What are data brokers and how are they abusing your data?

Data is worth a lot of money, most people know that now. However few really understand how money is made from data, the data market. That is because the majority of market participants operate behind the scenes.

In previous research, we calculated how much Big Tech is earning from user data. In this article, we’ll explore the players operating in the shadows, the ones actually collecting and selling your data.

You have probably never heard of Acxiom, CoreLogic, and Epsilon. There is a reason for that. They like to keep quiet. These are some of the largest companies that earn revenue by collecting, aggregating, and selling user data. According to Norton, there are some 4000+ data brokers which collectively earn around $200bn a year from selling user data.

What data do they collect?

By collecting user data from many different sources, data brokers are able to paint a very precise picture of people’s lives. They might know your income, age, gender, and home address. But some aim to dig even deeper, collecting specific data, like location, shopping behavior, or psychological traits. When combining all this information with your online behavior, brokers get an understanding of how your relationship is going, the condition of your health, looking for another job, and or if you’re about to move to another city.

As an example, if you are not satisfied with your current relationship, a data broker will want to know. They might find this by looking at your browsing behavior and the tone of your social media posts. This data is sold to companies that want to target you with products they believe you need. By knowing your interests and state of mind, the targeting can be done in a very effective way. Sometimes that is great. But without consent and an understanding of why you see an ad, it can lead to misdirection.

How is the information collected?

The data is collected through many different sources. Third-party cookies, public wifi networks, and website scraping are most commonly used to gather information. If you accept all cookies and have your Facebook profile on “public”, chances are brokers have quite a rich profile of you.

How do they sell it?

One way is through the website Datarade.ai, a data broker aggregation platform, we can see the brokers promoting their customer datasets. “Gravy Analytics,” tells the potential data buyers that they know the customer’s travel destination, and shopping and eating habits. Additionally, they claim to receive 1.5bn new data points each day. Companies can already access this dataset, starting at $1.

A company could for example buy this data to run a background check on a new hire. However, the information data brokers sell is very often incorrect data. Also, the lack of transparency in this market causes an information asymmetry problem. Companies will know information about you without your knowledge. This causes an unbalanced relationship and leads to a form of exploitation.

The party is ending

Although these practices have been going on for years now, regulators starting to act. Both GDPR, CCPA, and equivalent regulations have taken action. Regulators have asked for more transparency and enforcement of consent validation, international data sharing, and easier and more transparent ways to opt out.

Our take

We’re not against the fact that companies use customer data to offer them a better experience and service. We enjoy viewing relevant content. However, we don’t believe the way third-party brokers operate is the right one. Data transactions should be transparent and user-centric. We feel strongly that users should know what data is being collected and should get the choice of who they share it with.

More on the topic

https://www.wired.com/story/opinion-data-brokers-are-a-threat-to-democracy/

https://www.politico.eu/article/google-and-data-brokers-accused-of-illegally-collecting-data-report/

https://thenextweb.com/news/how-much-your-stolen-personal-data-is-worth-on-the-dark-web-syndication