Project for Privacy and Surveillance Accountability (PPSA)
  • Issues
  • Solutions
  • SCORECARD
    • Congressional Scorecard Rubric
  • News
  • About
  • TAKE ACTION
    • PRESS Act
    • Fourth Amendment Is Not For Sale Act
    • Over 3 Million Searches
  • Issues
  • Solutions
  • SCORECARD
    • Congressional Scorecard Rubric
  • News
  • About
  • TAKE ACTION
    • PRESS Act
    • Fourth Amendment Is Not For Sale Act
    • Over 3 Million Searches

 NEWS & UPDATES

How Data Brokers Auction Our Privacy – and What Can Be Done About It

1/13/2022

 
Picture
Graphic by Karen Sutanto
It is a truism of the digital age that while our preferences are sold by data brokers to companies, our names and identities are not disclosed. This allows corporate America to know that I like to ski and drink premium coffee – so it can harmlessly tailor my digital ad streams to include offers on discount tickets at a resort or a new java blend – all without compromising my privacy.
 
This tailoring allows social media platforms like Facebook to be free, while ensuring the ads I see are relevant. As for privacy, I could care less who knows that I like to ski or sip hot coffee.
 
Justin Sherman, a fellow at Duke University’s Sanford School of Public Policy who leads a research project into the “data brokerage ecosystem,” recently testified before the U.S. Senate Committee on Finance. He exploded these comforting truisms, demonstrating that our digital portraits are far more intimate than most Americans realize. Sherman said:
 
Data brokers gather your race, ethnicity, religion, gender, sexual orientation, and income level; major life-events like pregnancy and divorce; medical information like drug prescriptions and mental illness; your real-time smartphone location; details on your family members and friends; where you like to travel, what you search for online, what doctor’s office you visit, which political figures and organizations you support.
 
Your digital portrait, sans name and Social Security number, is then packaged in a bundle with like identities with file names like “Rural and Barely Making It,” “Retiring on Empty: Singles,” “Credit Crunched City Families,” “viewership-gay,” and “seeking medical care.”
 
Despite HIPAA and other healthcare privacy laws, health insurance companies can aggregate millions of Americans’ medical diagnoses, tests, prescriptions, and socioeconomic data, along with personal and family characteristics. Millions of members of the U.S. Armed Services also have their data swept up, which has allowed criminals to use service members’ data to sell them worthless education scams.
 
On top of what data brokers know, they also use algorithms to “infer” sensitive information about people, from income to sexual orientation. All of this is packaged and sold to companies along with extracted information about our lives, from our GPS location histories to our shopping receipts. In a related Wired piece, Sherman added that “reidentification has become horrifyingly easy.” In 2008, researchers at the University of Texas at Austin were able to identify by name half-a-million Netflix users’ political preferences and other potentially sensitive information from their movie ratings.
 
Perhaps most concerning of all is that foreign governments, from Russia to the People’s Republic of China, do not need to hack our computers to know everything about us. Like our own government, foreign governments can simply purchase our data. And in many markets, such as China, private companies (think TikTok) have a legal obligation to turn over our data as well.
 
Sherman sums up the scene by noting that data brokerage is almost wholly unregulated, declaring: “Data brokerage is a threat to civil rights, to U.S. national security, and to democracy.”
 
He recommends that Congress take three steps:
 
  • Strictly control the sale of data collected by data brokers to foreign companies, citizens, and governments;
 
  • Strictly control the sale of data in sensitive categories, like genetic and health information and location data; and
 
  • Stop data brokers from circumventing those controls by “inferring” data.
 
These recommendations contain much complexity and would require a great deal of policy finesse to avoid curtailing or collapsing legitimate businesses. We caution that Congress and states should take time to fully understand all the issues at play in data brokerage to avoid negative unintended consequences. A good first step, however, should be taken now – passage of legislation, the Fourth Amendment Is Not for Sale Act, which would at least limit the ability of the U.S. government to browse through our data, the most personal of our effects.

Comments are closed.

    Categories

    All
    2022 Year In Review
    Analysis
    Call To Action
    Congress
    Congressional Hearings
    Congressional Unmasking
    Court Hearings
    Court Rulings
    Digital Privacy
    Domestic Surveillance
    Facial Recognition
    FISA
    FOIA Requests
    Fourth Amendment Is Not For Sale Act
    Government Surveillance
    Insights
    In The Media
    Lawsuits
    Legislation
    News
    Opinion
    Podcast
    PPSA Amicus Briefs
    Private Data Brokers
    SCOTUS
    SCOTUS Rulings
    Section 702
    Spyware
    Stingrays
    Surveillance Issues
    Surveillance Technology

    RSS Feed

© COPYRIGHT 2023. ALL RIGHTS RESERVED. | PRIVACY STATEMENT