Why You Should Care About the MyLife.com Settlement
Consumers need a regulated marketplace for personal information.
For those of you who have been loyal recipients of this newsletter, you know it has gone through various permutations over the past year. Now that I am a full-time “creative” dad though, I have taken a step back for perspective.
Instead of discussing the topic du jour in politics, PolisPandit will target key issues that intersect with money, power, and technology. We will still run a separate publication for broader topics, but this newsletter will primarily focus on those key issues.
How humanity constructs its technology future, from social media and cryptocurrency to the Metaverse, will determine how (and whether) society continues to function.
For our maiden newsletter, we will focus on the recent MyLife.com settlement with the U.S. Department of Justice. And if you are not currently a subscriber, please sign up at the link below. We’re excited to have you join the conversation.
If you care about your personal information online, you should care about the recent MyLife.com settlement with the U.S. Department of Justice. While MyLife.com broke the law through various false statements and misrepresentations to consumers about their data, what they otherwise did was legal in almost every U.S. state. Unlike the protections under GDPR in Europe, the United States takes a patchwork approach to consumer data privacy. With no comprehensive federal law, most states have no restrictions on how companies can use and sell your personal information.
They profit at your expense. Oftentimes without you even knowing. Even states with some protections - there are only three of them (CA, VA, and CO) - consumers generally need to understand their rights to act on them. Unfortunately, most people don’t have a clue. And why would they?
MyLife.Com Was Shady, But Generally Operated Like Its Competitors
Not many companies that buy, sell, or use your personal information operated quite like MyLife.com. They were particularly shady when it came to notifying people of potential arrest or criminal records, which were oftentimes untrue. These notifications enticed people to pay a trial rate of a few dollars to unlock whatever background records MyLife.com had.
As one person noted, the only way he could cancel is if he called in. Apparently MyLife.com told him he might also be a sex offender with bankruptcies, liens, and eviction reports. Who wouldn’t sign up for a trial membership to confirm? Especially given the fact MyLife.com ranked high on Google searches and usually appeared when searching for someone.
MyLife.com and other services such as Spokeo, WhitePages, and BeenVerified, list treasure troves of personal information on people. It can include everything from a person’s age, past and current home addresses, phone numbers, email addresses, employers, education, photographs, relatives, political affiliations, and even a short biography. Consumers can request the removal of this information, but not without jumping through a few online hoops or making phone calls in the case of MyLife.com.
With its personal review section, MyLife.com takes it one step further by encouraging members to rate each other. Of course you have no direct control over your “reputation score” unless you purchase a membership, although this recent settlement may change that.
What the settlement won’t change is the buying, selling, and pervasive use of consumer personal information. Most state and local governments will continue selling your personal data to data brokers who feed your legal, criminal, financial, and other records to websites like MyLife.com for a fee. While some of this personal information is technically available via public records, the ease and immediacy of it leaves the average person feeling exposed.
The Market For Selling and Using Your Personal Information Is Basically Unregulated
As mentioned, three states have enacted “comprehensive” data privacy and protection laws, but nothing currently exists federally. California has the most restrictive requirements, although even their law arguably fails to go far enough. Californians may now have the right to know what personal information is collected on them, but if you want know whether your data is sold and to whom, you have to know your rights. It places too much onus on the consumer. We cannot expect the average person to know what to ask, when to ask it, and where to go on a company’s website.
What the California law - and two other state laws - have done is force companies to make more notifications and disclosures. Most companies in the U.S. use a one-size-fits-all approach. They do not want to determine whether a user is based in California, for example, and therefore requires additional data protections and disclosures.
Although many data brokers and companies using our personal data have been put in check to some extent, our personal information is still ripe for the picking. As one ACLU lawyer described the various state laws:
“A lot of the provisions are business-model affirming. [VCDPA - Virginia’s law] essentially allows big data-gathering companies to continue doing what they have been doing.” - Kate Ruane, senior legislative counsel, American Civil Liberties Union
Most of these state laws do not even give consumers a private right of action. What this means is that you would have limited abilities to take legal action against companies for violating your rights under the applicable state law. While Texas affords private right of actions to abortion bounty hunters, it does not care as much about your personal information floating around the internet, looking for the highest bidder.
We Need a Regulated Marketplace for Personal Information
The status quo of lax and inconsistent consumer data privacy laws must end. Given that the personal information pertains to each and every consumer, the consumer should own their own data. They generated it after all.
If we were to structure a regulated marketplace at the federal level where people could opt in and allow marketers, data brokers, and other companies to use their data for a fee, it could be a win-win for everyone. The more sensitive the data, the higher the fee. The marketplace could also define the data use and sharing rights.
This would be a consistent approach that allows consumers to own the data they generate and that — let’s be honest — belongs to them. Marketers and other third parties then have the legal protections of notification, consent, and consideration. No longer would consumer data be used, bought, and sold in an opaque marketplace invisible to the very people for whom it pertains.
If someone is not part of this regulated marketplace, companies would have to contact them to obtain their consent (for a fee). Some may complain about the costs, but the amount of money generated on consumer personal data without most people having the slightest idea is gargantuan. We’re talking billions upon billions of dollars.
Until we have a regulated marketplace or there is more action at the federal or state level, the best bet for consumers is to call their representatives. Unfortunately federal consumer data protection laws are probably a low priority in this political climate, but local and state lawmakers should hear your voices. Consumers should have the right to control their own data and monetize it as they please. They have this ability with other forms of property, and there is no compelling reason for why personal data should be any different.
Elsewhere in Technology
Disney and YouTube TV cut a deal to bring back ESPN, FX, and other channels
Bitcoin Below $40k Is A Buying Opportunity, According To Kraken CEO
Putin and Xi’s evolving disinformation playbooks pose new threats
Tech-Savvy Kids Defeat Apple’s and Others’ Parental-Control Features