Skip Navigation
Archive

Data Brokers Know a Lot About You, But What Do You Know About Them?

Commercial data brokers are collecting detailed, sometimes inaccurate, information about Americans and selling it to law-enforcement agencies with almost no oversight or regulation. The system needs to be reformed.

  • Meghan Koushik
October 31, 2014

What was your phone number in 1992? Where was your Social Secur­ity Number issued? What was your college mail­box number? You may not know the answers to these ques­tions, but a commer­cial data broker does. And these compan­ies are quietly provid­ing your inform­a­tion to law-enforce­ment agen­cies with little regu­la­tion or over­sight for as little as 35 cents a pop.

Commer­cial data brokers collect and aggreg­ate indi­vidu­als’ inform­a­tion from public records and then resell it. And they seem­ingly know everything. In addi­tion to addresses and phone numbers, their data­bases hold everything from employ­ment history to consumer data to vehicle sight­ings. One company claims to have inform­a­tion on 98 percent of Amer­ic­ans. Their reach is even inter­na­tional. A federal immig­ra­tion agency once contrac­ted with Choice­Point to obtain voter registry and vehicle inform­a­tion from five South Amer­ican coun­tries. Age isn’t a barrier either. Thom­son-Reuters’ CLEAR uses social media plat­forms such as Face­book and Instagram as a ‘tool for invest­ig­at­ing an under-18 popu­la­tion without a credit history.’

Data brokers rarely soli­cit inform­a­tion directly, so most people are unaware they exist. But I was curi­ous to see what they might know about me. I’ve largely lived abroad; I have a unique name, no driver’s license, and no crim­inal record. Natur­ally, I didn’t expect to have a large foot­print.

Wrong. After an exhaust­ive search, I ulti­mately received records from Thom­son-Reuters and Lexis­Nex­is’s Accur­int- two of the industry’s largest play­ers. The reports listed every phone number and address I had ever been asso­ci­ated with, from my college mail­box to the relat­ive’s home where I’d forwar­ded mail while abroad. Accur­int listed the apart­ment I rented while intern­ing in DC, along with the names and phone numbers of its current occu­pants. It even provided the sale price and mort­gage on each home I’d lived in.

Surpris­ingly, much of the inform­a­tion was also inac­cur­ate. Though none of my room­mates own cars, Thom­son-Reuters inex­plic­ably showed eight vehicles registered to our address (includ­ing a Harley-David­son motor­cycle). Accur­int listed someone named Florinda as “Asso­ci­ated with Subject’s SSN” though it assured me this “does­n’t usually indic­ate fraud.”

Obtain­ing my data from just two brokers was diffi­cult. Amend­ing incor­rect inform­a­tion was impossible. Unlike Canada or the UK where data brokers must allow indi­vidu­als to access and amend their data, Amer­ican law lacks such require­ments. Accur­int’s report stated it “may not contain all person­ally iden­ti­fi­able inform­a­tion in our data­bases” and they “do not verify data, nor is it possible to change incor­rect data.” This is partic­u­larly galling consid­er­ing the scale on which this data is being collec­ted and shared and with whom.

In recent years, law enforce­ment agen­cies are increas­ingly using brokers to fill gaps in their inform­a­tion gath­er­ing. The FBI holds at least 175 million entries derived from multiple brokers, while Accur­int counts 4,000 law-enforce­ment agen­cies as clients. And nobody is watch­ing. As private entit­ies, data brokers are not subject to the Privacy Act, which restricts the govern­ment’s collec­tion of personal inform­a­tion to specific purposes, and provides indi­vidu­als access and the chance to correct false inform­a­tion in their files. Because data brokers are not subject to these regu­la­tions, their activ­it­ies are vulner­able to abuse. There have been multiple cases of police misman­aging data­base access in order to spy on ex-girl­friends, among other intru­sions. Data brokers essen­tially allow law enforce­ment to circum­vent warrant require­ments and access anyone’s personal inform­a­tion whether they’re involved in wrong-doing or not.

Police some­times rely on inac­cur­ate data to supple­ment invest­ig­a­tions. Take, for example, the case of Renata and Chris Simmons whose dog was shot by the police when they misid­en­ti­fied their home as the resid­ence a man with a similar last name (Bradly Simpson) when serving a warrant. Or take Denise Green, a 47 year-old black woman, who was held at gun point by police who pulled her over due to a license plate reader error. These mistakes are made when police rely on faulty inform­a­tion in data­bases. 

The system needs to be reformed. Poli­cy­makers have long viewed commer­cial data collect­ors more benignly than govern­ment collect­ors, but the unreg­u­lated shar­ing between brokers and police requires a re-eval­u­ation of this distinc­tion.

The govern­ment is taking note, however. In a recent report, the Federal Trade Commis­sion surveyed the prac­tices of nine data brokers and called for increased trans­par­ency and disclos­ure. Some indus­tries — such as credit report­ing agen­cies and medical providers — are already subject to similar trans­par­ency and disclos­ure require­ments. Consid­er­ing data brokers pose similar risks to Amer­ic­ans, they should at least be held to similar stand­ards.

More import­antly, we should recon­sider the volume of inform­a­tion avail­able in the public records data brokers can access. A 2004 Elec­tronic Privacy Inform­a­tion Center report points out that our current system of public records was built for an era where hard-to-find paper records were common­place. With today’s tech­no­logy, our records can be accu­mu­lated and analyzed instantly.

Public records are meant to check the govern­ment’s author­ity by increas­ing access to govern­ment-held inform­a­tion. Private compan­ies that exploit this data for commer­cial gain damage, not strengthen the liber­ties public records are meant to safe­guard.

Data brokers already know too much about us. It’s time we learned more about them.

(Photo: Think­stock)