Privacy Alerts - Data Brokering Legal Issues
Home
Internet & Software Privacy
Computer Hardware Privacy
Telephone Privacy
Data Broker Opt-Out
Card-Based Concerns
Background Checks & Criminal Records
Financial Privacy
Identity Theft
Latest Privacy News
Display Our Seal
 

Legal issues related to direct marketing and data brokering

Why are Direct Marketing and Data Brokering legal? When is it illegal?

Fundamentally, direct marketing and data brokering are legal and most of their practices look to stay legal for the foreseeable future. Basically, there is so much money being made (we're talking about multi-billion dollar industries), that governmental changes have largely failed (read below to find out more). This type of information used to be very fragmented across the nation. However, with the growth of technology, databases have evolved to include more and more information. Once courthouse and other public records are digitized, they can be duplicated and sold.

Is the government concerned with data brokering?

Over the past three years approximately twenty bills have been proposed in Congress with roughly the same goals in mind. See www.GovTrack.us for more information (or don't... and you'll understand why when you keep reading). The main gists of these bills have been:

  • A company failing to reveal the breach of a database would be criminalized
  • Citizens would gain the right to view and amend any of their personal information possessed by data brokers
  • Data brokers would be forced to initiate their own internal security as well as notify citizens when a breach affecting them has occurred
  • The selling of Social Security Numbers or their required use as identification tags for customers would be forbidden
  • The government itself would be required to regulate and police its use of information obtained via data brokers

These all sound like great ideas. Unfortunately, as of September 2007 all but the two youngest of these bills have perished like neglected goldfish. Each bill has been proposed, and then routinely no vote has taken place. After a session of Congress all bills not voted on are binned. Politicians seem to grasp that improvements in this sensitive area are needed and wanted by the American people, yet the inaction of both Parties continues to put all of us at risk.

Not even disasters in our own backyard have spurred any change. Case in point: the loss of data on over 26 million U.S. Veterans that occurred last summer. Each veteran received a letter from the Veterans Administration. Other than that not much else has been done.

Is the government concerned with direct marketing?

Government concern for direct marketing has mostly focused on telemarketers. Telemarketers have gotten a lot of attention for disturbing people in their homes and aggressive tactics. The Federal Trade Commission created the Do Not Call Registry in response. The registry prohibits telemarketers from calling you. You'll have a chance to sign up for the registry a bit later.

You can place your cell phone and/or landline number on the list in one of two ways:  visit https://www.donotcall.gov/default.aspx and be sure to acknowledge the confirmation email, or call (888) 382-1222 and follow their directions.  All persons with a U.S. phone account are allowed to have their phone numbers placed on the Do Not Call Registry.  Please allow 31 days from registration confirmation before telemarketers to cease calling.  Registry enrollment is valid for 5 years.

What do the laws actually state?

The two relevant laws are the Fair Credit Reporting Act (FCRA) and the Gramm-Leach-Bliley Act (GLBA). The FCRA states that if companies are going to sell information to third party affiliates—such as direct marketing or data broker companies—they must provide the customer with an opt out notice. Neither the language of the opt out notice nor the actual opt out method are specified. The opt out means that customers can say "NO" to allowing their information to be shared with other companies.

The opt out does not apply to: information shared with those companies providing priority services to the company (like billing or shipping), marketing of products or services for the company (that is, the companies marketing itself), and when the information is deemed legally required (information will be given if a law agency has a subpoena).

The GLBA requires that a privacy policy is issued to customers at the time of sign up, made available to customers, and customers are informed any time there is a significant change to the policy. The opt out option created by the FCRA act must be in the privacy policy.

Related articles

Rate this article

Your vote:

Leave a comment

Your Name (required)

Questions about this topic? Ask them on our Contact Us page.

Bookmark this page
Home | Contact Us | Privacy Policy | Terms | About Us | Sitemap | Attention Webmasters
© PrivacyAlerts.org - All Right Reserved.