Why do companies collect, sell, buy or store personal data

What if I tell you that there are big companies out there in the market whose names you are yet to hear, but they know you very well, in fact, more than what you can think of.

They are termed as Data Brokers, and their job is to collect all kinds of information that includes your name, address, place of work, hobbies, interests, family, and things that you do online. You will be surprised to know that much of this data collection trade has existed for decades. Today, what has changed is the volume and nature of the data being extracted from the Internet. First, it was just the PCs and Laptops, now handheld devices like smartphones have become the target of all data broker companies.

So, how do Data Brokers collect information? What do companies do with online user data? How do they make money from it? This post takes a look at it.

Why do companies collect, sell, buy, store personal online data

Companies collect your data in order to build up your profile, which can be used to push you targetted products and services. This has become big business now as customers are willing to pay a lot of money for such data, that can help them target specific segments of the market.

Why do companies collect, sell, buy or store personal data

Data Brokers sell data to Businesses

There has been an unprecedented growth of a multi-billion dollar industry of data brokers that operates in the glooms with virtually no oversight.

Data Brokers collect, analyze and package some of your most sensitive personal information and sell it as a commodity to businesses, advertisers, other data brokers and even the government without letting them know.

Information collected by Data Brokers include-

  • Name, Age, and Gender
  • Present and previous Address
  • Handphone numbers
  • Email address
  • Marital status
  • Age of Children
  • Property ownership
  • Political preferences
  • Income details
  • Educational details and more

The extent of data collection can spread to monitoring important life events like marriage, baby, relationship status, getting a divorce and more.

How do Data Brokers collect your personal information

Data Brokers can be termed as specialist firms across the web. To gather information about users and throw up related ads, they host a slew of third parties that observe who comes to the site and build up a digital profile about them.

You may argue that how it is possible to track your web movement when you traverse from one site to another. Data brokers, apply tools such as Cookies, web beacons, e-tags and a variety of other tools. Cookies, widely used on desktop computers, are small pieces of code that are dropped on a user’s browser. A Web beacon is a small transparent graphic image that is placed on a website or in an email and used to monitor the browsing or email-sending behavior of the user

Using the above monitoring techniques, they summarize what sites users you have visited, what you have shopped for, what time you are likely to shop, and so on.

1] Anonymous data sets can be de-anonymised

As more information gets attached to cookies and devices, it becomes easier to identify users. With necessary information, anonymous data sets can be de-anonymised. Researchers say that only two data points is enough to identify more than half the users. Hence, data brokers easily hitch other personal details too, such as your income, the size of your home, number of children, property type – rented or owned.

2] Other information sources for Data Brokers

Easily available information in the form of Government records and other publicly available information are other sources of data feeders for Data Brokers. For instance, the motor vehicles department may sell information like your name, address, your vehicle types to data companies, although only for certain permitted purposes, including identity verification.

Similarly, publicly available voting records, which include information about your party registration and how often you vote, can also be bought and sold with restrictions and only to some third-parties.

3] From your smartphone

Most free smartphone apps that you happily install on your phone ask for permission to access your address book or other folders. We quickly and happily give it, since we are eager to use the app. This is how the apps get access to your data and steal your contacts details and more.

The latest example is the popular Sarahah app which uploads your entire address book – and the developer has accepted this as a fact!

Non-Conventional Data brokers

Non-Conventional Data brokers are those entities who are not into data collection business, but their core business is such that they have access to data worth billions of dollars.

Take a look:

1] Banks

Much of our sensitive financial information is shared with banks we transact. When using their banking services, we are bound to share information that includes,

  • Social Security number
  • Account Balances and Transaction History
  • Credit History and Investment Experience
  • Home and office address
  • Information related to job, email, phone number, and more

Although Banks are required to comply with the Consumer Privacy Policy, which necessitates them to inform users about data collection and use and allow those users to opt-out of some, there are loop-holes to bypass the process.

During third party audits and credit checks, much of the user financial information is shared with third-parties, effectively turning your bank into a data broker. Banks also shares its customer’s data points with companies for marketing / improving customer service experience.

2] Social websites

There is a price to pay if something comes as free and you are welcomed only after you hand over your personal information. Free email, free OS, free app to connect with friends and family and free search, all come with data compromise.

Social networking sites like Facebook and Twitter collect heaps of personal information, including ages, friends, and interests, when you sign up and spend time browsing. Much of the information is collected without you being aware of it. For instance, Facebook’s “Like” and Twitter’s “Tweet” buttons which most websites embed in order to allow visitors like/follow their page carry a code that allows the social-networking companies to track users’ movements even if they do not click those buttons.

Google is by far the #1 search engine and its other free services like Gmail, Google Maps, rank among the best and most preferred in the industry. However, there is a trade off in exchange of the free services that Google provides. A lot of your personal information is collected by the Search giant to dish out personalized, targeted ad experiences.

Your name, email address, telephone number, credit card information, your usage pattern, your communication with other websites using AdWords and other Google technologies, your device information, search queries, and more, is collected by Google to know more about you. Google through Chrome also stores information in your browser via local browser storage to know your preferences.

Social networking sites like Facebook and Twitter collect heaps of personal information, including ages, friends, and interests, when you sign up and spend time browsing. Much of the information is collected without you being aware of it. For instance, Facebook’s “Like” and Twitter’s “Tweet” buttons which most websites embed in order to allow visitors like/follow their page carry a code that allows the social-networking companies to track users’ movements even if they do not click those buttons.

Consumer data collection company, Datalogix, entered into an agreement with Facebook, to track whether Facebook users who see ads for certain products actually end up buying them at local stores.

Microsoft had to come out time and again and defend itself on what information it collects. The company clearly spells out on what it collects, which includes Name, Contact information, Login credentials, Demographic data, Payment credentials, and more.

Contrary to its privacy policy, which says that it reads everything, the company says that it does not read the text of the email, but only the line and body. Thankfully, it does not sell ads aggressively with the data it collects.

Data Brokers industry is growing rapidly

According to a report, Figure estimated for the year 2012 reveals that the data broker industry generated $156 billion in revenues,” a sum that is “more than twice the size of the entire intelligence budget of the United States Government.” So you can imagine the size of this market today in 2017!

Although there are numerous data brokers active in the Europe, the European data broker landscape is not comparable to the US market in terms of market size. The European revenues of large data brokers, such as Acxiom, LexisNexis, amount only to a fraction of their overall revenues.

The firm Acxiom, publicly traded on the NASDAQ, does more than $1.1 billion annually offering its analytical services and is only one of the many other companies in the US.

Read: What is Data Mining?

Precautions you can take to prevent stealing of your personal data

Is it safe to say that your privacy is traded for money? Yes of course! Remember, no free service is actually free. Some of the ways which help you avoid getting poached by data brokers are – surfing anonymously, not using a smartphone, never opening an account on the social channel and never taking advantage of a free Web service – and this is something that may not possible in today’s times!

Nevertheless, a few things you could do are – use a VPN software, frequently clear your Internet cache & cookies or better till surf in the Incognito mode, be careful what you share on the social media and be aware of the pages you ‘Like’. Use a good security software to secure your device and be careful of what information you give out online. Be aware of Phishing emails, Social Engineering and Identity Theft.

Where possible opt out of tracking or personalized ads. You you can adjust the privacy settings on Facebook and stop the social giant to track your activities. We have seen how to opt out of and Stop Personalized ads in Windows 10 and  how to opt out and maintain your privacy when using Google Services.

During installation of a software or an iPhone or an Android app, always be careful of the permissions you give. If you have given permissions, you should check your settings and revoke the permissions.

But remember, whatever you do, you will still be tracked! There is nowhere to go, nowhere to hide…if you are online, rest assured that you have been profiled!

Posted by on , in Category Security with Tags
Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.