Why it matters
Could the data broker industry become subject to regulation for the first time? If a new bill passes Congress, the answer could be yes. Originally introduced by former Sen. Jay Rockefeller (D-W.Va.), the Data Broker Accountability and Transparency Act returned to Congress backed by Sens. Edward Markey (D-Mass.), Richard Blumenthal (D-Conn.), Sheldon Whitehouse (D-R.I.), and Al Franken (D-Minn.), with the Senators framing the issue under the current hot topic of privacy. “Data brokers seem to believe that there is no such thing as privacy,” Sen. Markey said in a statement, calling for a need to “shed light on this ‘shadow’ industry,” a sentiment echoed by co-sponsor Sen. Franken. “I believe Americans have a fundamental right to privacy, including the right to determine whether information about their personal lives should be available for sale to the highest bidder,” Sen. Franken said in a statement. The measure faces an uncertain future in Congress, however, given pushback from the industry, division along party lines, and being overshadowed by other privacy-related issues like data breach notification and cyber threat information sharing.
The Data Broker Accountability and Transparency Act has returned to Congress. The bill would establish federal oversight for the collection, retention, and use of consumer information in the data broker industry.
Regulation of data brokers was a pet issue for former Sen. Jay Rockefeller (D-W.Va.), who launched a Senate investigation of the industry. Based on his findings that data brokers “operate behind a veil of secrecy” and “collect a huge volume of detailed information on hundreds of millions of consumers,” he introduced a version of the legislation last year before he retired. The proposal never made it to the floor for a vote.
Reintroduced by Sens. Edward Markey (D-Mass.), Richard Blumenthal (D-Conn.), Sheldon Whitehouse (D-R.I.), and Al Franken (D-Minn.), the DATA Act defines a “data broker” broadly to encompass “a commercial entity that collects, assembles, or maintains personal information concerning an individual who is not a customer or an employee of that entity in order to sell the information or provide third party access to the information.”
The law would allow consumers to stop the use and sale of their information by data brokers and create a mechanism to correct information. The Federal Trade Commission (FTC)—which conducted its own study of the industry last year calling for greater transparency and an increase in consumer control—would be tasked with crafting regulations to establish a centralized website for consumers with a list of covered data brokers and information about their rights. Enforcement authority would also be granted to the FTC, with civil penalties of up to $16,000 per violation for noncompliance.
Consumer groups like the Center for Digital Democracy and Consumer Watchdog praised the proposal, while FTC Commissioner Julie Brill expressed her “strong support.” Data brokers are “collecting a lot of deeply sensitive and personal information from consumers and using it to profile them,” Brill told the Pittsburgh Post-Gazette, explaining that regulation of the industry would enhance consumer trust.
The Direct Marketing Association spoke out against the measure, calling it unnecessary in part because of self-regulation by the industry, which makes efforts to improve transparency to consumers. “That kind of transparency is happening every day, in terms of self-regulation in the marketplace,” Rachel Thomas, vice president of government affairs for the group, said to PCWorld. “There’s not a business in America that’s not dependent on the responsible flows of data about consumers.”
To read the Data Broker Accountability and Transparency Act, click here.