June 12, 2013 8:11 pm

Disparate network of companies is difficult to bring to heel

A web visitor looking up the forecast for Chicago on a free weather site would find out about the temperature and any likelihood of rain.

At the same time nearly a dozen third-party tracking companies would receive information about the visit. These companies could, in turn, send details of the query to a chain of dozens, if not hundreds, of other businesses.

The fact that such information can spread so far and wide highlights the difficulties regulators and lawmakers face as they try to bring more oversight and transparency to the business.

In the US, very few laws protect the privacy of individuals’ information beyond data collected about children, or information that could be used to make decisions regarding credit, employment, insurance or housing. Europe has more robust data protection laws, but even so privacy advocates call them woefully inadequate amid rapid changes in the technologies used to gather, combine and analyse personal data.

Despite such privacy concerns, however, the prospect in the US for new legislation any time soon is dim. A Federal Trade Commission investigation, which began at the end of last year and is expected to take about a year, aims only to obtain a better understanding of the industry, which will inform potential recommendations for legislation or self regulation.

The data broker industry is unwieldy for regulators to tackle because it encompasses both decades-old companies such as Acxiom and Experian, as well as new digital entrants that seemingly crop up overnight. The companies involved, and their tactics, are constantly changing, amid new digital technologies such as location trackers within mobile phones.

“If you expand the definition of a data broker much beyond [regulated credit reporting bureaus], you go from a world of three [companies] to a world of thousands immediately,” said Mike Zaneis, senior vice-president of public policy for the Interactive Advertising Bureau, an industry group whose more than 500 members include Facebook, Amazon and WPP ad companies.

“In the digital economy, everybody essentially is a data broker. Data are very much the new currency,” he added.

Over the years, various US legislators have introduced digital privacy bills, but these have failed to gain much traction. Jay Rockefeller, a senator from West Virginia, this year reintroduced an online privacy bill. The bill failed to make it out of committee two years ago, and its future is tenuous amid lobbying, and the fact that Mr Rockefeller, long a proponent of internet privacy legislation, has said he will not seek re-election in 2014.

That leaves data brokers operating under a set of self-regulatory principles adopted by the internet and advertising industries. These voluntary guidelines attempt to ensure that consumers are aware of when they are being tracked and targeted with ads, as well as provide them with an easy way to opt out of receiving targeted ads. It is however nearly impossible to opt out of being profiled altogether.

Copyright The Financial Times Limited 2015. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.


Sign up for email briefings to stay up to date on topics you are interested in