Unravelling the Harms Caused by Data Brokers
Alex Krasodomski-Jones, Fellow at think-tank Demos, explains how data brokers are profiting from our personal information, and what we can do to shine a light on their practices.
‘Data’ is everywhere. A day doesn’t go by without a news story of how it is changing our lives: new businesses, new ways of working, new products, new crime. But despite the data revolution, it’s easy to feel detached. The impact of the change isn’t always obvious. To many of us, it can feel like our data is everywhere, and yet nowhere to be seen.
At least, not by us. For those in the business, our data is an everyday commodity. The clues are out there: a well-targeted advert that makes you look at your phone and wonder if it’s listening to you, a map app accurately forecasting a traffic jam, or a new tick box on a website you used to visit. We’ve heard of the platforms we use every day, and we know data is a critical part of their success. But do we know who else is profiting from our digital lives? Do we know at what scale, to what ends? Do we understand what the impacts of this are now, and will be in the future, for us and others?
Data in the dark
I suspect – just like me – your answer to these questions is a straightforward “no”, and therein lies the problem. For there is, in fact, a whole data economy – more disparate perhaps but, in my opinion, no less dangerous than that of the tech giants – of underregulated, and in my eyes, under-scrutinised, ‘data brokers’. These data brokers, are, in some cases, arguably acting outright illegally, and are profiting from the sale of your personal information.
Data brokerage, as Duke University Cyber Policy Fellow Justin Sherman describes it, is “the practice of buying, aggregating, selling, licensing, and otherwise sharing individuals’ data”. It is a huge, harmful, opaque and unjust part of the data economy. We have some sense of its scale, with a reported global market revenue of $232.634 billion in 2019 expected to reach $345.153 billion by 2026. We know they can cause harm, though often their role in contributing to harms has not been the focus of attention.
Recently it was reported that a number of companies were alleged to be deliberately targeting the elderly with “predatory” and “coercive” marketing calls, based on the kinds of contact lists these data brokers sell. With indirect impacts like this, the harms of data brokerage could be far greater, not least from sensitive personal information moving between hands. As Sherman highlighted in Wired last year, “entire databases of citizen information are ready for purchase, whether to predatory loan companies, law enforcement agencies, or even malicious foreign actors”.
We have some sense of their practices, of gathering data from individuals or from the companies and sites they own, of buying, repackaging, licensing, and selling data profiles of people (often of dubious accuracy). At the same time there is so much more we don’t understand; an opacity they have most likely cultivated deliberately. Indeed, this information asymmetry, where the brokers possess personal information on us, but we have little insight into the very same, is core to their continued success – until now.
Shining a light on data brokers
One thing anyone who becomes aware of this will sense with certainty is that this situation is unjust, and I suspect that is because it feels familiar. In recent years, people the world over have come to view the Big Tech companies with a greater scepticism, seeing with acuity the injuries they’re inflicting on societies, the financial and technological capital they’ve amassed, and the power they undemocratically wield. Data brokers occupy a different position to these companies in our digital economy, but I believe they too should be the subject of greater attention.
Demos, in partnership with the independent data action service, Rightly and privacy law specialists Schillings, are working together to kickstart this process, as part of Schillings’ Big Tech campaign, ‘Accept All: Unacceptable?’. We’re shining a light on just how much the data broker business is profiting from the data we share with online organisations through our day-to-day actions. We’re working closely with five volunteers from across the UK to look at their data footprints using ‘subject access requests’, a legal tool that allows anyone to request a copy of the personal data an organisation has on them.
Through this we will map how their data is bought and sold, to what extent and to what end. We will also share their stories of what this means to them: the impact of knowing just how exactly distant actors are profiting without their knowledge from their digital lives. Together, as a team, we will bring to light the shadow profiteering of data brokerage, and what must be done to tackle this next tech challenge.
The opinions, comments and views expressed in this article are those of the author alone.