Slashdot Mirror
The Ethics Of Data Brokers
c0d3h4x0r writes "MSNBC's Bob Sullivan asks, Whatever happened to the ChoicePoint bill? and raises some good points: 'Few experts believe that there was a sudden lack of computer security this year. Rather, there was a sudden bout of truth, thanks to California state law. [...] But in other ways, all the legislation misses the point. The ChoicePoint data leak story was not really about identity theft. It was about this: "Who the hell is ChoicePoint, and why is it making money selling my personal information?"' This makes me wonder what the Slashdot crowd thinks: should anyone be able to sell information about you at all? The general public seems to think not, while our elected officials seem to think it's just fine. How does the information gathered and sold by data brokers differ from the information collected and sold by a private investigator, or is there even a real difference?"
it's all a collection of facts, generated by you being alive and doing stuff. so you should automatically own copyright.
so therefore anyone who knows anything about you should be guilty of infringement..and if they sell it, they should be guilty of distribution.
"Evil will always triumph because good is dumb." -- Dark Helmet
These bastards almost shut down the sale of my home due to incorrect info in their database and then they want me to pay to correct it. If I had my way they should require me to approve who they want to sell my info to before a sale goes through and then I deserve a cut of every sale.
"TV, a medium as it is neither rare nor well done." Ernie Kovacs
They own DBT Online which royally screwed up in Florida during the 2000 election.
w =1
http://www.gregpalast.com/detail.cfm?artid=122&ro
2 years and no mod points. Join reddit. Because openness is good.
http://www.adcritic.com/interactive/view.php?id=59 27
Yes. If ever there was something that the government should be doing instead of Wal-Mart, it's handling background checks.
should anyone be able to sell information about you at all?
Answer: it depends.
If someone is going to sell information about you, they should ask your permission first. If you grant them that permission, then they should be allowed to do it. If you do not, then they should not be allowed to do it.
I don't see how this is hard to understand.
The industry of collecting personal information was truly created when this started to happen. The laws regulating the business were established in response, but they only served to legalize their action rather than to stop their abuse. I fear that if people start to complain more, the response will be the same -- that they legalize it and the abuse will persist in a more 'controlled and regulated way.' Controlled and regulated abuse is still abuse.
Not only should we ban such data collection, we should ban the 'credit' industry as it exists today. It openly abuses the Social Security system in a way that is definitely unlawful and has become so entrenched in daily business practices that now virtually every business tracking individuals relies on our personal serial numbers.
I'm completely against the abuse of the social security number and I am mildly amused at the possibility that "social security" could go away in the future... what number could they use to track people if they do away with the system? Fascinating isn't it? I hope more attention is paid to this issue [SSN abuse and personal information selling] and that people will take a lesson from what has happened already and work to see that the practice is outlawed, not 'regulated.'
It's OK to sell anything these days.
Personally, I'm a whole lot more offended that people like Rumsfeld & the Bush family get rich on oil wars and manufacturing hype about avian flus.
Put into perspective, why is selling information any more wrong than killing thousands of innocent people for a few bucks?
Go ahead and mod me down, but at least think about it first.
$
Every time this subject comes up, I want to try a ballot measure here in California. The idea is to force accountability about where they got my data from. I should be able to go in and audit not only the information they have on me, but also where they got it from. Similarly, anyone who sends me direct mail must include a traceback of where they got my information. This likely would be something like "ChoicePoint - CitiBank" or "Choicepoint - {Citibank, AT&T}", although realistically it would be "ChoicePoint - {every compnay I do business with}".
The idea is that every piece of junk mail that gets sent to me should clearly list which companies that I do business with are turning around and selling my information. I suspect this would provide some back pressure on companies, not just through shame but also because the added expense of tracking all this information. This will hopefully change the economics of junk mail such that they're forced to either abandon the practice or more accurately focus their efforts. Either way, I'd get less junk mail.
The alternate thought is to embrace junk mail and do everything I can to receive as much of it as possible, then burn it as a way to heat my home.
How does the information gathered and sold by data brokers differ from the information collected and sold by a private investigator
Well, first off, data collected by a PI is more correct, given that someone actually spent the time to research it (I realize this is sort of idealistic, since a lot of PI's just search on the net, but let's be idealistic for a bit. I'll be a bitter sarcastic prick in the latter half of my post)
Choicepoint, and Lexsis (and to a certain extent, the credit bureaus), etc are just data aggregator which basically means they run a couple searches on the net, throw it all in one place and throw marketing pixie dust all over it. They don't care if the information they sell is wrong because they have essentially been granted the ability to slander someone and not face any liability because of it.
As a result, accuracy is dismally bad, especially given the fact that these companies are pushed by their customers to provide "negative data" i.e. an excuse as to why you shouldn't hire Bob Jones, or lend money to Jill Smith (or perhaps what interest rate to give on a home loan) or, while we are at it, to deny someone the ability to fly. Most of the time even basic checking (like "was the person in this record alive when something happened")
Ultimately, it doesn't matter if their data is correct - a company investigating a potential employee is not going to investigate to see whether a black mark in a Lexis report is actually true, nor is the Federal government going to verify before throwing someone on the no or "latex glove" fly list.
I don't think we even have to go into the fact that it is virtually impossible to correct data in their databases either.
As for ethics, these shitbags who engage in slander on a grand scale have none. They will continue to send out incorrect information even after being notified and will throw up layers of bureaucracy in order to prevent you from changing the data.
Nor do the credit bureaus, car dealerships, et al, who will knowingly use bad data and will inflate the cost of a loan on a home or a car). Of course, they bribe politicians - especially politicians whose constituents are ignorant morons - so nothing will change and we will continue getting screwed until something changes.
As for the worries of identity theft - you should be far more worried about companies who you knowingly give your data to - i.e. any tax preparation company.
I've mentioned this before, but as a $9/hour tech support monkey working for TaxCut a couple of years ago, I had access to every single return filed by EVERY SINGLE PERSON WHO HAD FILED A TAX RETURN WITH H&R BLOCK SINCE 1998. I was able to see your income, your address, phone, names of your kids, the amount you paid on your mortgage, the names and addresses of your employers, etc, etc, etc.
A single person, assuming they were properly motivated, could of have created the largest breach of customer data in history - or made millions if they played it right and used some data in a credit card fraud scheme .
Tech support is one of the easiest fields to get a job in and normally requires no background check or even a drug screen. In fact, the reason that we haven't heard of many such breaches is because most of the people who work in there are stoned or drunk.
If anyone is interested, I believe that Stream in Beaverton, Oregon will be hiring for the TaxCut "team" for the 2005 tax year in the next couple of weeks. This would be an excellent opportunity for any organized crime groups to make some money, or for some anarchist group to cause some chaos if, say, 50 million tax returns were thrown onto a binaries newsgroup or onto bittorrent trackers in a foreign country. I'm afraid that only such a breach - and the resulting fraud - would convince the morons who live in this country that something needs to change.
1q2w3e4r5t6y7u8i9o0pqawsedrftgthyjukilo;p'azsxdcf
This is the part under debate. I, and many others, do not feel that the sale of consumer information should be a business model at all. If some business wants to track information for business purposes let them do it internally and hold them accountable for every bit of information they collect.
They should treat consumer information databases the same way they treat stalking.
fast as fast can be. you'll never catch me.
"Ethics" is not the word. It is a category mistake to speak of a corporation having principles, acting ethically, or caring about anything other than profit or shareholder value. It is a case of attributing human qualities to an inanimate thing. Considered as a person, a corporation is a perfect sociopath. Speaking of what it "ought" to do is nonsensical. Like a shark, all that anyone can expect it to do is pursue its sole interest without regard for the consequences for anyone else or any other considerations.
What we want here is justice, not ethics. We want protection of the moral rights of citizens to appropriate control of information about themselves.
There is a freedom-of-speech aspect. It should remain legal to transmit truthful information. However, businesses should be prevented from using the customers' information for anything beyond the immediate transaction in which it is collected, unless the customer gives separate permission.
It comes down to this. There is aboslutely nothing illegal with, and there never will be anything illegal with, the gathering and selling of information about an individual..........until we as the 'consumers' start buying information about our Congressmen and Senators - then and only then will we see a quick and absolute death to such practices.
Thank you. Very informative (except for the comment about this being a stupid line of discussion. Not true unless you think people need to be kept in the dark about it).
Well, your argument didn't convince me that consumers' rights are being fully considered. You said:
OK. Once upon a time, I selectively decided to purchase one specific hot dog product instead of another. Instead of using one credit card to pay for it, I artistically whipped out another and rendered my digitized signature with a unique flourish. This was recorded.
Then I traveled to another location and creatively decided to pay for an electronics part in cash. That was not recorded. Thus I decided what to leave on my credit record "storyline" and what to leave out.
The next day, to add to the biography, I creatively considered several areas to move to, and which address, and moved to one of them, crossing storied mountains and rivers. I chose from among many numbers and streets, for instance I may have moved to a #80 address or a #404 -- my choice. How often do I make payments and on what day? That could also be a choice. All of these things put together can read like a storyline, similar to how a book author chooses the names of characters, events, streets and towns. Those who observe me must write down the actions as I have performed them. It is as if I am dictating to them a message and they are writing it down.
A non-fiction story is a compilation of facts. A fictional story is a compilation of some mixture of fact and imagination. Both are subject to copyright. People can take excerpts, but (correct me if I'm wrong) they cannot obtain the entire work. If giving out one number allows someone to obtain the entire work, would that not be considered a violation of copyright? (Even if you disagree, that's OK, read on.)
Your credit record is a document you are writing either by action or inaction. There is no end to those credit-repair agencies which claim they are able to help generate a fictitious or semi-fictitious storyline to make your "online character" look more creditworthy. They are spinning a tale for someone else to read, which you would otherwise be the author of. Book authors can also allow "ghost writers" to handle part of the work for that purpose, yet the author can still own the copyright.
Copyright aside, someone has already been issued a provisional patent on a storyline as in this recent story. (So even if copyrights are out of the picture there are plenty of other precedents being set.)
OTOH, to argue the reverse, if the results of my decisions are mere facts and not part of a biographical storyline that I am writing, then I could also conclude that:
A movie, song, or book is reducible to a fact, then. The creative part of the movie is what they performed while in the course of their business (e.g. shooting it in their studios). They did so under constraints of time and money, just as I have constraints of time and money in producing my storyline. That very long integer they produced as a result, well, that's just a "fact," just like the data I produce through my decisions is merely a "fact." I may choose to view a factual report of their activities through my viewer of choice, but I will probably be obliged to pay them for that privilege even though copyr