You might be wondering why everyone in cyber experts call & I quote “Your Personal data is new oil”. Comparison Oil with Personal data is a metaphor because everyone is after your personal data. It’s the fact that user personal data is being sold from one party to another.
The whole shadow business is called data brokerages including big giants: Facebook, Google & Amazon. They have free hand: From collecting user data to selling third-parties. If data breach happens, They are not accountable at all. For the data brokers, Data breaches in their database does not matter because they know their data is not a secret. They have already sold many times.
Data brokers intrude on the privacy of millions of people by harvesting and monetizing their personal information without their knowledge or consent. Worse, many data brokers fail to securely store this sensitive information, predictably leading to data breaches (likeEquifax) that put millions of people at risk of identity theft, stalking, and other harms for years to come.
List of major data brokerages
But, Time is changing & now world is waking up on data privacy & un-ethical practices. Also, Making data brokerages accountable. One of the recent example apart from GDPR law is Vermont’s New Data Privacy Law
What Vermont’s Law Does
Vermont’s new data privacy law seeks to protect consumers from data brokers through four important mechanisms.
Transparency. Data brokers must annually register with the state. When doing so, they must disclose whether consumers may opt-out of data collection, retention, or sale, and if so, how they may do so. A data broker must also disclose whether it has a process to credential its purchasers, and its number of security breaches.
Duty to secure data. Data brokers must adopt comprehensive data security programs with administrative, technical, and physical safeguards.
No fraudulent collection. Data brokers may not collect personal information by fraudulent means, or for the purpose of harassment or discrimination.
Free credit freezes. Credit freezes are an important way for consumers to protect themselves from the fallout of a data breach. Many businesses will not extend credit absent a report from a credit reporting agency, and a credit freeze bars these agencies from issuing a report until a consumer lifts the freeze when they actually want credit. Vermont already empowered consumers to use credit freezes to protect themselves from credit fraud. The new Vermont law bars credit agencies from charging consumers fees for this protection.