In June of 2012, the Federal Trade Commission assessed an $800,000 penalty against Spokeo, a data collector. The FTC said that Spokeo "violated the Fair Credit Reporting Act by marketing its consumer profiles without making sure that they would be used for legal purposes, failing to ensure their accuracy and neglecting to tell consumers of its own responsibilities under federal law."
Spokeo agreed to settle the suit without admitting guilt and, in a statement on its company blog, outlined changes that it was making to improve the transparency and clarity for its consumers.
This is the first case in which the FTC got involved in the collection of consumer information and its sale to interested parties – but it may well not be the last. And it should cause us to focus on the amount of information available about each of us through the Internet and other sources and the ways it may be used. (Get some background information in What You Should Know About Your Privacy Online.)
What’s Out There About You
For years, human resources departments have been doing Facebook and Twitter searches on potential hires as part of the vetting process. Even so, it took a while to dissuade college students to leave those pictures from spring break off of Facebook (and some still don’t get it).
But at least with Facebook and Twitter, what gets people into trouble is their own ill-advised postings. What many users don’t understand is that there is a lot of information about us available in digital format – public records, debit/credit card purchase, auto loans, vehicle records, court records, newspaper stories, Internet postings and much more – that are all available to people who want to buy, search or outright steal it.
What’s worse is that when a great deal of information is available and automatic attempts at consolidation are made, there’s plenty of room for error. That means some of the data about you may have been entered incorrectly to begin with or the consolidation may have been erroneous.
Here’s an example: A good friend of mine grew up in a New York City apartment, in which another family with the same last name also lived. Such an occurrence is exactly unusual, but what was unusual was that both sets of parents had the same first names and there were children in both families with the same first names. Years later, my friend was turned down for a mortgage for poor credit. When he inquired further, he found he was being confused with the fellow with the same name as his who had grown up in the same apartment house.
When Spokeo first appeared, I searched on myself and some friends to check the accuracy of the listings. At that time, you could get a lot more information for free. I found that there were five records for me rather than one, and some of them had gross errors; one had me 20 years older than I am; another had me married to my daughter; another had my wife as just a resident of the house. Plus, there were conflicting values for my house and property. My friends’ listings had similar errors. If this is reflective of the data that’s collected about us, what it means is that not only could our data be sold to other parties, but that data may not even be accurate, and could even reflect us in a poor light.
Limits on the Collection of Personal Information
Under the U.S. Constitution and various federal and state statutes, there are limits on how much information law enforcement and other government agencies can gather on individuals without warrants and probable cause. While these regulations have been loosened in the post-9/11 age, they still exist and are enforceable in court.
As Robert O’Harrow, a journalist at the Washington Post, points out in his 2006 book entitled "No Place To Hide," non-government companies do not face this restriction and many companies have sprung up to gather incredibly large volumes of data on individuals and businesses and then sell that information to the government and/or private companies.
In recent years, several major companies, including Acxiom and ChoicePoint, have come under fire. Despite this, they still exist largely off our radar.
Bye Bye Privacy
What are we then to do about all this relative lack of privacy? According to physicist and science fiction author David Brin in his 1999 book, "The Transparent Society: Will Technology Force Us To Choose Between Privacy And Freedom?," we just get used to it. But he also says we should demand to know who has our information and what they are doing with it. In other words, as people watch us, we watch them.
Whether you buy into his approach or not, it is important that you know what information is being collected about you and control its collection whenever you can. So far, the regulations that should be in place to protect us from abuse of this data are lagging behind. In this day and age, data – and increasingly personal data – is a major commodity. That means we all need to do what we can to protect it – and ourselves – from whoever might be listening.