Eight members of Congress have sent a raft of questions to large data companies asking them to spell out their policies and procedures for working with consumer data and protecting their privacy.
“Data brokers have developed hidden dossiers on almost every U.S. consumer. Time we find out more about the industry,” said Rep. Ed Markey, a Massachusetts Democrat who co-chairs the Bipartisan Congressional Privacy Caucus with Rep. Joe Barton, a Texas Republican. Markey made his comment on Twitter.
Members of Congress are not the only ones thinking about consumer privacy and data security. The business and IT managers discussing the potential of new technologies and analytics applications routinely cite concern about these issues. At a cloud computing conference in New York in June, attendees discussing their challenges identified the consumer data security issue as a top challenge to overcome, along with justifying the cost. Venture capitalist Chris Lynch noted at a May talk with IBM systems consultants near Boston that the still-emerging big data field needs to figure out how to let consumers participate in the value they create with data—or risk government regulation.
The letters from the members of Congress, addressed to the CEOs of nine companies, express concern that data about consumers’ profiles, collected for purpose of sending targeted marketing messages, also could “have long-term impacts on [consumers’] access to education, health care, employment, and other economic opportunities.” At the same time, the letters assert, consumers know very little about data brokers.
The letters seek to address this, asking the companies to answer questions including:
- Sources of their data about consumers.
- Characteristics of the data collected, including racial, ethnic and religious information.
- Methods used to collect the data, and whether social media and mobile devices are sources.
- The makeup of products and services created from the data collected, and what data each contains.
- The extent to which consumers can access their personal information held by the companies, and how many actually get that data.
- Whether consumers can correct personal information held by a company, whether they can opt-out of participating in a program, if they can delete their information and whether the companies charge a fee for this kind of service.
- Information about the data storage and security procedures of the data companies and the corporate customers who then use the data.
- Insights into public disclosure policies that companies employ to tell consumers about data collection practices.
- Whether the companies collect information about children or teens.
Acxiom, one of the companies receiving a letter, said in a statement that it “looks forward to being an active participant in this important discussion.” The company has testified before Congress in 2001, 2003, 2005, and 2009, a spokesman said, “in addition to numerous other interactions with policy makers in the U.S. and abroad.”
“We have long worked in the legislative and regulatory arena and with consumer groups to further inform interested parties,” the statement adds. “The Bipartisan Congressional Privacy Caucus has asked us detailed questions about our business. We are delighted to help them understand our company, and the industry we serve better.”
Acxiom said it wants to increase public awareness in general and posted on its website an updated FAQ stating that “data used properly benefits both business and individuals” and explaining its commitment “to create policies that protect individuals and allow for the responsible use of data by companies” and inviting the public to ask questions.
Acxiom’s FAQ cites use cases for its services, including helping companies market more effectively and reducing fraud and identity theft.
“Acxiom’s data consists of publicly available information, information from surveys and data from other providers,” the company says about its data collection practices. “While all of our data collection complies with laws and industry best practices, our marketing data adheres to an even higher standard. We review our marketing data suppliers’ online privacy policies to determine whether individuals are notified that information will be shared for marketing purposes and that people have a choice about such sharing. We do not work with data suppliers whose policies do not meet our strict standards.”
Other recipients of the letters include marketing services companies Epsilon and Harte-Hanks; credit reporting bureaus Experian and Equifax; Intelius, a company that offers background checks and reverse telephone directories; database marketing company Merkle; predictive analytics company FICO; and Meredith Corp., a media and marketing company.
A Meredith spokesman said the company was seeking clarification from Markey’s office about why it received a letter since it does not serve as a data broker.
Brian J. Dames, executive vice president of customer solutions for Harte-Hanks Direct Marketing said in a statement the company “is happy to provide Congress with relevant information about the innovative services we provide and our role in the use of data and information to help our clients connect with and better understand their customers.”
Dames added that, “Contrary to the implication of the letter, Harte-Hanks does not own a database of consumer information that we sell or license to others. Harte-Hanks does provide a variety of data services (such as address correction, change of address updates and analysis) to our clients, and in doing so we commonly act as a steward of information owned or licensed by our clients for marketing purposes. We are committed to operating in compliance with our legal obligations and using best-practices specific to consumer privacy and data protection for the information we support and the geographic locations we serve.”
Craig Watts, public affairs director at FICO, said in a statement: “It appears that the focus of the Congressional inquiry is on data brokers – that is, companies that collect, collate, aggregate and sell information about consumers’ offline, online and mobile activities for marketing and other purposes. FICO is not in that business. We will respond accordingly to the Representatives’ letter.”
The members of Congress in their letter cited a recent New York Times article describing the work of Acxiom as sparking their inquiry. Besides Markey and Barton, other representatives signing the letter include Reps. Henry A. Waxman (D.-Calif.), Steve Chabot (R.-Ohio), G.K. Butterfield (D-N.C.), Austin Scott (R.-Ga.), and Illinois Democrats Bobby Rush and Jan Schakowsky.
Editor’s note: This story has been updated to add a statement from Harte-Hanks, and to note the New York Times article cited by members of Congress.