Skip to main content
diversification.com
← Back to D Definitions

Data brokers

What Are Data Brokers?

Data brokers are companies that collect and aggregate vast amounts of personal information about individuals from various sources, then sell or share this consumer data with other businesses and organizations. This practice falls under the broader category of data privacy and consumer protection within the evolving landscape of the digital economy. Unlike traditional consumer-facing businesses, data brokers typically do not have a direct relationship with the individuals whose information they collect, making their operations largely unseen by consumers. These entities play a significant role in how companies target their marketing efforts, verify identities, and assess risk.

History and Origin

The concept of collecting and selling consumer information has roots in direct marketing and credit reporting, evolving significantly with the advent of digital technologies. As early as the 1970s, laws like the Fair Credit Reporting Act (FCRA) began to address the provision of consumer data for credit and eligibility determinations, though these laws generally did not cover data sold for marketing or other purposes. The growth of the internet and widespread online activity accelerated the rise of modern data brokers. The Federal Trade Commission (FTC) highlighted the opaque nature of the data brokerage industry in a comprehensive 2014 report, noting that these companies collect personal information from a wide range of sources and provide it for various purposes, often without direct consumer interaction.9 This report, "Data Brokers: A Call for Transparency and Accountability," emphasized the growing concerns about how data brokers operate and the potential for consumer harm due to their unseen nature.8

Key Takeaways

  • Data brokers collect and aggregate personal information from numerous sources, often without direct consumer interaction.
  • They sell or share this aggregated data for purposes such as marketing, identity verification, and fraud detection.
  • The industry operates largely out of sight of consumers, raising significant data privacy and consumer protection concerns.
  • Regulatory bodies in the U.S. and globally have increasingly focused on the activities of data brokers due to the sensitive nature of the information they handle.
  • New legislation aims to provide consumers with more control over their personal information held by these entities.

Interpreting Data Brokers

Data brokers are interpreted as intermediaries in the information economy, serving as critical suppliers of insights derived from consumer data. For businesses, data brokers offer detailed profiles that can enhance targeted advertising, improve product offerings, and streamline processes like customer onboarding. However, for individuals, the existence and operation of data brokers raise questions about control over one's personal information and the potential for misuse. The interpretation of data broker practices often hinges on the balance between economic utility for businesses and privacy rights for consumers, making it a focal point in discussions around information security and ethical data use.

Hypothetical Example

Imagine "MegaData Corp.," a hypothetical data broker. MegaData systematically collects public records (like property transfers and marriage licenses), combines them with commercial data (such as loyalty card purchases and magazine subscriptions), and aggregates information from online activities (like website visits and app usage). This vast collection of raw third-party data is then organized and analyzed to create detailed profiles on millions of individuals.

A clothing retailer, "Fashion Trends Inc.," wants to identify potential new customers who are likely to buy high-end athletic wear. Fashion Trends purchases a segment of MegaData's profiles, specifically targeting individuals aged 25-45 with demonstrated interests in fitness, outdoor activities, and a history of luxury goods purchases. MegaData delivers a list of anonymized identifiers linked to these profiles. Fashion Trends uses this data to refine its digital advertising campaigns, ensuring ads for its new athletic line are shown primarily to individuals matching these detailed consumer behavior patterns. This allows Fashion Trends to optimize its advertising spend and reach a more relevant audience.

Practical Applications

Data brokers have a wide array of practical applications across various sectors:

  • Marketing and Advertising: Businesses use data from data brokers to create highly targeted advertising campaigns, personalize product recommendations, and understand consumer behavior patterns. This can lead to more efficient ad spending and potentially higher conversion rates for companies.
  • Risk Mitigation and Fraud Prevention: In financial services, data brokers provide data used for identity verification, credit scoring, and detecting fraudulent activities. For instance, they might supply information to help financial institutions assess an applicant's creditworthiness or flag suspicious transactions.
  • People Search and Background Checks: Law enforcement, private investigators, and individuals might use data broker services for locating people, conducting background checks, or verifying personal details.
  • Government and Public Safety: Government agencies can acquire data for purposes such as national security, law enforcement investigations, and public health analysis.
  • Academic Research: Researchers may utilize anonymized or aggregated data sets from brokers to study demographic trends, economic patterns, and social phenomena.

Recent regulatory proposals by the Consumer Financial Protection Bureau (CFPB) aim to classify certain data brokers, particularly those dealing with financial information, as consumer reporting agencies. This would subject them to the same strict accuracy and protection requirements under the Fair Credit Reporting Act (FCRA), limiting the sale of sensitive data like income and Social Security numbers.7

Limitations and Criticisms

Despite their utility, data brokers face significant limitations and criticisms, primarily centered on privacy, accuracy, and security concerns. A major criticism is the lack of transparency; consumers often have no idea which data brokers hold their information, what data they possess, or how it is being used. This opacity makes it difficult for individuals to exercise control over their personal information or correct inaccuracies.

Another key concern is the potential for data breaches, as data brokers often store vast repositories of sensitive data, making them attractive targets for malicious actors. Furthermore, the aggregation of data can lead to inferences about individuals that may be inaccurate or used for discriminatory purposes, such as "redlining" or targeting vulnerable populations.6 Regulatory bodies like the Federal Trade Commission (FTC) have voiced concerns about these practices, noting that data categories developed by brokers could disproportionately affect legally protected classes.5

State laws, such as California's Delete Act (effective August 1, 2026), aim to provide consumers with mechanisms to request data deletion through a single platform, requiring data brokers to comply.4 However, an analysis by Privacy Rights Clearinghouse (PRC) and the Electronic Frontier Foundation (EFF) found that many data brokers registered in one state are not registered in others, suggesting potential non-compliance or definitional discrepancies in state laws.3

Data Brokers vs. Privacy Policies

While both data brokers and privacy policies relate to how personal information is handled, they represent distinct aspects of the data ecosystem. Data brokers are companies whose primary business model involves collecting, aggregating, and selling personal data from various sources to third parties. They are the actors in the data economy who deal in consumer information.

In contrast, privacy policies are legal documents published by businesses that explain how they collect, use, store, and share personal information. They serve as a disclosure mechanism, informing consumers about the company's data practices. While a privacy policy might state that a company shares data with "third-party partners" (which could include data brokers), the policy itself does not actively collect or sell data. It merely describes the practices. The key difference lies in their function: data brokers perform the data aggregation and sale, while privacy policies describe a company's data handling processes, including, potentially, its interactions with data brokers. Legislation like the California Consumer Privacy Act (CCPA) empowers consumers with rights concerning their personal information, including the right to know what data businesses collect and the right to opt-out of the sale or sharing of their information.2

FAQs

What kind of information do data brokers collect?

Data brokers collect a wide range of information, including public records (e.g., birth certificates, marriage licenses, property records), commercial data (e.g., purchase history, loyalty program data), social media activity, browsing habits, and demographic information (e.g., age, income, education level). Some may also collect more sensitive data like health indicators or precise geolocation.

How do data brokers get my information?

Data brokers acquire information from numerous sources. These include publicly available records, commercial transactions (e.g., from retailers, credit card companies), online activities (e.g., websites you visit, apps you use), and other third-party data providers. They then combine these disparate pieces of information to create comprehensive profiles.

Can I stop data brokers from collecting my data?

Completely preventing data brokers from collecting your information is challenging due to the vast number of sources they use. However, some consumer protection laws, such as the California Consumer Privacy Act (CCPA), give residents the right to know what information is collected about them, request its deletion, and opt-out of the sale of their personal information.1 Some states also require data brokers to register and provide mechanisms for consumers to opt out of data sales.

Are data brokers legal?

Yes, data brokering is generally legal in the United States, although it is increasingly subject to regulation. Various state and federal laws aim to provide consumers with more rights and transparency regarding their personal data. However, the legal landscape is complex and continually evolving, with new legislation being proposed to address concerns about data privacy and risk mitigation in the industry.

Why is data brokering a concern for consumers?

Data brokering is a concern because it often occurs without the consumer's knowledge or explicit consent, potentially leading to a lack of control over one's personal information. There are risks of data inaccuracies, potential for identity theft or fraud if data is breached, and the possibility that detailed profiles could be used for discriminatory practices or to target vulnerable individuals.