Disclosure of Data Brokers
Data brokers are entities that collect personal data from various sources, then process and organize it in order to later license it to other organizations or individuals for marketing purposes, risk reduction, identity verification and other purposes.
The data that brokers collect covers different areas of users’ lives. According to Onerep, it ranges from demographic data (date of birth, ethnicity, gender, income, net worth, political and religious affiliations, etc.) to consumer behavior (app activity, purchase history, location data, interests based on online activities, etc.). ).
In terms of sources, one of the largest streams of this information is online tracking, as nearly all websites, computer software, and mobile applications collect and share behavioral data with third-party companies.
In turn, software developers themselves benefit greatly from data brokers as they provide insight into user behavior, preferences and demographic trends. Developers use this data to improve user experiences, tailor advertising and optimize their applications. For example, understanding user preferences allows developers to create personalized interfaces and recommend content that aligns with individual tastes.
While this leads to more interesting and useful applications, the practice of data brokering also leads to ethical issues.
Ethical considerations regarding data brokers
Although data brokers represent a huge multi-billion dollar industry, this industry seriously lacks transparency. Users are often unaware of exactly how their data is collected, used, shared and sold. Even if someone can identify the broker that discloses their information, these companies rarely reveal where it came from. As a result, users cannot get rid of certain apps that participate in trading their personal data.
Users also have little control over the process of collecting their data. Once users grant permissions to an app, whether it’s to access contacts or locations, any third-party code embedded in the app gets the same permissions.
Another ethical issue associated with data brokers is the possibility of data misuse. As personal data becomes a commodity, the risk of unauthorized access, data breach and misuse only increases.
It appears that this risk has proven to be real. Take the case of Kochava, a mobile app analytics company, which has been accused of collecting and selling vast amounts of geolocation data from millions of mobile devices that can be used to track individuals’ movements to and from sensitive locations. One of the ways Kochava obtains this data is believed to be through the software development packages they provide to app developers. These kits, embedded with Kochava’s coding, allegedly gather a bunch of information and send it back to Kochava without the consumer’s consent or knowledge.
Strategies for the ethical use of data
As of now, the United States does not have comprehensive federal data privacy laws governing data brokers and there are minimal regulations in individual states. Users must rely on industry-specific laws such as HIPAA or region-specific laws such as the CCPA. However, HIPAA does not apply to health apps that are not affiliated with your hospital or insurance carrier, and the CCPA only covers California residents.
However, the need for transparent data handling is only growing as users are increasingly aware of the value of their personal data and demand better control over it.
As governments around the world recognize the need for comprehensive regulations, software developers must stay informed of evolving legal frameworks and navigate ethical challenges to ensure that data use is consistent with the principles of transparency, consent and security. Striking a balance between innovation and privacy protection is key to building trust and maintaining a positive user experience.
In this regard, there are several strategies that software developers can implement to ensure transparency and responsible use of personal data.
First, developers should be transparent about their data collection practices, informing users of the types of information collected and how it will be used. This entails providing clear policies detailing how personal data is collected and used, including for what purposes and whether it is shared with third-party companies.
Next, developers should ensure that users are aware of and consent to the collection and use of their data. This also includes providing the option to opt-out of data collection and/or sharing. Implementing clear and understandable consent processes allows users to better control their data.
Another important step is for every company, no matter how big or small, to implement strong security measures and have clear guidelines for data protection. This includes rules on how consumer data is handled and protected and what measures are in place to prevent a data breach.
Namely, the existence (and enforcement) of clear data protection policies serves as a competitive advantage for any company and fosters a sense of trust between developers and their user base. As consumers prioritize the privacy of their personal information, they will choose companies that provide full transparency and accountability.