Data Brokers

On October 10, 2023, California Governor Gavin Newsom signed S.B. 362, the Delete Act (the “Act”), into law.  The new law represents a substantive overhaul of California’s existing data broker statute, which requires data brokers to register with the California Attorney General annually.  The passage of the Act follows a renewed interest in data broker activity nationwide, including a request for comments from the Consumer Financial Protection Bureau and the introduction of similar legislation at the federal level.   Below, we outline a number of key provisions:Continue Reading California Amends Data Broker Law

On December 11, 2018, the Vermont Office of the Attorney General published new guidance on the state’s data broker law (Act 171 of 2018), which imposes new data breach notification requirements on “data brokers” and takes effect on January 1, 2019.  The new guidance clarifies the definitions of key statutory terms and the scope of the law’s various requirements.
Continue Reading Vermont Publishes New Guidance on Law Regulating “Data Brokers”

This morning, the FTC announced that it would host a public workshop in September entitled “Big Data: A Tool for Inclusion or Exclusion?” in order to examine the increasing use of big-data analytics and its potential impact on low-income, diverse, and underserved American consumers.  The FTC noted that while predictive-analytic techniques produce tremendous benefits by enabling innovation in medicine, education, and transportation, and in improving product offerings, manufacturing processes, and tailored ads, there is concern that insights from big data also “may be used to categorize consumers in ways that may affect them unfairly, or even unlawfully.” 

The FTC gave examples of such practices that could limit certain populations of consumers’ access to higher quality products or services, including:  (1) rewarding frequent customers with better service or shorter wait times; (2) offering a discounted mortgage rate to a consumer who has a checking, savings, credit card, and retirement account with a competitor; (3) providing offers for “gold level” credit cards to high-income consumers while offering low-income consumers subprime credit cards; (4) circumventing the requirements of the Fair Credit Reporting Act by assessing credit risk through unregulated “aggregate scoring models,” which are based on aggregate credit or demographic profiles of groups of consumers who shop at certain stores, rather than the credit characteristics of individual consumers.  Although these types of uses of big data may be thought to bring about convenience, efficiency, and economic opportunity for some, consumer advocates have urged businesses and regulators to ensure that such techniques be implemented to respect the values of equality and opportunity for all.Continue Reading FTC to Examine Impact of “Big Data” on Low-Income and Underserved Communities

Yesterday, industry and government panelists participated in a conference sponsored by the Congressional Internet Caucus Advisory Committee that included a panel discussion on “Plumbing the Policy Implications of Data Analytics and Defining Big Data,” The Year’s Most Overused Term.” 

According to press reports, Federal Trade Commission Senior Policy Adviser and panelist Paul Ohm acknowledged that big data may have potential benefits to public health and research, but also noted that the benefits of big data “tend to get overblown.”  Mr. Ohm stated that, “when there is an expense to privacy, I think we should have discussions about whether the benefits [of big data] outweigh the costs.” 

Erik Jones, Deputy General Counsel of the Senate Commerce Committee, told participants that the Committee is investigating the collection of big data for use by companies to market to consumers.  He pointed specifically to last year’s inquiry by Commerce Committee Chairman, John D. Rockefeller IV (D-WV) into the activities of nine data brokers.  According to press reports, Mr. Jones stated that the Committee is “not suggesting that there’s something inherently wrong” with the use of big data for marketing purposes, but indicated that the Committee wants to learn more about what information is being collected and how that information is used.

Mr. Ohm also expressed concern generally about whether supposedly anonymous data can be linked to real people in a world of “big data.” Continue Reading FTC and Senate Commerce Committee Staffers Suggest Cautious Approach to “Big Data”

Less than a week after the Bi-Partisan Congressional Caucus’s briefing on data brokers and privacy, the Federal Trade Commission has issued orders requiring nine data brokerage companies to provide the agency with information about how they collect and use data about consumers. The nine data brokers receiving orders from the FTC were:  Acxiom, Corelogic, Datalogix, eBureau, ID Analytics, Intelius, Peekyou, Rapleaf, and Recorded Future. The agency is seeking details about:

  • the nature and sources of the consumer information the data brokers collect;
  • how the data brokers use, maintain, and disseminate the information; and
  • the extent to which the data brokers allow consumers to access and correct their information or to opt out of having their personal information sold.

The nine companies must respond by February 1, and based on the information it receives, the FTC will prepare a study to make recommendations on whether and how the data broker industry could improve its privacy practices.Continue Reading FTC to Study Data Broker Industry’s Collection and Use of Consumer Data

Last week, a group of eight House members sent letters to nine “major data brokerage companies,” seeking detailed information about “the business of data brokerage,” which the Congressmen described as “the collecting, assembling, maintaining and selling to third-parties of consumers’ personal information.”  The letter appears to have been spurred by a June 16