How data brokers profit off you without your (or the law’s) knowledge

a data broker’s world

“I’ll take the next in line over here.”

As I lumber to the lone open register of the CVS in Rhinebeck, New York, the middle-aged mom-type behind the counter gives me a kind smile. “Find everything you need OK?” she asks. “Yep, thanks,” I say, plopping down my armful of assorted products and pulling out my wallet.

“And do you have your CVS card with you today, sir?”

I fumble through my pocket, pulling out a jumbled tangle of keys and little plastic cards, each with its own unique bar code stamped on the back. Stop & Shop. PetSmart. Ace Hardware. I find the red one that says “ExtraCare CVS/Pharmacy.” It’s bent. I halfheartedly try to revive its original shape, thinking it might not scan.

These are the companies that “know more about you than you know about yourself.”

The nameless CVS clerk swipes my key-laden card across the infrared beam of her computerized register. My “guest number” appears on the screen. The woman begins to ring me up: a copy of Wired magazine, a box of CVS brand “Allergy Relief” medicine, a bottle of Aveeno Active Naturals Stress Relief Moisturizing Lotion, a box of Durex condoms, and four-pack of no-name AA batteries. Each one finds its way into a white plastic CVS bag.

“Your total comes to $20.14,” says the clerk. “And your savings today is $2.30”

 This scene may seem like a simple trip to the store, something each of us does countless times every week. What many of us may not realize, however, is that the use of CVS ExtraCare and other loyalty rewards cards is but one of many ways we toss precious details about ourselves into the grip of an impossibly complex shadow industry that has increasing control over our lives.

I’m talking, of course, about data brokers.

Those concerned with even minor violations of privacy have likely heard the term “data broker,” probably with a scowl on our faces. These are the companies that “know more about you than you know about yourself.” They collect information about the lives of nearly every adult in the U.S., from what we buy to who we love. And they use that data to make themselves, and countless other companies, bloody rich.

At least, that’s a common description that pops up when talking about the data broker industry. The reality is, we don’t really know what exactly defines a data broker.

“There’s no general agreement on the definition of a data broker,” says Tiffany George, an attorney in the Federal Trade Commission’s Division of Privacy and Identity Protection. And because we don’t even know what constitutes a data broker, it is currently impossible for the government to successfully regulate the industry.

… our offline activities and Facebook activities have become inexorably intertwined

Frustrated with the FTC’s answer to this basic question, I reached out to David Jacobs, consumer protection attorney for the Electronic Privacy Information Center (EPIC), to see if he could better pin this creature down.

“Typically, a data broker is a company whose primary business is to collect or maintain personal information, either itself or through contracts with other companies, and then regularly provides access to this information in exchange for some sort of consideration, like money or something else,” says Jacobs.

But that definition does not show the full picture, says Jacobs. For example, the companies or organizations that collect our data in the first place are not generally considered “data brokers.” This means Facebook, Google, Foursquare, or CVS are not actually data brokers – instead, they are rich sources for the data broker industry.

In recent years, however, the barriers between data broker and data source have become increasingly unstable. Facebook, which arguably “knows” more about us than any other consumer-facing company, currently partners with three of the largest data brokers in the U.S.: Datalogix, Acxiom, and Epsilon.

These partnerships mean our offline activities and Facebook activities have become inexorably intertwined. My purchase of Durex condoms may be compared against the number of Durex Facebook ads served to my demographic – 30, white, male, single – to discover their effectiveness, and better ensure that I continue to buy the product.

Defining the data brokers

Within their industry, there are two main types of companies: primary data brokers, and secondary data brokers. Primary data brokers gather your data straight from the sources: courthouses, police departments, consumer rewards card programs, trademark offices, and more.

“These are the ‘third-party partners’ that partner with companies like CVS, like Stop & Shop, to help them analyze their data,” says Sarah Downey, an attorney and privacy advocate for online privacy company Abine. “But they also sell that data.”

Among their customers are secondary data brokers. This includes companies like eVerify and Intelius, which combine even more social-network and Web-analytics data with our offline profiles. Even further down the chain are companies like Spokeo, BeenVerified, and PeekYou, “people search” providers that aggregate data from other primary and secondary data brokers, as well as online profiles and other source material. According to Privacy Rights Clearinghouse, there are more than 200 online data brokers.


It is this barrel-bottom group of data brokers, which allow anyone with as little as $15 to purchase personal information, that make the case for the kind of legislation that is currently not possible due to the industry’s squishy definitions.

Writing for Jezebel, an anonymous woman says her rapist was able to track her down, likely thanks to a Spokeo profile containing “incredibly detailed” information about where she lived, and many more details about her life.

“It listed everything from the types of pets I had to my profession, and included a street-view map showing our building,” she wrote. “I went to see if my profile appeared on any other directory sites (and there are quite a few out there), but none of them had anything nearly as comprehensive as the Spokeo listing.”

The services offered by BeenVerified, which advertises itself as a “background check company,” allegedly enabled a similarly horrifying tale.

“My husband was killed in March 1987. The person who killed him was tried, and convicted in 1992,” wrote an anonymous author from Poughkeepsie, NY, on RipOffReport, in 2011. “The defendant went to jail and was released last July after only serving 18 yrs out of a 25-life sentence. The defendant being savvy and enraged at being incarcerated has been using beenverified.com to try to find ‘me.’

… there’s little the law can do to stop it.

“I called, wrote, called and wrote over 500 times to not just beenverified.com but to dozens of other companies who, when you put my name in their data base my address pops up, this madman that killed my husband doesn’t need anything else to find me since these big companies are handing out my address like it was candy. Why isn’t the government or any other lesser government agency doing [anything] to protect the victims of violent crimes? Who looks out for us?”

While I was unable to verify this story, despite repeated attempts to contact the author, it illustrates an important fact: People-finder services like Spokeo and BeenVerified could very well be used for precisely these kinds of activities. And for now, there’s little the law can do to stop it.


Smishing sounds funny, but it’s a serious threat to your phone’s security

We all know phishing is a huge security problem, but most people still believe it’s a problem limited to email. According to new reports, however, phishing scams are attempting to exploit your trust in text messages.
Product Review

Amazon's new Echo is smaller and cheaper; firmware upgrade improves sound

The all-new Echo is shorter, cuter, and comes with several different color and fabric choices. Our Amazon Echo review reveals that while the acoustics initially weren't great upon release, a firmware upgrade has improved the sound.
Home Theater

Time for a TV upgrade? Here’s what you need to know about 4K Ultra HD TV

Ultra HD 4K has quickly taken over the world of TVs. But what is Ultra HD 4K, how does it work, and most importantly, should you upgrade, or keep your old TV? We explain it all right here.

Want to set up your own virtual private network? Here's how

Take a look at our walkthrough for creating a virtual private network and why it is beneficial for more than just increased privacy and security. We go step by step, detailing how to set up a VPN in both MacOS and in Windows 10.

Bing, Windows search evolve into new, cross-platform Microsoft Search

Microsoft is upgrading its various search tools to provide more contextual help for those seeking it. Bing, Office, and Windows search will all be upgraded over the coming months to provide much more nuanced results.

The vast majority of YouTube users hit the site for how-to videos

Ever searched for a how-to video on YouTube? Of course you have. The streaming site is bursting with useful guides on how to do stuff, and a recent study has revealed that more users than ever are using it as a learning resource.

Data stolen from HealthCare.gov includes partial SSNs and immigration status

Around 75,000 users have had their user data stolen from government site healthcare.gov, including information on their immigration status, whether they were pregnant, and partial social security numbers.

Don't take your provider's word for it: Here's how to test your internet speed

If you're worried that you aren't getting the most from your internet package, speed tests are a great way to find out what your real connection is capable of. Here are the best internet speed tests available today.

Be at your most productive with these Slack tips and tricks

Slack is an common means of communication in the workplace, but how do you use some of the app's lesser-known features to get the most out of your experience? Here's what you need to know to stay organized, efficient, and entertained.

Get rid of your Audible account by following these quick steps

Want to learn how to cancel your Audible membership? It's easier than you might think. Just follow along with these steps and you'll be rid of the audiobook listening service for good. Or until you sign up again.

Make a GIF of your favorite YouTube video with these great tools

Making a GIF from a YouTube video is easier today than it's ever been, but choosing the right tool for the job isn't always so simple. In this guide, we'll teach you how to make a GIF from a YouTube video with our two favorite online tools.

From beautiful to downright weird, check out these great dual monitor wallpapers

Multitasking with two monitors doesn't necessarily mean you need to split your screens with two separate wallpapers. From beautiful to downright weird, here are our top sites for finding the best dual monitor wallpapers for you.

How to change your Gmail password in just a few quick steps

Regularly updating your passwords is a good way to stay secure online, but each site and service has their own way of doing it. Here's a quick guide on how to change your Gmail password in a few short steps.

Need a free alternative to Adobe Illustrator? Here are our favorites

Photoshop and other commercial tools can be expensive, but drawing software doesn't need to be. This list of the best free drawing software is just as powerful as some of the more expensive offerings.
1 of 3