I’ve been on a bit of tear recently about aggregators and data brokers after discovering that profiles I had deleted from Spokeo.com had seemingly reappeared. I am still in communications with Spokeo.com, which is why I haven’t published any update on my complaint yet, but hope to be able to blog more about it in the near future. I’ve also been in correspondence with 123people.com where you may not even be able to find a way to ask them not to show results for your name unless you can figure out where their relevant page is (hint: there’s no page linked from the homepage that refers to privacy at all – see how long it takes you to find the page with instructions).
Recently, I learned that the Privacy Rights Clearinghouse had compiled a list of 127 such sites and had annotated their list with some information about whether it’s possible to opt-out.
Even if all sites allowed it, why should consumers who did not consent to having their data aggregated and sold openly on the Internet have to opt out?
Why should stalking victims have to spend time – and in some cases money – and jump through hoops to try to prevent information about them being made readily available to their stalkers?
Yesterday, I learned that Abine, a company that specializes in removing personal information for people, had ranked a dozen of these sites on three factors:
- Ease of opting out
- Quality of customer service
- Respect for individual privacy
The “respect for individual privacy” was defined as “Does the site share your information with third parties, like advertisers? How much of your information do they display?”
You can read the results of their rankings on their web site.
Not surprisingly to me, Intelius was rated the worst, and with it, ZabaSearch and PeopleLookUp. Abine writes:
We lump these three together because, try as they might to pretend to be different companies, they’re all the same thing. In fact, Intelius feeds its data to dozens of different sites, but these are the biggest and best-known. These sites made it on our ultimate worsts list because of their outdated fax opt-out procedure and their time-wasting (and very transparent) insistence that you complete a separate opt-out for each of their “separate” companies. Whenever we delete a customer’s name from these sites, we have to send separate faxes addressed to different companies all at the same fax number.
It’s like a game we play: they pretend they’re separate entities who just happen to have the same fax number, and we pretend that we don’t notice and adhere to their ridiculous procedures. Game’s over, guys: we see what you’re doing. (And we’re not the first to figure this out: check out Steve Klingaman’s funny and exasperated post on “Attempts to Escape the Clutches of Online Data Aggregators.”)
Intelius (we’re just going to call all three of these sites “Intelius” for ease of typing) gets additional marks against it because of how readily it sells your information, spreading it all over the web. For instance, 123people.com, a people search aggregator that collects information on you from multiple smaller databases, gets most of its information from Intelius.
In an exchange on Twitter yesterday, Jim Adler, Chief Privacy Officer for Intelius, agreed that the fax opt-out system was outdated and indicated that the firm was looking at a web-based approach to opt-out. While that would certainly be an improvement and I hope the company implements it in the immediate future, it still leaves consumers in the unenviable position of having to track down companies to opt-out instead of having one “Do Not Aggregate” or “Do Not Display” list that would prevent all people search sites from displaying profiles or results on the individual.
I would prefer that these sites got together and agreed on a common opt-out that they would all abide by – that if a user submits name/address/zip to a central “Do not aggregate or reveal,” all sites would respect that. Failing that, and despite the anti-regulation folks, I would support government regulation on this because these sites may cause harm in any one of a number of ways, not the least of which is increasing the risk of identity theft.