Multi-billion dollar industry practices may have long-term impact on access to education, health care, employment

WASHINGTON, D.C. – A bipartisan group of six lawmakers joined Reps. Edward J. Markey (D-Mass.) and Joe Barton (R-Texas), co-Chairmen of the Congressional Bi-Partisan Privacy Caucus, in letters sent today to nine major data brokerage companies querying each about how it collects, assembles and sells consumer information to third parties. Other signatories on the letters include Reps. Henry A. Waxman (D-Calif.), Steve Chabot (R-Ohio), G.K. Butterfield (D-N.C.), Austin Scott (R-Ga.), Bobby Rush (D-Ill.), and Jan Schakowsky (D-Ill.).
Representing a multi-billion dollar industry, data brokers have aggregated information about hundreds of millions of Americans from both online and offline sources, which they then sell to third parties for targeted advertising and other purposes, often with little consumer knowledge. A recent New York Times story, “A Data Giant is Mapping, and Sharing, the Consumer Genome” detailed how data brokers have developed consumer profiles that go beyond basic demographic information to include buying habits, household health concerns, political affiliations and even time spent on vacation. The lawmakers’ letters request information from the data brokers on polices and practices related to privacy, transparency and consumer notification, including as they relate to children and teens.
“By combining data from numerous offline and online sources, data brokers have developed hidden dossiers on almost every U.S. consumer,” write the lawmakers in the letter to the data brokers. “This large scale aggregation of the personal information of hundreds of millions of American citizens raises a number of serious privacy concerns.”
A copy of the letters to the data brokers can be found HERE.
The companies sent letters include Acxiom, Epsilon (Alliance Data Systems), Equifax, Experian, Harte-Hanks, Intelius, Fair Isaac, Merkle, and Meredith Corp.
The lawmakers ask the nine data brokers to provide information that includes:

  • A list of entities that have provided data from or about consumers to the company
  • A list of data items collected from or about consumers, and the methods by which it is collected
  • Products or services offered to third parties that utilize consumer data.
  • The information consumers are given access to, if it is requested, and any policies around sharing or deletion of that data
  • Encryption or other safety protocols used to protect data.