from the you-look-like-you’re-in-the-market-for-a-coffin dept
Every few weeks for the last fifteen years there’s been a massive scandal involving some company, telecom, data broker, or app maker over-collecting your detailed personal location data, failing to secure it, then selling access to that information to any nitwit with a nickel. And despite the added risks this creates in the post-Roe era, we’ve still done little to pass a real privacy law or rein in reckless data brokers.
The latest case in point: 404 Media tells the story of one Connecticut woman who suddenly began getting mail advertisements for cremation services soon after she completed chemotherapy. According to a CT AG report, a data broker somehow inferred that the woman was facing a life-threatening illness, and subsequently decided to add her to a spam list for cremation services to cash in on the knowledge:
“After the woman filed a complaint under the state’s new data privacy law, the attorney general’s office investigated why this happened, and found that a “data broker identified the individual for the marketing list” for the cremation services company. “This matter has brought to light the close interplay between data brokers and data analytics firms in the digital marketing landscape.”
We’ve long noted how data brokers collect vast troves of location, browsing, medical, mental health, and behavioral data from apps, telecoms, smart TVs, and dozens of other devices and services, then use that data to build detailed consumer interest profiles. Companies claim this is ok because the data is “anonymized,” though studies have repeatedly found there’s nothing truly anonymous about the process.
That rampant over-collection and lazy protection of this data has resulted in no shortage of abuse by companies, stalkers, prisons, police, people pretending to be police, and everybody in between.
In this case there was something vaguely resembling accountability only because Connecticut has a state privacy law that the woman filed a complaint under. But even then, the term “accountability” is being generous; the CT AG isn’t revealing the names of the companies, and all the 404 Media report states is that the AG “issued a cure notice” to the cremation services company and is investigating the data broker.
But for every Connecticut, there’s five states that have no meaningful privacy protections for the internet era. And we still have no coherent federal internet-era privacy law. We don’t have these things not because it’s hard to do, but because corrupt state and federal politicians have decided, repeatedly, that making money off of data collection is more important than market health, public safety, or basic human decency.
Filed Under: consumers, data brokers, location data, privacy, security, spam
Source : https://www.techdirt.com/2024/02/13/data-brokers-help-spam-chemo-patient-with-cremation-services-because-thats-how-things-work-now/