Summary Of Data Mining Issues and Regulations

More and more consumers use credit cards when paying for their items at the grocery or department store. These consumers probably do not realize that by using credit cards instead of cash, their personal information stores collect their personal information and could then sell the information to a third-party. A few of the largest data mining companies are Equifax, Inc., TransUnion Corp, and even LexisNexis Group.[1] Unwanted data collection injures consumers because it violates their right to privacy protection and the regulations in place do not properly protect consumer privacy when making in-store purchases.

The current regulations are administered through the Federal Trade Commission (“FTC”). The FTC developed numerous statutes to attempt to enforce consumer privacy in the marketplace.[2] The FTC, President Barack Obama and state laws have attempted to eradicate the current issues with data collection and mining. The FTC and President Obama have proposed plans to teach consumers and regulate businesses, but their plans have not been put into place.

The FTC proposed framework consists of three steps: “privacy by design;” “simplified choice;” and “greater transparency.”[3]  President Obama’s Privacy Bill of Rights includes individual control, transparency, respect for context, security, access and accuracy, focused collection, and accountability, each of which focus on consumers rather than companies.[4]  The focus on consumers in this Bill of Rights gives more control on what information companies can collect.

Consumers often do not understand the consequences of stores collecting and mining their personal information and the privacy of consumers must be protected.

[1] Opt Out List, Stop Data Mining Me, http://www.stopdatamining.me/opt-out-list/ (last visited Sept. 28, 2014). See also EQUIFAX Analytical Services, http://www.equifax.com/consumer/marketinganalytics/en_us. See also TransUnion Corp., http://www.transunion.com/. See also LexisNexis Group, http://www.lexisnexis.com/en-us/home.page.

[2] See 15 U.S.C. § 6801(2012) (requiring “each financial institution [to have] an affirmative and continuing obligation to respect the privacy of its customers and protect the security and confidentiality…”). See also 5 U.S.C. §552a (2012) (requiring the federal government to prevent unauthorized disclosures of personal information).

[3] Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers, Fed. Trade Comm’n (Dec. 2010), available at http://www.ftc.gov/sites/default/files/documents/reports/federal-trade-commission-bureau-consumer-protection-preliminary-ftc-staff-report-protecting-consumer/101201privacyreport.pdf (describing “Privacy by design” which focuses on companies encouraging consumer privacy in their practices in ways such as data security and management; “Simplified choice” which allows companies to offer the choice of data collection at a point in time when the consumer is ready to make the decision as opposed to prior to data collection and; “Greater transparency” which assists in creating “clearer, shorter and more standardized” privacy policies and educating consumers regarding the company’s data practices).

[4] President Barack Obama, Consumer Data Privacy in a Networked World 1 (Feb. 2012), available at http://www.whitehouse.gov/sites/default/files/privacy-final.pdf (describing how individual control allows consumers to control who collects their data; transparency allows consumers to easily understand privacy practices; respect for context assumes consumers will know that companies have and will use their personal data in the same context that consumers provide it; security allows consumers to have a accountable handling of their data; access and accuracy allows for consumers to appropriately collect personal data; focused collection allows for consumers to limit what personal data is collected and; accountability allows consumers to have their data handled in a way not inconsistent with the Bill of Rights).