The Federal Trade Commission Tuesday demanded nine data brokerage companies turn over details on how they collect and use consumer information as part of an inquiry into the industry’s business practices.
The companies include Acxiom of Little Rock, Ark.; Corelogic of Irvine, Calif.; Datalogix of Westminster, Colo.; eBureau of St. Cloud, Minn.; ID Analytics of San Diego; Intelius of Bellevue, Wash.; Peekyou of New York; Rapleaf of Chicago; and Recorded Future of Cambridge, Mass.
In an announcement, the agency said the focus is on how these companies harvest and distribute data, typically gleaned from public sources and third-party purchases. It also wants to know what provisions are in place to let someone access and correct information or opt out from having their personal information sold.
“Data brokers are companies that collect personal information about consumers from a variety of public and non-public sources and resell the information to other companies,” according to the statement. “In many ways, these data flows benefit consumers and the economy; for example, having this information about consumers enables companies to prevent fraud. Data brokers also provide data to enable their customers to better market their products and services.”
Tuesday’s announcement follows a report earlier this year outlining best practices for the industry that emphasized more consumer understanding and involvement in how their information is used since they rarely are asked for it directly.
“As a result, consumers are often unaware of the existence of data brokers as well as the purposes for which they collect and use consumers’ data,” the FTC said. “This lack of transparency also means that even when data brokers offer consumers the ability to access their data, or provide other tools, many consumers do not know how to exercise this right. There are no current laws requiring data brokers to maintain the privacy of consumer data unless they use that data for credit, employment, insurance, housing, or other similar purposes.”
Some speculated the nine companies targeted are all major players in the direct marketing and advertising industries.
“They are the companies pulling the strings and directing to whom ads are targeted. On the one hand this provides a tremendous benefit for e-commerce, because data analytics on customers’ online behavior provides consumers with relevant products and services meeting their needs,” privacy lawyer Ieuan Jolly told The Los Angeles Times. “On the other hand, few consumers know the identity of these invisible puppet masters that are collecting masses of data about them.”
This is not the first time data brokers have come under fire from the FTC. In June, the agency reached a $800,000 settlement with Pasadena, Calif.-based Spokeo after charging the company illegally sold personal information used in job screenings.
The Direct Marketing Association responded to the FTC inquiry in a prepared statement.
“DMA welcomes the FTC’s closer look into the business and privacy practices of what they characterize as ‘data brokers,'” said Jerry Cerasale, DMA’s senior vice president of government affairs. “Data-driven marketing fosters competition online by ensuring that large and small actors have the ability to reach consumers across the Internet. This, in turn, gives consumers greater opportunities to find the goods and services they desire at prices they can afford. The FTC’s inquiry will certainly bring to light these and other important benefits that responsible data-driven marketing provides to consumers — and to the American economy as a whole.”
This FTC probe follows investigation requests from both the House of Representatives’ Edward J. Markey (D-Mass.) and Joe L. Barton (R-Texas) in June and U.S. Sen. John Rockefeller (D-W.Va.) in October. All raised concerns about the amount of private data, including medical and financial, being stealthily gathered and sold.
The nine companies have until February 2013 to comply.