What is a Data Broker? [Things You Need to Know]

California Civil Code § 1798.99.80 defines a data broker as a company that collects and sells people’s personal information to third parties. 

Data brokers vary in the type of data that they collect. They collect information from the Internet, social media, banks, etc. The collected data are sold to third-party companies for market research or statistics.

Read on to know more about data brokers—-what they do, how they collect data, and why you should get your information off their databases.

How Data Brokers Work

Data brokers gather vast amounts of personal data online. Typically, they collect information that can be easily tied to an individual. These can be names, phone numbers, birthdates, email addresses, and more. 

However, data brokers can also get information on anyone’s cart items, social media accounts, and criminal records.

Other information they collect are:

• Financial information or credit history
• Credit score and income
• Employment history 
• Online activities
• Shopping history or purchasing habits
• Public Records

With these data points, they create target market profiles using and organizing the collected data in a way that makes sense for marketers.

How Do Data Brokers Collect Information?

Data brokers collect and gather data from any data point—whether online or offline. Depending on the market need, they also get data from paid or free sources.

Some data brokers even pay extra for sensitive data such as financial status and online behaviors.

Here are the core ways data brokers get your information:

• Credit cards

Credit cards from banks contain private information, which they store in their systems. Banks often sell consumer information from their system to data brokers. 

Apparently, this is not illegal under the Gramm-Leach-Bliley Act as long as “limitations on disclosure of personal information” are complied. 

Information like shopping history is anonymized. Only the behavior or activity from the credit card is collected and sold to data brokers.

• Behavioral tracking

Behavioral tracking includes monitoring user activities—like how long you lingered on a page or what sites you clicked. The activities made are saved as internet cookies.

Like the photo above, websites often ask visitors to “Accept” cookies for viewers to have a better website experience. 

Although these help consumers view the webpage better, cookies contain relevant information about your online activity. Data brokers usually buy cookies from particular websites.

• Public Records

Most public records, like voter registrations, census data, and more, can be accessed upon anyone’s request. This includes data brokers. 

They obtain personal data from scouring public records.  It is not considered illegal since the information is “public.” 

This lets them obtain millions of personal data through simple requests and formal access without breaking regulations. 

However, this technicality does not apply to sealed documents. 

• Loyalty Cards

Never underestimate loyalty cards and programs. They are another way data brokers keep tabs on your shopping preferences. 

Companies that offer loyalty programs store information such as names, addresses, and birthdates. Some also include transaction histories, like when or where the consumer used a loyalty card.

Data brokers gather this information to create data and sell it to different companies, mainly to those that focus on marketing and retail. 

• Mobile applications

Free apps are never FREE. They usually sell users’ data like birthdays, ages, or locations, then charge companies for the advertisements. 

Targeted ads drive marketing today and allow users to see ads personalized to their tastes. Data from ads are also helpful to companies that focus on ad marketing.

• Social media

Around 60% of the world’s population use social media as of 2023. An average person spends 2.5 hours on different platforms—to post, comment, like, chat, and more. 

People do and share many things on social media, making it rich in information about anyone. This is why most data brokers go to different social media sites to obtain data. 

Some data brokers use data scraping. They scrape social media sites to collect public data points from public profiles. 

This technique is against most social media’s terms of use. However, since information on the platforms is often shared publicly, some say it is not exactly illegal.

The Legality of Data Brokers

Data brokerage is unregulated on a federal level, and no laws against businesses that profit from data collection exist.

As long as data brokers obtain data from public information, no law is broken. Laws on data brokerage are highly sectoral.

An example of this is the Fair Credit Reporting Act. The FCRA is specific only to protecting individuals from unfair credit reporting. 

Through the FCRA, consumers can question inaccurate details on their credit reports and seek damages if their rights are violated.

Also, laws in the US are enforced at state levels rather than national ones. Take California and Vermont as examples. 

Data brokers within these states must register with the Attorney General’s office annually to continue their operations.

On the other hand, the European Union has the General Data Protection Regulation (GDPR), which upholds data privacy and security. 

The regulation states that users must consent before sites can collect their data. This gives individuals more control over their personal data.

Who Buys from Data Brokers?

After collecting, sorting, and filling data into usable format, data brokers will sell these to companies that may need it.

Companies that usually buy information from data brokers are:

• Advertisers
• Financial institutions
• Insurance companies
• Marketing agencies
• Government offices
• Political consultants

These enterprises will use the data to gain insights into consumer activities, research the latest trends, create statistics, or improve their platforms and services.

How to Remove Your Information From Data Brokers?

Even though data brokers are technically legal, the purpose of their operations still includes personal information, which should be treated with confidentiality.

Data brokers are also vulnerable to breaches due to the massive amount of data they hold. This only tempts cyberattackers to steal and sell information to the dark web.

If you want to safeguard your data from data brokers and the Internet, opting out is one of the best methods. 

Opt out manually from data brokers

Before removing your, determine which company stores your data. Once you know, request a data removal by contacting the data broker. 

The steps below used Acxiom’s method of data removal requests. Check it out.

1. Go to Acxiom’s homepage.

2. Scroll down to the end of the page. Click Do Not Sell My Personal Information. 

3. The US Consumer Opt-Out guide page will appear. Read through the critical points. 

At the bottom of the page, you’ll find the opt-out form.

4. Fill up the opt-out form entirely and click Submit. 

5. Provide your email address, do the reCAPTCHA, and click Submit. 

6. Open your email to view the verification email sent by Acxiom and click on the provided link.

7. Click the checkbox beside reCAPTCHA and hit Submit. 

Once you submit your request, all you have to do is wait a maximum of two weeks before Acxiom successfully fulfills your request. 

Largest Data Brokers

There are 506 data brokers in the US, but only a few are known. The following data brokers are some of the prominent players in the field of data brokerage. 

1. Acxiom 

The Acxiom Corporation is dubbed the quiet giant of American database marketing. The corporation employs over 2,000 employees, serving millions of data consumers worldwide. 

Acxiom’s servers also process over 50 trillion data transactions annually. Their vast databases store information from 500 million active consumers worldwide; most are from the US.

2. Experian

Experian is an American-Irish-owned information services company recognized for providing data and analytical tools to manage credit risk, fraud, etc. 

The company gathers and aggregates information on over 1 billion people and businesses worldwide. Experian also employs over 20,600 people to run their databases.

3. Epsilon Data Management

Epsilon Data Management LLC offers marketing and data services, such as marketing analytics, storing propriety data, email marketing, predictive modeling, digital marketing, and more.

They are based in Irving, Texas, but offer access to information of over 200 million unique individuals.

4. Oracle America, Inc.

Oracle America, Inc., is a corporation that manufactures and markets network computing infrastructure solutions. 

They are known for their database software, microprocessors, and developer software. The company also serves more than 420,000 customers across 175 countries. 

5. CoreLogic

CoreLogic provides intelligence and data for the real estate, mortgage, and insurance industries. They cover 99% of data on US properties, making them a popular data resource for landlords and real estate agencies. 

As of 2020, CoreLogic employs over 5,300 employees and has a revenue of $1.6 billion. 

6. Nielsen

Nielsen is an established leader in market research and ratings by providing insights into consumer information and behavior over media.

They also pioneered audience rating systems for TV, music, radio, and magazines worldwide.

7. Equifax

Equifax is one of the oldest data brokers in America, established in Georgia. Their operations focus on credit references of consumers.

In the 70s, the company was criticized for a false perception that it sold data regarding sexual orientation. Despite this, Equifax holds over 800 million individual data, with revenue skyrocketing to $3.1 billion. 

8. Verisk

Like Equifax, Verisk handles key financial data, like risk management, insurance, and financial services. 

In the Q1 of 2023, the company earned $651.6 million in revenue. Their total revenue comes from umbrella companies such as Maplecroft and Air Worldwide. 

9. LexisNexis

LexisNexis holds the largest databases of the world’s legal and public records.

The company has 1,800 technologists who handle and maintain over 144 billion legal documents and records from 39,000 premium resources.

Their collective data storage is 2.5 petabytes, 150x the size of Wikipedia.

10. Aristotle

Aristotle is a political data management company focusing on voter data for political campaigns and organizations. 

Since 1983, the company has been the leading choice of political data brokerage for every US president, from Ronald Reagan to Barack Obama. 

Conclusion

Users share data on the Internet—whether deliberately or unconsciously. This potentially exposes personal information to data brokers. They then sell the information to third-party companies. 

Experts also say that internet devices are now trackers for data brokers. However, federal laws have yet to be made regarding data protection.

Knowing how data brokers work is vital in understanding what, why, and how your personal data on the Internet are gathered and used. This can also help you set up safety measures to safeguard your online privacy.