MassPrivateIA Senate committee report goes to great lengths to determine all of the things that data brokers, the companies that trade in consumer data, don’t want to talk about. The 35-page report describes some of the companies’ strategies for collecting and organizing data, but significant portions of the report discuss what the companies are unwilling to talk about: namely, where they get a lot of their data and where that data is going.
Companies covered in the report include well-known firms, like Datalogix and Acxiom, as well as credit reporting companies that also trade in consumer data, like Experian and TransUnion. In the report, the committee sets out to answer four questions: what data is collected, how specific it is, how it’s collected, and how it’s used. While the first two questions turned out to be reasonably easy to answer, the companies all but stonewalled the committee on substantial answers to the latter two.
The report harkens back repeatedly to the good old days of data collection, when many of the same companies queried used demographic information like zip codes to help marketers figure out where to send catalogs or area codes to figure out which towns to telemarket to. These days, our many interactions with the Internet—particularly financial ones—have resulted in an onslaught of data for these data brokers to not only collect, but to resell to interested parties.
Datalogix claimed to the committee that it has data on “almost every US household,” while Acxiom’s databases cover 700 million people worldwide. Types of data collected include consumer purchase and transaction information, available methods of payment, types of cars consumers buy, health conditions, and social media usage. Equifax specified that it knew such specific details as whether people have bought a particular kind of shampoo or soft drink in the last six months, how many whiskey drinks a person has had in the last month, or how many miles they’ve traveled in the last four weeks.
What the companies would not specify in full were their sources for consumer data. Three companies, Acxiom, Experian, and Epsilon, would not reveal the sources of their data, citing confidentiality clauses as the reason.
The other data brokers said that their data comes from free government and public databases, along with purchase or license data from “retailers,” “financial institutions,” and “other data brokers,” which were otherwise described as “third-party partners.”
The report mentions that companies acquire social media data specifically for inclusion in their databases. However, this information is difficult to connect to a profile without access to much of the metadata logged by the sites providing those services. Those sites even discourage trying to source that information outside their official avenues; as the report states, Facebook once asked data broker Rapleaf to dispose of data it had obtained by crawling the website. On the other hand, it’s well-known that companies like Facebook and Google re-sell “anonymized” data fed to their services by customers to third parties like these data brokers.
Acxiom also gets data from websites that collect data in exchange for coupons, discounts, or health insurance quotes. Beyond that, Acxiom only stated cryptically that “there are over 250,000 websites who state in their privacy policy that they share data with other companies for marketing and/or risk mitigation purposes.”
What the companies did reveal was how they package this information internally. Subjects are often scored by data brokers in order to be sold in segments to certain companies on parameters like their ability to be socially influenced or whether they are “frequent ‘text posters.’”
http://arstechnica.com/business/2013/12/data-brokers-wont-even-tell-the-government-how-it-uses-sells-your-data/
http://www.motherjones.com/politics/2013/10/data-mining-companies-sell-your-info
http://massprivatei.blogspot.com/2013/12/data-brokers-private-companies-are.html