Identity for Sale: Data Brokers Teach Congress a Lesson
Congress and Identity Theft
Things like our bank account statements, email messages, and telephone records are meant to be private. There are laws against people accessing or publishing our personal information – even a private message received in a chat room carries a “reasonable expectation of privacy” which can’t be breached without legal ramifications.
All of it is semi-public and up for sale.
A series of hearings was held by Congress over the last week, aimed at exposing “Data Brokers”. These companies literally peddle personal data to anyone willing to pay. And what is your information worth? Rep. Ed Whitfield, a Kentucky Republican and chairman of the panel’s oversight subcommittee, spoke candidly about the profitable business. He described an industry filled to bursting with cell phone records for $200, Social Security information for $60, and a student’s university class schedule going for the bargain rate of $80.
To be fair, the customers that most often use data brokers’ services include banks and other financial institutions. These institutions are trying to locate debtors. However, as was testified to Congress, law enforcement officials including the Department of Homeland Security, the FBI, and the Austin Police Department have used the same services on occasion.
As Congress was most concerned to learn, the real problem is that data brokers often get the information they sell through deception. One witness, a former data broker named James Rapp, testified about how easily obtaining and selling bank passwords and credit card records is. Customer service representatives working for a data brokering company like Rapp’s previous one (shut down in 1999 under pressure from Denver police) would make a simple phone call and offer some personal information like the person’s full name and address. From there, the person is conned into revealing other information like Social Security numbers.
Furthermore, data brokers don’t require any real information from the person buying the information, and never monitor how that data might be used.
Colorado Democrat Diana DeGette made what might be the most important statement of all, when she noted how easily a criminal could access personal information. “Such information, for example,” DeGette stated, “could allow a stalker to find a victim or a threatening husband to find a spouse.” There was concrete evidence backing up DeGette’s statement. Witnesses testified to Congress that on one occasion an undercover Los Angeles police officer was killed after drug dealers used a data broker to gain the officer’s pager information.
Tie-Ins to Terrorism
One of the goals behind holding these hearings was the idea of freeing up two measures to outlaw data brokering that had mysteriously been pulled from the House floor last month. The legistlation now pending was developed because it is still unclear if data brokers violate fraud or identity theft laws.
Republican and Democrat alike agree that House leaders likely pulled the previous bills because of potential complications with terrorism investiations. Currently, law enforcement officials can access records from phone companies like Verizon without a subpoena as long as terrorism is suspected. Without data brokers, they will have to obtain a subpoena and wait on a company to respond.
