Francis Walter, a veteran from Virginia, blamed data brokers when the Department of Veterans Affairs and the Social Security Administration could not verify his identity. Dale Craft, an Army servicemember from Ohio, suspects data brokers are the reason more spam calls, spam emails and junk mail are targeting him.
Both are among the millions of military servicemembers and veterans who could be targeted, not just by scammers but also foreign governments, unless the government does everything possible to crack down on unaccountable data brokers who collect and sell extremely detailed personal information on all Americans.
Both Walter and Craft wrote complaints to the Consumer Financial Protection Bureau as part of public comment for a proposed rule that would require these largely unregulated data brokers to comply with the Fair Credit Reporting Act. Under the new rule, they would finally be forced to handle personal information responsibly.
With data breaches constantly in the headlines and a persistent stream of identity theft warnings in our inboxes, it can be tempting to tune out privacy issues these days. But it cannot be stressed enough how much information data brokers collect and how alarmingly specific that information can be.
Data brokers routinely collect and sell not only our names, addresses and Social Security numbers but also information on our income, our religion, what apps we’ve signed up for, what websites we visit, our body mass index, our prescriptions and medical conditions, who our spouses and children are and even what pets we have.
Servicemembers at substantial risk
Bad actors wielding this information could threaten any American, but servicemembers like Walter and Craft have reason to be especially concerned.
A 2023 study funded by the U.S. Military Academy at West Point found that not only is it shockingly easy for data brokers to collect private information about servicemembers and their families, these companies are also hoovering up this data through questionable, inconsistent means and selling it to foreign buyers. The study warns that the $214 billion data broker industry “could be exploited by hostile actors to target military servicemembers and veterans.”
With detailed, private information about one’s habits, health and family, a hostile, foreign entity could easily target servicemembers and their families with blackmail, profiling, scams and worse. As the study warns, “our ability to purchase sensitive, individually identified, non-public information about military personnel with almost no vetting, including from a .asia domain, for as low as $0.12 per record, underscores the substantial risk.”
However, threats to servicemembers don’t have to rise to the level of a national security risk to be a serious problem. Data brokers selling mishandled personal information also intrude on a servicemember’s everyday life. Walter, who suspects that a data broker confused him for his father of the same name, is worried that because his identification cannot be verified by the government, he won’t be able to get a job.
“I am concerned that I may not be able to obtain a job with the U.S. government, specifically at the Department of Energy, because they use the eVerify program to authenticate your identity,” he wrote in the comment to the CFPB. “Given my previous experience with similar methods, I am concerned that, in spite of over 20 years of service to my country, I will be unable to find work in another government department.”
Craft suspects that data brokers obtained and sold his email address and home address, subjecting him to a barrage of predatory spam emails, calls and junk mail.
“Data brokers greatly threaten my privacy and anonymity by either freely publishing my information online, or selling it,” he said in his own public comment to the CFPB. “I have little to no control over who knows where I live, what my contact information is, etc.”
Upcoming rule to crack down on data brokers
Of course, servicemembers aren’t the only victims of data brokers who complained to the CFPB. The agency received more than 7,000 submissions during a public comment period for the proposed rule. One person reported receiving 60 spam calls in 24 hours after applying for a mortgage loan. Another complained that their social media accounts were hacked after their personal information was shared. Others complained about identity theft. Many expressed frustration and helplessness while trying in vain to fix the situation.
For too long, data brokers have carelessly harvested and sold our private information. The threat to members of the military and their families, as well as to all Americans, is immediate, dire and widespread.
This is an all-hands-on-deck emergency. That means the CFPB, which is empowered by the Fair Credit Reporting Act to regulate entities that handle consumer information, must go as far as possible with a forthcoming rule to crack down on negligent, unaccountable data brokers. That also means other agencies with the power to help, like the Federal Trade Commission, must do everything they can. National security and the safety and peace of mind of all Americans are at stake.
And if you have a complaint about data brokers, you can let the CFPB know at their website.
