A lot of websites out there claim to have vast databases of information about people such as their phone number, a full name and date of birth, their spending and household information, and other details that sometimes aren’t that common to find.
The question is, where are these websites getting this information? And why can’t I find it myself? Shrouded behind industry secrets and a hush-hush atmosphere is a wide range of data brokers, buying and selling information about you and other people. They gather this information from a wide range of sources, some common and expected like public records, and some sources tend to be… less expected.
Many common sources of personal information are obtained through crowdsourcing. For example, one popular phone number lookup service requires you to upload your current contact list in order to look up other people’s phone numbers, in doing so, you are allowing the service to add your own personal list of phone numbers to the directory and enabling other people to search through your contact list in order to look them up to. You should be careful allowing access to services like this, especially if you care about your privacy and the privacy of your contacts as well. Even if you delete the app and never use it again, your contacts are still stored indefinitely within the database of the application.
Many companies also have expensive custom built web scrapers that browse through social media, college directories, and other phone number sources online and compile into easy to read databases of information that is accessible by anyone… anyone willing to pay for access to the information that is. The good thing is, with a little bit of time and patience, you can use social media to your advantage and look up phone numbers yourself, as well as school directories and a wide range of other sources where people put their phone numbers.
Fast food orders and other types of small transactions give away lots of information about a person. Ever wonder how companies can lookup where you live just by your name? Have you ever ordered fast food before and left a phone number to call back, or a delivery location? Chances are, a good percentage of fast food stores log the information about where they delivered and what name was associated with the delivery, and then resell this information to companies like Intellius and Instant Checkmate.
Giveaways and sweepstakes are also common ways for companies to gather personal information. See that car giveaway at the mall that requires you to fill out a form and enter to win? That’s not just so you can win the car – in fact, the company behind giving the car away is usually always making more money that the actual worth of the car, just by selling the information collected on those raffle cards. Some of the raffles require you to enter really specific details, like how likely you’re going to be buying a car within the next few months – that information along with your name, phone number, and other contact information you put on the raffle is then sold directly to advertisers selling cars. The giveaway of the car may cost the company $30,000 – but if they collect 60,000 raffle tickets and sell them for 50c each – that’s the purchase price of the car. And they don’t have to sell the data just once either, the company giving the car away can sell it to multiple data brokers – see how quickly this all adds up? It becomes in credibly easy for the company or organization doing the giveaway to break even and come out on top – all while your personal information is traded around and collected by companies like Intellius and Instant Checkmate.
In order to understand the inner-workings of these different companies, let’s take a look at this YCombinator post from early 2017, in which a former employee of a data broker stated that each company has their own machine learning capability to build a “profile” around each person based on bits and pieces of seemingly unrelated bits of information.
Medical records are sadly another source of information from big data brokers. In an article from Scientific American, it was reported that while there are laws and regulations in place designed to keep certain types of information private and unable to be bought and sold, there were still databases that stripped social security numbers and detailed addresses, but the rest of the information like phone numbers could be sold, legally, to whoever was willing to buy.
A growing number of companies specialize in gathering longitudinal information from hundreds of millions of hospitals’ and doctors’ records, as well as from prescription and insurance claims and laboratory tests. Pooling all these data turns them into a valuable commodity.
– Scientific American (Adam Turner – Feb 1, 2016)
In short, Since a health transaction is considered a business transaction between your doctor your insurance company, your information is not protected. It’s just another way for data brokers to gather more information about you.
So what can you do if you don’t want your information out there for everyone to see? To begin, you should be very careful each and every time you give away pieces of information away – sometimes the place you’re submitting your information may be different from the place that receives the information, so it’s important to be conscious of that.
You can also systematically sign up for services which remove your information from these outlets, but usually they are ineffective and only last for a certain period of time before the data about you and other people is collected again and is put back up on the sites.