Does European Data Protection Law protect against obnoxious data brokers?

Last months Pam Dixon, director of the World Privacy Forum, drew attention in a congressional testimony on data brokers offering sensible social and health information such as mental health diseases, cancer, AIDS, poverty, rape and addiction. European law does prohibit such sad and unethical business practices. But are European consumers safe from those exploits? Not as much as we would like:

  • US data brokers operate globally (Axiom: Global consumer data broker plans to reveal your data). Non-EU based companies may try to evade EU law. (Europe vs. Facebook)
  • Data may be stolen from US data brokers (SSNDOB)
  • The U.S.-EU Safe Harbor agreement is remarkably ineffective (fact of fiction?
  • Even if the US lawmakers would strengthen citizen rights with respect to their data, data brokers could apply lessons learned in tax avoidance and evasion, and move to data havens, which could be used to collect illegal private data and inject it into businesses after it has been through some data laundry. E.g. a health insurance company could outsource certain IT-services to a country where it is lawful to collect information about genetic diseases, and profile customers accordingly. 

​The essence of data protection is that only data that is not collected does not pose a risk. At the same time personal data is needed to make Internet services useful. Data minimization, consent & co are not sufficient to protect consumers. Further steps to work with pseudonymized data are required to move the balance back to data subjects. A few examples:

  • eBay buyers and sellers do not need to disclose their email addresses, but have pseudonymous member@ebay addresses. The proliferation of use-case specific mail addresses can help killing this identifying attribute.
  • Pseudonymous payment: virtual credit cards and prepaid cards are available, but have not succeeded yet. They can be payment instruments that blind the bank with respect to the business relationship between customer and vendor, but limit the abuse for money laundring.
  • Health records for VIPs contain pseudonymous names and core attributes. The clear name is only known to very few, limiting the risk of wrong people peeking into the case. There should be an opt-in for everybody to this practice.

Privacy by design principles need to be applied to networked application on a large scale to protect consumer rights and democratic power balance. It will be a similar big endeavour as the Energiewende, and is just starting very slowly.