Tag Archives: Acxiom

US Data Sellers, under investigation

New York Times informs today that eight members of Congress have opened a sweeping investigation into data brokers — companies that collect, collate, analyze and sell billions of details annually about consumers’ offline, online and mobile activities for marketing and other purposes.

Several congressmen sent letters to big data brokers.

In the letters, the legislators requested extensive information about how the companies amass, refine, sell and share consumer data.

Data brokers often collect details about people’s financial, retail and recreational activities to help clients like airlines, automakers, banks, credit card issuers and retailers retain their best customers and woo new ones.

The letter’s recipients included marketing services firms like Acxiom and Epsilon; consumer reporting agencies like Experian and Equifax, which have separate credit reporting and consumer analytics divisions; Fair Isaac, now known as FICO, the credit scoring services company; and Intelius, a company that offers reverse phone look-up and background check services. The letter gave the companies three weeks to respond.

The letter asked each company to provide a list of all of its sources of data; a list of the specific kinds of consumer information, including ethnic, race or religious data, it collects; descriptions of the data collection methods used, like tracking of social network or mobile phone activity; explanations about each product and service the company has marketed to third parties since January 2009, and the type of data used in such products and services; details about whether any of the products or services are federally regulated; explanations about the security measures used to protect consumer data; as well as descriptions of the opt-out, data access, correction and deletion options the company offers consumers.

Read the whole story here: http://www.nytimes.com/2012/07/25/technology/congress-opens-inquiry-into-data-brokers.html?_r=1

The multibillion industry of selling our personal information

Articles concerning the buying and selling of personal data come to my attention almost on a daily basis lately. For me this is a good thing as one of the hypothesis of my thesis is now the patrimonial value of personal data and its legal consequences – such as recognizing certain proprietary rights in personal data. However, for privacy and for the a bureaucratic-free society this is a completely bad thing.

I decided to create a new category in this blog which will collect all the information I gather from the media regarding the commercialization of aggregated personal information.

Today I read an article in The New York Times about Acxiom. I’ve never heard of that company before. Apparently, it is one of the biggest “data brokers” in the world. “Its servers process more than 50 trillion data “transactions” a year. Company executives have said its database contains information about 500 million active consumers worldwide, with about 1,500 data points per person. That includes a majority of adults in the United States.”

What is also interesting is that “For Acxiom, based in Little Rock, the setup is lucrative. It posted profit of $77.26 million in its latest fiscal year, on sales of $1.13 billion”. Hence, in one instance of the trade world, aggregated personal information values 1.13 billion dollar a year. So, is it just to talk about personal information as valuable goods? I believe it is, as it would be a non-sense declaring personal information values nothing, when one company in this world sells personal information for 1.3 billion dollar a year. However, the personal information sold is not merely personal information, but aggregated personal information. The legal regime of such transactions should, therefore, take into account also this reality.

What is even more interesting is the following statement from the same article: “Such large-scale data mining and analytics — based on information available in public records, consumer surveys and the like — are perfectly legal”. This affirmation involves two possible conclusions. First, if indeed they are legal, then the law has to be changed. Second, if they are not legal, then the existing law should be interpreted as such and applied against such companies. As far as I know, there is a right to privacy protected under American constitutional and tort law, even if it is not still very well developed in the sense of also covering information already made available to the public in certain circumstances or for certain purposes. But in a flexible common law system, this should not be a barrier of applying the right o privacy in such a manner.

Instead, the EU regulates more in depth the issue of processing even data previously made available to the public. So at least this is what I thought. I found out that Acxiom has several branches in EU, for instance in Germany, UK and Poland, just to name three. As far as I knew, EU data protection law forbids personal data processing without the consent of data subjects, unless the processing is provided by law or the processor, lato sensu, has a legitimate interest of processing it. I highly doubt that producing private profit for a big data company is a legitimate interest in the meaning of the 95/46 Directive. Hence, my assumption is that at least the European branches of this company have the consent of every single person whose data they sell for a particular transaction in a particular purpose. Because if they don’t have the data subjects’ consent and they are still legally functioning on the territory of the EU, than even the specialized European law of data protection is not good enough to prevent the invasion of privacy in this scenario.