The Federal Trade Commission sent letters to ten data broker companies warning that their practices could violate the Fair Credit Reporting Act (FCRA) after a test-shopping operation by the FTC indicated the companies were willing to sell consumer information without abiding by FCRA requirements.
The test-shopping operation was part of a worldwide privacy protection effort. FTC staff members posed as individuals or representatives of companies seeking information about consumers to make decisions related to their creditworthiness, eligibility for insurance or suitability for employment.
Data broker companies that collect, distribute or sell this information are considered consumer reporting agencies under the FCRA, meaning they must reasonably verify the identities of their customers and make sure that these customers have a legitimate purpose for receiving the information. This requirement ensures that the privacy of sensitive consumer report information is protected. Of the 45 companies contacted by FTC staff in the test-shopper operation, ten appear to violate the FCRA by offering to provide the information without complying with the law’s requirements.
The FTC issued the letters this week in conjunction with an international privacy practice transparency sweep conducted by the Global Privacy Enforcement Network (GPEN). The network connects privacy enforcement authorities to promote and support cooperation in cross-border enforcement of laws protecting privacy. Several GPEN members from countries around the world are taking steps this week to ensure that companies meet their obligations related to the privacy of consumers’ personal information.
The ten companies receiving the warning letters from the FTC include:
- Two companies that appeared to offer “pre-screened” lists of consumers for use in making firm offers of credit: ConsumerBase and one additional company;
- Two companies that appeared to offer consumer information for use in making insurance decisions: Brokers Data and US Data Corporation; and
- Six companies that appeared to offer consumer information for employment purposes: Crimcheck.com, 4Nannies, U.S. Information Search, People Search Now, Case Breakers, and USA People Search.
The letters are not an official notice by the Commission that any of the named companies is subject to the requirements of the FCRA, nor do the letters lay out any formal complaints against the companies. Instead, they serve to remind the companies to evaluate their practices to determine whether they are consumer reporting agencies, and if so, how to comply with that law. – Source