by According to CUNY law professor Sarah Lamdan, the letter also points to databases maintained by British multinational RELX and Canadian conglomerate Thomson Reuters. Data Cartels: Companies that Control and Monopolize Our InformationIt contains files on roughly two-thirds of the U.S. population, tracks their whereabouts, and maps social and familial relationships.
In 2020 alone, data brokers raised nearly $29 million as they raced to undermine legal efforts to rein in their industry, according to lobbying disclosures uncovered by The Markup.
While many big data collectors acknowledged that it fell under the jurisdiction of the FCRA, others escaped regulatory scrutiny based on what the lawyers petitioning Chopra saw as faulty legal analysis. Other firms segment their products and the surveillance data they collect to exempt what the credit reporting industry calls “header information,” information that traditionally includes people’s names, birth dates, and Social Security numbers in addition to their phone and residential histories. This is even when these data are obtained from clearly lawful sources.
“Data brokers package the same personal data points about us in different products for sale, and then argue that certain products fall outside of basic legal protections,” says Laura Rivera, an attorney at Just Futures Law. “It’s dishonest, exploitative, and does real harm to consumers of all kinds, especially low-income communities of color, including immigrants.”
“In advocating for data broker coverage, we ask the CFPB to reinstate the coverage of the Act as Congress originally intended,” adds Chi Chi Wu, an attorney with the National Consumer Law Center. Court decisions over the years, diluting the FCRA.
Wu says historically disadvantaged communities have suffered the most, pointing out that some of America’s poorest communities have been sold to predatory “payday” lenders. In fact, data brokers generate substantial profits from businesses whose sole purpose is to identify consumers facing financial instability. For example, a 2013 U.S. Senate report noted that these acquisitions were often made by companies that “sold high-cost loans and other financially risky products”; these companies were unscrupulous companies that provided bread and butter to the economically vulnerable, including widows.
Companies that play fast and loose with personal data have drawn the ire of consumer protectionists and Capitol Hill privacy hawks for years, resulting in meager gains for consumers. In 2021, multiple utilities that have long been stealing sensitive data from cable, phone and energy customers for their own benefit agreed to stop selling it to Thomas Reuters, which in turn has agreed to end the practice of selling it to government agencies and U.S. Immigration and Customs Enforcement. to the police.
“Selling the personal information people give to sign up for electricity, water, and other necessities of life, leaving them no choice, is a horrific abuse of consumer privacy,” said Oregon Democratic Senator Ron Wyden. the government oversight critic said in a letter to Chopra at the time.
The U.S. Defense Intelligence Agency, the Defense Counterintelligence and Security Agency, and the Customs and Border Protection Agency (CBP) are among the wide range of federal agencies known to purchase private data from Americans, including information that law enforcement officials normally require probable cause to obtain. The U.S. Supreme Court ruled in 2018 that police and intelligence agencies do not have the right to compel businesses to hand over location data obtained from mobile phones and other devices without legal permission.
The ruling didn’t help much in preventing the government from fleeing the courts. The Justice Department, the Department of National Intelligence, the Pentagon, and hundreds if not thousands of state and local police agencies interpreted the decision as placing no restrictions on their ability to simply purchase location data.
