Big data is big business. An estimated 2,000-4,000 data brokers around the world have created an estimated $200 billion industry from the data they collect, largely without consumers’ knowledge.
Acxiom, one of the leading global brokers, says it has collected data from 2.5 billion consumers, which equates to roughly half of the world’s 5 billion active internet users. The data has many legitimate, useful purposes — such as understanding consumers wants and needs and improving companies’ branding efforts.
But the information data brokers collect can be used in disturbing ways, including, for example, tracking the location of military personnel, immigrants and even women who visit Planned Parenthood clinics. It’s clear the Legislature needs to act to protect Californians’ privacy.
That’s why Sen. Josh Becker, D-Menlo Park, has introduced the “Delete Act.” Senate Bill 362 would create a web site where Californians could require that a data broker stop tracking them and delete any information it has collected about them.
Current state law gives consumers the ability to force data brokers to delete information they collect directly from consumers. But the 2018 California Consumer Privacy Act does not forbid data brokers keeping information they have acquired about consumers from other sources.
SB 362 would address that loophole, which currently allows data brokers to gather information from the apps you use, the credit card purchases you make and the items you buy at grocery stores with loyalty programs. They use the information to build detailed profiles determining your age, where you live, where you shop, whether you have children or are pregnant, the medical products you buy, your sexual orientation and your political and religious leanings.
SB 362 would require data brokers to register with the California Privacy Protection Agency and disclose the types of personal information they collect. Through the web site, consumers would be able to demand data brokers delete their personal information.
The idea is similar to the national “Do Not Call” registry, which has been hopelessly unsuccessful in preventing unlawful telemarketers from ringing our phones day and night. Tracking down those elusive scofflaws has proven to be difficult, if not impossible.
But data is traceable, which SB 362 advocates believe would greatly enhance enforcement efforts. Data brokers that ignore delete requests would be fined $200 per day, per consumer.
SB 362 was passed by the Senate Judiciary Committee on Tuesday and will be considered by the Senate Appropriations Committee on May 18.
It’s time for lawmakers to protect consumers from data brokers’ largely unregulated, shadowy industry.