The California Privacy Protection Agency (CPPA) has ordered Background Alert, a data broker based in California, to cease its operations for three years due to its failure to comply with the Delete Act. This law requires data brokers to register annually with the state, ensuring consumer data is protected. Background Alert is accused of using public records to build individual profiles, drawing inferences about people and selling their data. These profiles have been deemed highly invasive, as they can reveal sensitive information, including affiliations with certain groups or individuals.
The Delete Act, which aims to safeguard consumer privacy, mandates that brokers register with the state and pay a fee to fund a tool that allows individuals to delete their personal information from brokers’ databases. The CPPA’s decision is part of California’s aggressive stance on protecting citizens from data exploitation, a stance that has garnered attention nationally. Critics argue that the industry’s practices often target vulnerable groups, like immigrants or patients seeking reproductive care, by exploiting seemingly trivial data points to make invasive inferences.
Data brokers like Background Alert use vast amounts of publicly available information to infer highly personal characteristics.
These inferences can be used unscrupulously, such as identifying veterans or revealing medical conditions, raising significant privacy and security concerns. The CPPA’s ruling aims to curb such practices, stressing the potential harm caused by the ease with which individuals can be identified or re-identified by these profiles.
This ruling is intended to deter other brokers from engaging in similar activities without state oversight.
California is at the forefront of efforts to regulate data brokers, with states like Texas also taking steps to rein in the industry. Experts such as Justin Sherman from the Electronic Privacy Information Center have praised California’s actions, noting that these regulations are necessary to protect individuals’ privacy and security in the digital age. The CPPA’s move to shut down Background Alert for its failure to register signals a broader trend of increasing scrutiny and accountability for data brokers, ensuring that consumer data is better protected against exploitation.
Reference:
