker

Last updated

A data broker is an individual or company that specializes in collecting personal data (such as income, ethnicity, political beliefs, or geolocation data) or data about companies, mostly from public records but sometimes sourced privately, and selling or licensing such information to third parties for a variety of uses. Sources, usually Internet-based since the 1990s, may include census and electoral roll records, social networking sites, court reports and purchase histories. The information from data brokers may be used in background checks used by employers and housing.

Contents

There are varying regulations around the world limiting the collection of information on individuals; privacy laws vary. In the United States there is no federal regulation protection for the consumer from data brokers, although some states have begun enacting laws individually. In the European Union, GDPR serves to regulate data brokers' operations. Some data brokers report to have large numbers of population data or "data attributes". Acxiom purports to have data from 2.5 billion different people.

Overview

Information broker is sometimes abbreviated to IB, and other terms used for information brokers include data brokers, independent information specialists, [1] information or data agents, [2] data providers, data suppliers, [3] information resellers, data vendors, [4] syndicated data brokers, or information product companies. [5] Information consultants, freelance librarians, and information specialists are also sometimes termed information brokers. [6] [7]

Credit scores were first used in the 1950s, [8] and information brokering emerged as a career for individuals during that decade. [1] However the business of information brokering did not become widely known or specifically regulated until the 1990s. [8] During the 1970s, "information brokers" often had a library science degree; however, towards the end of the 20th century, people with degrees in science, law, business, medicine, or other disciplines entered the profession, and the line between the terms information professional and information broker became more blurred. [9] In 1977, Kelly Warnken published the first fee-based information directory, followed by the Journal of Fee-Based Information Services in 1979 [9] and the book The Information Brokers: How to Start and Operate Your Own Fee-based Service in 1981. [10]

Beginning in the late twentieth century, technological developments such as the development of the Internet, increasing computer processing power, and declining costs of data storage made it much easier for companies to collect, analyze, store and transfer large amounts of data about individuals. This gave rise to the information broker or data broker industry. [11] As of 2021, there is no required academic qualification for the job of information broker; some people may have a bachelor's degree in business or marketing, [12] while others may have a background in library science, or may have worked for a database provider. [1]

Services

Information brokering has been described as the "business of buying and selling information as a commodity". [13] Information brokers have been defined by the (US) Federal Trade Commission as "companies that collect information, including personal information about consumers, from a wide variety of sources for the purpose of reselling such information to their customers for various purposes, including verifying an individual's identity, differentiating records, marketing products, and preventing financial fraud". [4] Gartner defines an information broker as "a business that aggregates information from a variety of sources; processes it to enrich, cleanse or analyze it; and licenses it to other organizations". It states that data is "licensed for particular or limited uses" rather than sold to a client. [5]

Information brokers (IBs) collect and collate data concerning myriad topics, ranging from the daily communications of an individual to more specialized data such as product registrations, [14] patents and copyright data, [15] mostly from publicly available sources, usually obtained from online databases. They may also provide various other services, such as analysing the data and writing reports on them; creating databases for clients; or updating clients whenever new information on a specific topic or person. Clients use data brokers to save themselves time and money, as the brokers are trained in the skills needed to retrieve such information effectively and efficiently. [1] Information brokers are secondary researchers, who find information on a variety of subjects, including companies (often competitors [2] ), markets, people, and products. Their role includes analysis and synthesis of the data they find, [16] Brokers may find everything else they can about an individual on the Internet, and aggregate that data with information from a variety of other sources. [3]

Information brokers sometimes specialise in a specific area, such as market research, statistics, or scientific data. [2]

Clients of information brokers come from a wide range of industries and professions, including manufacturing, financial institutions, political parties, government agencies and historians. [17] Non-profit organizations might benefit from information which helps them to apply for grant funding, and real estate agents often use IBs to undertake land title searches. [2] [18] Advertising, fraud detection and risk mitigation are three common reasons for using data brokers, [3] and these are the three broad categories defined by the Federal Trade Commission. [4] Information brokers need to screen their clients carefully to avoid criminals obtaining data on individuals for nefarious purposes: US broking companies Lexis-Nexis and ChoicePoint have both been duped by phoney clients, leading in one case to identity theft on a large scale. [4]

Data may be harvested from various sources, including census, change of address, motor vehicle-related records, user-contributed material and social networking sites, [19] media and court reports, voter registration lists, consumer purchase histories, most-wanted lists and terrorist watch lists, bank card transaction records, health care authorities, and Web browsing histories. [8] IBs may also purchase information from other companies (such as a credit card company). [3] The information collected may include name, address, social security number, driver's licence number and other such identifying information, as well as occupation, property ownership, income, etc. [20] Advertising companies are most often only interested in profiles and categories rather than personal information about an individual. [3]

Information from property records, tax filings, etc. may also be available via "people-search" whitepage sites, either for a small fee or no cost. These websites can thereby have implications for stalking, harassment, and domestic violence. [21]

The data are aggregated to create individual profiles, often made up of thousands of pieces of information, such as a person's age, race, gender, height, weight, marital status, religious affiliation, political affiliation, occupation, household income, net worth, home ownership status, investment habits, product preferences and health-related interests. [22] Brokers then sell the profiles to other organizations that use them mainly to target advertising and marketing towards specific groups, [17] or to verify a person's identity including for purposes of fraud detection, and to sell to individuals and organizations so they can research people for various reasons. [22] Some datasets may also include geolocation data and is included in marketing resources from Acxiom. Experian and Oracle also advertise location-based marketing services. [21]

Many brokers work independently, while others are employees of large companies such as LexisNexis or ProQuest. [17]

In the United States

Data brokers in the United States include Acxiom, Experian, Epsilon, CoreLogic, Datalogix, Intelius, PeekYou, Exactis, and Recorded Future. [22] [23] In 2012, Acxiom claimed to have files on about 500 million active consumers worldwide, with about 1,500 data points per person [24] and, in 2023, Acxiom (renamed LiveRamp) claims to have files on 2.5 billion people and over 3,000 data points per person. [25] [26] The company Oracle has publicly noted it has connections with 80 data broker companies. The US Department of Homeland Security has purchased cell phone location data and home utility data from data brokers to facilitate deportations. The Federal Bureau of Investigation (FBI) has purchased personal data from the company Venntel. Under both of these circumstances, a warrant is not required to acquire this data, due to the fact that it is "open source" or "commercially obtained". [21] Use of the data also has implications in background checks (used in rent/housing and job applications). [27]

In 2012, Spokeo, a people search website, settled with the US Federal Trade Commission for $800,000 over violations of the Fair Credit Reporting Act. [28]

In 2017, Cambridge Analytica claimed that it has psychological profiles of 220 million United States citizens, based on 5,000 separate data sets, [29] with another source reporting 230 million. [30] A scandal emerged after it was found that after 270,000 Facebook users consented to sharing their data, data was scraped from about 50 million profiles on the social media platform. This was seen as breach of trust by Facebook. [31]

In 2018, American companies spent $19 billion acquiring and analyzing consumer data, according to the Interactive Advertising Bureau. [28]

In 2021, The Pillar outed a Catholic priest by purchasing data from a data broker including data usage from Grindr. [21]

Privacy issues and regulation

Information privacy laws are not as strict in the United States as in the European Union, where data brokers work hard to get around the General Data Protection Regulation (GDPR) regulations, brought into operation in 2018. Under GDPR, data can only be collected for re-use on one of six legal bases. The rather vague term "legitimate interest" is often abused or misinterpreted. [3] Explicit consent from users is required for information storage. In addition, data processing related with political opinion and religious belief is prohibited unless the consent of data subject is granted. [32]

In the US, individuals generally cannot find out what data a broker holds on them, how a broker got it, or how it is used. [33] There is no federal law that permits or enables consumers to see, make corrections to, or opt out of data compiled by brokers. [4]

Files on individuals are generally sold in lists; examples cited in testimony to the U.S. Congress include lists of rape survivors, seniors with dementia, financially vulnerable people, people with HIV, police officers (by home address), [8] [23] alcoholics, and people with erectile dysfunction. [3] [34]

Calls for regulation in the US

A 2007 University of California study, after requesting and analyzing information-sharing practices at 86 companies, found many operating under an opt-out model that it described as inconsistent with consumer expectations, and recommended that the California state legislature require companies to disclose their information-sharing policies using clear, unambiguous language, and consider creating a centralized, user-friendly method for consumers to opt out of information-sharing. [35]

The proposed US Data Accountability and Trust Act (introduced in 2009) [36] contained a number of requirements for auditing and verification of accuracy of data held by information brokers, and additional measures in the case of a security breach. The bill also gave identified individuals the means and opportunity to review and correct the data held that related to them. It passed through the United States House of Representatives in the 111th United States Congress, but failed to pass the United States Senate. It was revived by the 112th United States Congress in 2011 as H.R. 1707., [37] but died after being referred to committee. The bill was first introduced by Rep. Bobby Rush [D-IL1] on 30 April 2009, H.R. 2221. [38]

In 2009, the U.S. Federal Trade Commission had recommended the United States Congress develop legislation enabling consumers to see the information that data brokers hold about them, a recommendation it renewed in subsequent reports in 2012 and 2014. In 2013, the U.S. Government Accountability Office also called for Congress to consider legislation. [22] [39]

In October 2019, California Governor Gavin Newsom signed into action statute AB 1202. This bill "would require data brokers to register with, and provide certain information to, the Attorney General. The bill would define a data broker as a business that knowingly collects and sells to third parties the personal information of a consumer with whom the business does not have a direct relationship, subject to specified exceptions". [40] This law was created to safeguard against the "cloak of invisibility" (unregistered, unregulated, untracked information broker) that previous data brokers roamed in. It was also meant to regulate the purchasing of data in commercial third party buyers, and tracks the data brokers information trades.<? Clarity would aid the reader. > [41]

Due to the interest in federal regulation, data broker firms have lobbied and spent $29 million in the year 2020. [27]

Criticisms, consumer rights and breaches

A United States Senate Committee in 2013 published A Review of the Data Broker Industry: Collection, Use, and Sale of Consumer Data for Marketing Purposes. [23] It states that "Today, a wide range of companies known as 'data brokers' collect and maintain data on hundreds of millions of consumers, which they analyze, package, and sell generally without consumer permission or input." Their main findings were that:

The information produced by data brokers has been criticized for enabling discrimination in pricing, services and opportunities. For example, a May 2014 White House report found that web searches that included black-seeming first names such as Jermaine were more likely to result in ads being displayed that include the word "arrest," compared with web searches including white-seeming first names such as Geoffrey. [11]

An Online Information Broker FAQ [42] is published by Privacy Rights Clearinghouse (PRC), a nonprofit consumer organization in the United States. PRC also maintains a list of information brokers, with links to their privacy policies, terms of service, and opt-out provisions. [43]

Data brokers have also faced legal charges for security breaches due to poor data security practices. [44]

Professional associations

The Association of Independent Information Professionals (AIIP) is a professional association based in Baton Rouge, Louisiana, with members from 20 countries worldwide, [45] representing both primary and secondary researchers. [16]

Fiction

Examples of information brokers in contemporary fiction would be the Shadow Broker in the video game series Mass Effect ; Nicholas Wayne, Rachel, Elean Duga, Gustav St. Germain, Carol, and the President of the Daily Days newspaper company in Baccano! ; or Izaya Orihara in the light novel series Durarara!! . A few of the characters in Neal Stephenson's novel Snow Crash find work selling data as "stringers" for the Central Intelligence Corporation. Information broker characters play a prominent role in stories published by DC Comics. The character trope is best exemplified by the superhero Oracle, but the trope is later used with the characters Calculator, Proxy, Chloe Sullivan, and Felicity Smoak as well.

See also

Related Research Articles

<span class="mw-page-title-main">Gramm–Leach–Bliley Act</span> Act of the 106th United States Congress (1999–2001)

The Gramm–Leach–Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, is an act of the 106th United States Congress (1999–2001). It repealed part of the Glass–Steagall Act of 1933, removing barriers in the market among banking companies, securities companies, and insurance companies that prohibited any one institution from acting as any combination of an investment bank, a commercial bank, and an insurance company. With the passage of the Gramm–Leach–Bliley Act, commercial banks, investment banks, securities firms, and insurance companies were allowed to consolidate. Furthermore, it failed to give to the SEC or any other financial regulatory agency the authority to regulate large investment bank holding companies. The legislation was signed into law by President Bill Clinton.

Consumer privacy is information privacy as it relates to the consumers of products and services.

<span class="mw-page-title-main">Fair Credit Reporting Act</span> U.S. federal legislation

The Fair Credit Reporting Act (FCRA), 15 U.S.C. § 1681 et seq., is federal legislation enacted to promote the accuracy, fairness, and privacy of consumer information contained in the files of consumer reporting agencies. It was intended to shield consumers from the willful and/or negligent inclusion of erroneous data in their credit reports. To that end, the FCRA regulates the collection, dissemination, and use of consumer information, including consumer credit information. Together with the Fair Debt Collection Practices Act (FDCPA), the FCRA forms the foundation of consumer rights law in the United States. It was originally passed in 1970, and is enforced by the U.S. Federal Trade Commission, the Consumer Financial Protection Bureau, and private litigants.

A privacy policy is a statement or legal document that discloses some or all of the ways a party gathers, uses, discloses, and manages a customer or client's data. Personal information can be anything that can be used to identify an individual, not limited to the person's name, address, date of birth, marital status, contact information, ID issue, and expiry date, financial records, credit information, medical history, where one travels, and intentions to acquire goods and services. In the case of a business, it is often a statement that declares a party's policy on how it collects, stores, and releases personal information it collects. It informs the client what specific information is collected, and whether it is kept confidential, shared with partners, or sold to other firms or enterprises. Privacy policies typically represent a broader, more generalized treatment, as opposed to data use statements, which tend to be more detailed and specific.

LiveRamp Holdings, Inc., is a San Francisco, California-based SaaS company that offers a data connectivity platform whose services include data onboarding, the transfer of offline data online for marketing purposes.

Personal data, also known as personal information or personally identifiable information (PII), is any information related to an identifiable person.

Information privacy, data privacy or data protection laws provide a legal framework on how to obtain, use and store data of natural persons. The various laws around the world describe the rights of natural persons to control who is using its data. This includes usually the right to get details on which data is stored, for what purpose and to request the deletion in case the purpose is not given anymore.

A self-regulatory organization (SRO) is an organization that exercises some degree of regulatory authority over an industry or profession. The regulatory authority could exist in place of government regulation, or applied in addition to government regulation. The ability of an SRO to exercise regulatory authority does not necessarily derive from a grant of authority from the government.

Data aggregation is the compiling of information from databases with intent to prepare combined datasets for data processing.

The United States Commission's fair information practice principles (FIPPs) are guidelines that represent widely accepted concepts concerning fair information practice in an electronic marketplace.

The Personal Data Privacy and Security Act of 2009, was a bill proposed in the United States Congress to increase protection of personally identifiable information by private companies and government agencies, set guidelines and restrictions on personal data sharing by data brokers, and to enhance criminal penalty for identity theft and other violations of data privacy and security. The bill was sponsored in the United States Senate by Patrick Leahy (Democrat-Vermont), where it is known as S.1490.

A digital marketing system (DMS) is a method of centralized channel distribution used primarily by SaaS products. It combines a content management system (CMS) with data centralization and syndication across the web, mobile, scannable surface, and social channels.

Do Not Track legislation protects Internet users' right to choose whether or not they want to be tracked by third-party websites. It has been called the online version of "Do Not Call". This type of legislation is supported by privacy advocates and opposed by advertisers and services that use tracking information to personalize web content. Do Not Track (DNT) is a formerly official HTTP header field, designed to allow internet users to opt-out of tracking by websites—which includes the collection of data regarding a user's activity across multiple distinct contexts, and the retention, use, or sharing of that data outside its context. Efforts to standardize Do Not Track by the World Wide Web Consortium did not reach their goal and ended in September 2018 due to insufficient deployment and support.

<span class="mw-page-title-main">Chris Hoofnagle</span>

Chris Jay Hoofnagle is an American professor at the University of California, Berkeley who teaches information privacy law, computer crime law, regulation of online privacy, internet law, and seminars on new technology. Hoofnagle has contributed to the privacy literature by writing privacy law legal reviews and conducting research on the privacy preferences of Americans. Notably, his research demonstrates that most Americans prefer not to be targeted online for advertising and despite claims to the contrary, young people care about privacy and take actions to protect it. Hoofnagle has written scholarly articles regarding identity theft, consumer privacy, U.S. and European privacy laws, and privacy policy suggestions.

Medical data, including patients' identity information, health status, disease diagnosis and treatment, and biogenetic information, not only involve patients' privacy but also have a special sensitivity and important value, which may bring physical and mental distress and property loss to patients and even negatively affect social stability and national security once leaked. However, the development and application of medical AI must rely on a large amount of medical data for algorithm training, and the larger and more diverse the amount of data, the more accurate the results of its analysis and prediction will be. However, the application of big data technologies such as data collection, analysis and processing, cloud storage, and information sharing has increased the risk of data leakage. In the United States, the rate of such breaches has increased over time, with 176 million records breached by the end of 2017. There have been 245 data breaches of 10,000 or more records, 68 breaches of the healthcare data of 100,000 or more individuals, 25 breaches that affected more than half a million individuals, and 10 breaches of the personal and protected health information of more than 1 million individuals.

<span class="mw-page-title-main">Dataveillance</span> Monitoring and collecting online data and metadata

Dataveillance is the practice of monitoring and collecting online data as well as metadata. The word is a portmanteau of data and surveillance. Dataveillance is concerned with the continuous monitoring of users' communications and actions across various platforms. For instance, dataveillance refers to the monitoring of data resulting from credit card transactions, GPS coordinates, emails, social networks, etc. Using digital media often leaves traces of data and creates a digital footprint of our activity. Unlike sousveillance, this type of surveillance is not often known and happens discreetly. Dataveillance may involve the surveillance of groups of individuals. There exist three types of dataveillance: personal dataveillance, mass dataveillance, and facilitative mechanisms.

The gathering of personally identifiable information (PII) is the practice of collecting public and private personal data that can be used to identify an individual for both legal and illegal applications. PII owners often view PII gathering as a threat and violation of their privacy. Meanwhile, entities such as information technology companies, governments, and organizations use PII for data analysis of consumer shopping behaviors, political preference, and personal interests.

Acxiom is a Conway, Arkansas-based database marketing company. The company collects, analyzes and sells customer and business information used for targeted advertising campaigns. The company was formed in 2018 when Acxiom Corporation spun off its Acxiom Marketing Services (AMS) division to global advertising network Interpublic Group of Companies.

Predatory advertising, or predatory marketing, can be largely understood as the practice of manipulating vulnerable persons or populations into unfavorable market transactions through the undisclosed exploitation of these vulnerabilities. The vulnerabilities of persons/populations can be hard to determine, especially as they are contextually dependent and may not exist across all circumstances. Commonly exploited vulnerabilities include physical, emotional, social, cognitive, and financial characteristics. Predatory marketing campaigns may also rely on false or misleading messaging to coerce individuals into asymmetrical transactions. The history of the practice has existed as long as general advertising, but particularly egregious forms have accompanied the explosive rise of information technology. Massive data analytics industries have allowed marketers to access previously sparse and inaccessible personal information, leveraging and optimizing it through the use of savvy algorithms. Some common examples today include for-profit college industries, "fringe" financial institutions, political micro-targeting, and elder/child exploitation. Many legal actions have been taken at different levels of government to mitigate the practice, with various levels of success.

The American Privacy Rights Act (APRA) is a comprehensive data privacy law proposed in the United States. It would place limitations on the kinds of data companies can collect about their users, create processes for users to access or remove data about them, and allow users opt-out from having data sold by data brokers. The bipartisan proposal was introduced in April 2024 by Senator Maria Cantwell (D-WA), and Representative Cathy McMorris Rodgers (R-WA). Cantwell is Chair of the Senate Committee on Commerce, Science, and Transportation and McMorris Rodgers is Chair of the House Committee on Energy and Commerce. If passed, it would supersede a collection of state-based laws which have emerged in the absence of a comprehensive federal data privacy law.

References

  1. 1 2 3 4 "Information Brokers". Inc.com. 6 February 2020. Retrieved 11 March 2021.
  2. 1 2 3 4 Luenendonk, Martin (18 September 2019). "How to become an information broker". Cleverism. Retrieved 11 March 2021.
  3. 1 2 3 4 5 6 7 "What Is a Data Broker and How Does It Work?". Clearcode. 4 February 2019. Retrieved 12 March 2021.
  4. 1 2 3 4 5 "Information Brokers". The Social Engineering Framework. 4 December 2020. Retrieved 12 March 2021.
  5. 1 2 "Definition of Data Broker". Gartner. Retrieved 12 March 2021.
  6. "Information Consultant". ScienceDirect Topics. Retrieved 12 March 2021.
  7. Broughton, D.; Blackburn, L.; Vickers, L. (1991). "Information brokers and information consultants". Library Management . 12 (6): 4–16. doi:10.1108/EUM0000000000838.
  8. 1 2 3 4 "Congressional Testimony: What Information Do Data Brokers Have on Consumers?".
  9. 1 2 Sabroski, Suzanne J., ed. (2000). The independent information professional (PDF) (Report). AIIP.
  10. Warnken, K. (1981). The Information Brokers: How to Start and Operate Your Own Fee-based Service. Information management series. Bowker. ISBN   978-0-8352-1287-8 . Retrieved 11 March 2021.
  11. 1 2 "Big data: seizing opportunities, preserving values" (PDF). Executive Office of the President. May 2014. Archived from the original (PDF) on 20 January 2017. Retrieved 17 August 2014.
  12. "Information broker job description, career as an information broker, salary, employment". StateUniversity.com. Retrieved 12 March 2021.
  13. Bressan, Stephane; Lee, Thomas (June 1997). Information Brokering on the World Wide Web (PDF) (Report). Sloan School of Management, Massachusetts Institute of Technology. Accepted at the WebNet 97 World Conference.
  14. Kitchin, Rob (2014). The Data Revolution. Sage Publications Ltd. (UK).
  15. Campana, Natalia (6 February 2020). "What does an Information Broker do?". Freelancer Blog. Retrieved 12 March 2021.
  16. 1 2 "Research Specialists". The Association of Independent Information Professionals (AIIP). Retrieved 11 March 2021.
  17. 1 2 3 "All About information brokers: what they do and how to become one". Fairygodboss. Retrieved 11 March 2021.
  18. "Information Brokers". NSW Land Registry Services. Retrieved 12 March 2021.
  19. Beckette, Lois (9 November 2012). "Yes, Companies Are Harvesting – and Selling – Your Facebook Profile" . Retrieved 17 August 2014.
  20. Shelest, Dimitri (24 December 2024). "Step-by-step: how to remove yourself from data broker sites". onerep. Retrieved 21 April 2024.
  21. 1 2 3 4 Sherman, Justin. "Data Brokers Know Where You Are—and Want to Sell That Intel". Wired. ISSN   1059-1028 . Retrieved 15 April 2022.
  22. 1 2 3 4 "Data Brokers: A Call for Transparency and Accountability" (PDF). Federal Trade Commission. Government of the United States. May 2014. Retrieved 13 August 2014.
  23. 1 2 3 http://educationnewyork.com/files/rockefeller_databroker.pdf [ bare URL PDF ]
  24. Singer, Natasha (16 June 2012). "Acxiom, the Quiet Giant of Consumer Database Marketing". The New York Times. Retrieved 22 March 2019.
  25. "Acxiom sales brochure" (PDF). Acxiom. Retrieved 3 August 2023.
  26. "Acxiom Launches Marketplace to Drive Smarter Campaigns". Acxiom. Retrieved 3 August 2023.
  27. 1 2 Sherman, Justin. "Data Brokers Are a Threat to Democracy". Wired. ISSN   1059-1028 . Retrieved 25 January 2022.
  28. 1 2 Matsakis, Louise. "The Wired Guide to Your Personal Data (and Who Is Using It)". Wired. ISSN   1059-1028 . Retrieved 15 April 2022.
  29. Govind Krishnan V. (3 June 2017). "Aadhaar in the hand of spies Big Data, global surveillance state and the identity project". Fountain Ink Magazine. Archived from the original on 26 August 2017. Retrieved 27 August 2017.
  30. Cadwalladr, Carole (18 March 2018). "'I made Steve Bannon's psychological warfare tool': meet the data war whistleblower". The Guardian . Retrieved 22 March 2019.
  31. Glum, Julia (22 March 2018). "Was Your Facebook Data Actually 'Breached'? Depends On Who You Ask". Money. Retrieved 12 March 2021.
  32. "Answer to Question No E-000054/19". www.europarl.europa.eu. Retrieved 1 December 2020.
  33. "Online Information Broker FAQ". Privacy Rights Clearinghouse. privacyrights.org. 4 October 2010. Archived from the original on 19 August 2016. Retrieved 6 May 2014.
  34. Hill, Kashmir (19 December 2013). "Data broker was selling lists of rape victims, alcoholics, and 'erectile dysfunction sufferers'". Forbes. Retrieved 12 March 2021.
  35. Hoofnagle, and Jennifer King, Chris Jay (17 December 2007). "Consumer Information Sharing: Where the Sun Still Don't Shine". (working Paper). SSRN   1137990.
  36. "Data Accountability and Trust Act: Federal Breach Notification, Data Security Policies and File Access Addressed". Privacy Compliance & Data Security. 7 May 2009. Retrieved 12 March 2021.
  37. Data Accountability and Trust Act (2011; 112th Congress H.R. 1707). GovTrack.us. Retrieved on 12 November 2013.
  38. "Data Accountability and Trust Act (2009; 111th Congress H.R. 2221)". govtrack.us. Retrieved 12 November 2013.
  39. "TC Recommends Congress Require the Data Broker Industry to be More Transparent and Give Consumers Greater Control Over Their Personal Information". Federal Trade Commission. 27 May 2014. Retrieved 31 May 2014.
  40. "Assembly Bill No. 1202". 2019.
  41. Lazarus, David (5 November 2019). "Column: Shadowy data brokers make the most of their invisibility cloak". Los Angeles Times .
  42. "Online Information Broker FAQ". Archived from the original on 19 August 2016. Retrieved 20 April 2012.
  43. "Privacy Rights Clearinghouse". Archived from the original on 11 September 2016. Retrieved 20 April 2012.
  44. "Agency Announces Settlement of Separate Actions Against Retailer TJX, and Data Brokers Reed Elsevier and Seisint for Failing to Provide Adequate Security for Consumers Data". 27 March 2008.
  45. "Contact Us". The Association of Independent Information Professionals (AIIP). Retrieved 11 March 2021.

Further reading

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.