Data Privacy

What will rein in the activities of the personal data brokers?

I’ve read two fascinating articles recently unpicking just how much personal data about each of us is bought and sold without our consent.

The UK’s Financial Times carried a great piece on the ‘privacy deathstars’  – super data brokers such as Oracle, Nielsen and Salesforce, as well as lesser-known brands.

As the article, which also included the great graphic above, explained: “Data brokers mine a treasure trove of personal, locational and transactional data to paint a picture of an individual’s life. Tastes in books or music, hobbies, dating preferences, political or religious leanings, and personality traits are all packaged and sold by data brokers to a range of industries, chiefly banks and insurers, retailers, telecoms, media companies and even governments. The European Commission forecasts the data market in Europe could be worth as much as €106.8bn by 2020.”

The key quote for me was this, made after stating that the data broking industry has expanded aggressively in the past five years in a “virtual regulatory vacuum”, to the extent that big data brokers are now providing: “one-stop shopping for hundreds of different data points which can be added into a single person’s files…as a result, everyone now is invisibly attached to a living, breathing database that tracks their every move.” Both scary and true.

Motherboard also carried out an investigation into data broking, which concluded that “T-Mobile, Sprint, and AT&T are selling access to their customers’ location data, and that data is ending up in the hands of bounty hunters and others not authorized to possess it, letting them track most phones in the country.” It’s a very interesting read, and arguably worth a click simply to see the flowchart of how many steps the data went through to turn a phone number into cell phone location data. Again, this article clearly brings the impact of data trading home to those reading.

Both these articles made me stop and think on a few levels:

1) Firstly, it’s obviously great that personal data privacy is becoming much less of a niche concern – as shown by an increasing amount of coverage in publications such as the FT. While this issue – rightly – continues to get substantial coverage on tech sites such as TechCrunch, making the leap into the mainstream press reflects its growing importance in our collective national psyche.

2) Secondly, that even as data broking practices seem to be going from strength to strength, we also know that data protection authorities worldwide, including the Information Commissioner’s Office (ICO) in the UK and CNIL in France are starting to take more of an active interest. Many will be watching for their findings. Will those involve sanctions and fines?

3) Thirdly, as you might suspect, it reminds me of the importance of’s mission – putting users back in control of their personal data. Regulation has a important role in holding back the data-broking tide, but only a sea-change in who should own and control personal data will ultimately fix people who are not us being able to trade the details that make up our digital lives and footprints.

All hail the Internet of Me!