Privacy Risks - California Reveals Data Brokers Selling US Data

What Changed

On March 24, California released an updated registry of data brokers, revealing that 33 companies are selling or sharing Americans' data with foreign actors. This annual update highlights the ongoing issue of data privacy and the lack of consent in data sales. These brokers operate without direct consumer relationships, collecting and aggregating personal information from various sources. The alarming part? Some of these brokers are selling sensitive data to countries like North Korea, China, Russia, and Iran.

This registry is part of California's efforts to enforce privacy laws and hold data brokers accountable. The data brokers listed are not just selling basic information; they also handle precise geolocation data. This is particularly concerning as it can expose individuals' movements and locations, posing a significant risk to national security.

Who's Affected

The implications of this data sharing are vast. Individuals whose data is sold may not even be aware that their personal information is being shared with foreign entities. The 33 data brokers identified in this registry include companies that collect a range of sensitive data, including gender identity, precise geolocation, and personal information tied to device IDs. This means that a wide array of Californians could be affected, especially those who may be vulnerable to scams or harassment due to the nature of the data sold.

Moreover, the potential for misuse of this data is high. For example, data brokers have previously sold information that contributed to stalking and other forms of violence. With foreign actors now involved, the stakes are even higher, as sensitive data could be used for espionage or other malicious activities.

What Data Was Exposed

The data brokers listed in California's registry primarily collect personal information linked to device identifiers. Five of these brokers even collect precise geolocation data, which is extremely difficult to anonymize effectively. This means that foreign adversaries could potentially track the movements of individuals, including government personnel, posing a direct threat to national security.

The types of data sold include:

• Personal Information: Names, addresses, and other identifying details.
• Device IDs: Unique identifiers that can track individuals across various devices.
• Geolocation Data: Specific location information that reveals where individuals are at any given time.

This data can be used to create detailed profiles of individuals, which can have dire consequences if it falls into the wrong hands.

What You Should Do

Given these alarming revelations, it is crucial for consumers to be aware of how their data is being used. Here are some steps you can take to protect your privacy:

• Stay Informed: Regularly check updates from state registries and privacy organizations about data brokers.
• Limit Data Sharing: Be cautious about the information you share online, especially on social media platforms.
• Use Privacy Tools: Consider using tools and services that enhance your online privacy, such as VPNs and privacy-focused browsers.

Regulatory bodies like the Federal Trade Commission (FTC) may need to take action against these data brokers under existing laws to prevent further data sales to foreign adversaries. Public awareness and advocacy for stronger privacy protections are essential to combat this growing threat.