With a rise in abuse of government power, data pertaining to details of any citizen’s life may be in jeopardy of being collected, organized, and sold to any party without any knowledge of or consent given by the citizen themselves through the use of Commercial Personal Data Collection. Commercialization of citizen’s private information, combined with a record of unethical abuse of power in the collection process, creates a pattern of constant breaching of civilian rights for the sake of capital and private interests that must be stopped. Companies such as ChoicePoint, Lexis-Nexis, and Acxiom Inc. are often secretive in their collection of data even with a record of 10 million cases of identity theft in 2003 alone, according to “Commercial Personal Data Collection” published in 2005. The issue discussed here will cover the procedures, current evidence, and uses of Commercial Personal Data Collection, the record of unethical or illegal data collection practices, and the steps needed to legislate to regulate such endeavors so that they are less susceptible to misuse and abuse by the entities involved in these operations.
Commercial Personal Data collection has several applications in the booming intelligence market, with companies racing to collect billions upon billions of units of information from the cornucopia that is the internet. The first records of Commercial Personal Data Collection were in 1996, according to “Key Events in the History of Commercial Personal Data Collection”, when Lexis-Nexis unveiled P-Trak, which is a service that allows clients to obtain anyone's Social Security number, and other various forms of personal information; however, according to the Fair Credit Reporting Act, established in 1970, a federal law regulating collection, dissemination, and use of consumer information, data firms can make an investigative consumer report available only to those with a legitimate need for the information, such as banks, unless they have permission from the consumer or a court order. This law wasn’t reinforced until the 1974 Privacy Act, requiring the government to notify the public when it collects information about people, who it's gathering information about, what kinds of information, why it's being collected, and how the information is stored.
This is the law, and it is often broken by companies such as ChoicePoint when, in 2005, the company had 140,000 cases of identity theft, according to “Commercial Personal Data Collection”. Identity thieves from mere copy centers in Los Angeles would simply call ChoicePoint impersonating insurance or credit spokespersons, and requested that information be sent to them with little verification as to who they actually were. After media attention was drawn the company only gave notice to 35,000 Californian Residents, neglecting every other state in the country. But identity thieves don’t just involve random citizens acting with malice intent. The Transportation Security Agency also has a record of illegally, hypocritically, and unethically collecting personal data through Secure Flight, a program originally created for collecting information on airline passengers, according to "DHS Privacy Office Says Secure Flight Violated Privacy Act; Reportedly, authorities failed to publicize changes to the program, which included the collection of commercial data in 2004 and 2005.". In the original GAO letter, the Transportation Security Agency claimed it would never collect personal data about non-airline passengers. Not only did they break that to the tune of 100,000,000 units of data collected, they also failed to notify any of the citizens whose data was collected. Then, in 2004, the Transportation Security Agency took 43,000 names and 200,000 variations of these names from all airline passengers. It was only after meeting with the GAO, which was overseeing the program, that the Transportation Security Agency published a follow-up notice indicating simply that it would do the things it had earlier said it wouldn't do. Then, the GAO sent the Transportation Security Agency a letter, stating that the Transportation Security Agency must not store the data it collects, and that "Careless missteps such as this jeopardize the public trust and DHS' ability to deploy a much-needed, new system," citing the project's unfortunate history. The Transportation Security Agency did, in fact, store all 100,000,000 units of data collected, according to Congress: Government Broke Privacy Laws By Collecting Commercial Data; Instead of using limited information as originally promised, the Transportation Security Agency contracted with commercial providers to get more in-depth data.
The history of information technology is filled with several accounts of unethical use of power during times where oversight had yet to be established whilst prolonging these processes through the Transportation Security Agency, The vast majority of data collection agencies, and private interests that lobby to oppose any and all threatening interests. While the voices of these companies claim that they are cooperative and want to eschew obfuscation on the complex issue of data collection, Federal Regulation Supporters say that the existence of vast data warehouses is a direct threat to privacy, and that while the current patchwork of laws need to be updated and simplified, over-reaching legislature could possibly prevent and complicate otherwise ethical and profitable business. Another factor in the regulation of Commercial Personal Data Collection is public awareness. The majority of citizens have never even heard of any of the companies presented here, which can incentivize companies to behave unethically.
The necessity of legislation is still under debate, but until then, simple solutions can be achieved with simple education of any citizen’s online behavior. If a citizen does not post information on the internet, then data can’t be collected. Another solution is to only visit secure websites, such as any website that begins with https://….com. Make sure that when purchasing something online that the site has security credentials from a third party. Each and every citizen has the power to control who knows what about themself if they simply exercise their awareness of the information they espouse on the internet.
Data is a power that is useful to anyone, whether it be tracking down criminals or suspected terrorists, to blatant theft. Such data can be accessed with minimal oversight currently. Combine these facts with exponential industry growth, and the potential for identity theft jumps into the hundreds of thousands. Lack of legislation also creates an environment where companies have near carte blanche in their methodology of Commercial Personal Data Collection. America must unite to raise awareness of the security, or lack thereof, of the internet, and fight to reasonably regulate the mass data collection companies.
Works Cited
"Commercial Personal Data Collection." Issues & Controversies. 1 Apr. 2005. Web. 25 Apr.
"DHS Privacy Office Says Secure Flight Violated Privacy Act; Reportedly, authorities failed to
publicize changes to the program, which included the collection of commercial data in 2004 and 2005." InformationWeek 22 Dec. 2006. Academic OneFile. Web.
"Key Events in the History of Commercial Personal Data Collection (sidebar)." Issues &
Controversies On File: Issues & Controversies. 1 Apr. 2005. Web. 25 Apr. 2014.
Miller, Leslie. "Congress: Government Broke Privacy Laws By Collecting Commercial Data;
Instead of using limited information as originally promised, the Transportation Security
Agency contracted with commercial providers to get more in-depth data." InformationWeek 24 July 2005. Academic OneFile. Web. 25 Apr. 2014.