Taylor Lorenz’s Power User - How Companies Learned Everything About Us
Episode Date: July 28, 2025I'm proud to partner with DeleteMe. Get 20% off their plans: joindeleteme.com/taylor20This is the first video in my new series on data brokers and the dark history of digital surveillance. I dig i...nto how surveillance capitalism evolved, the companies profiting from intimate details about your life, and how it all began long before the internet. I reveal the industry's origins from early government tracking systems to invisible surveillance networks fueling ultra-targeted ads. How corporations are able to build data profiles so detailed that they can predict when you’re going to get sick, where you're likely to live, and even discover you're pregnant before your own family. Let me know what you think in the comments! I worked so hard on this one 🙏Buy a subscription to my Tech and Online Culture newsletter, User Magazine to support my work!!!! 🙏 https://www.usermag.co Follow me:https://www.instagram.com/taylorlorenz https://www.instagram.com/taylorlorenz3.0 https://www.tiktok.com/@taylorlorenz
Transcript
Discussion (0)
Your future and your entire life is being actively shaped by data that you can't see and you probably never consented to share.
There's been a lot of freakouts lately about social media and oversharing.
And frankly, we should all be posting a lot less public information about ourselves online.
But even if you've never posted a single time to social media, your name, location, age, income, political views, the medications you take, your sexual orientation, your shopping habits, browser history, even the way you scroll through a web,
or walk down the street is information that can be purchased online.
And the industry that's doing all of this, creating a vast cyber surveillance network
that's tracking you 24-7 and building systems that are increasingly weaponized by the government
doesn't need your permission to harvest this data.
Your location, clicks, and keystrokes are being collected quietly and continuously,
and pretty much any website you visit or app you download is monitoring you.
Data brokers with names like Exium, CoreLogic, and LiveRamp,
compete for this data behind the scenes with essentially no public scrutiny.
no public scrutiny. The data brokering industry influences financial access, determines whether you're
seen as insurable, flags you in fraud systems, funnels tailored political messages into your feed,
and is reshaping your entire experience online and frankly of the world, whether you realize it or not.
Today, I want to talk about how all of this happened and how this sprawling multi-billion dollar
industry emerged. This is part one of a multi-part series that I'm doing on data brokers. And before
you tune out, because I know you want to tune out when you hear the phrase data,
or data brokers, please stay with me.
Because data brokers are pulling the strings on your life
in ways that you probably could never imagine.
We all know that companies are using data
to show you different ads,
but your advertising preferences aren't the only assumptions
that data brokers are forming about you.
Your data profile affects what you're shown online,
what offers you receive,
but so many other facets of your life.
A score you've never heard of might influence
whether you're approved for a loan.
An old piece of information could resurface
and be used to deny you a job.
A marketing algorithm might send you high interest credit card ads simply because of where you live.
Your future and your entire life is being actively shaped by data that you can't see and you probably
never consented to share.
So I'm going to dive into this data brokering world because as you'll see, it didn't have to be this
way.
Our leaders have prioritized corporate interests in data extraction over individual rights online for decades
and decades and decades.
To start, we need to go back to 1936 because the data brokering industry has to be able to,
actually began way before the internet itself.
The infrastructure for this modern industry
didn't come from Silicon Valley either.
It was birthed out of government agencies,
financial institutions, and private businesses
that saw a value in organizing people through information.
And by the time digital online tracking became a concern,
the systems for indexing and profiling individuals
were already deeply embedded in American life.
In 1936, the Social Security Act introduced
what would become one of the most powerful tools
for personal tracking in the United States.
the social security number.
Originally intended to administer retirement benefits,
it quickly became a universal tag
applied to every citizen
that allowed records from completely unrelated systems
to be joined together.
Banks, employers, hospitals, and schools
began to require this number
because it gave them a standardized,
government-issued identifier
that allowed them to sync personal information across systems.
Once a sign, this number follows a person for life.
This structure laid the groundwork for centralized surveillance.
It turned every American into a data point
that could be tracked through systems never designed to be connected.
It offered efficiency for institutions,
and suddenly, if you wanted to participate in modern economic or civil life,
you had to participate in this system.
By the 1960s, the credit industry began to evolve in parallel.
Agencies like Equifax, then known as the retail credit company,
pioneered the practice of collecting personal financial data
and transforming it into a numerical score.
These companies began building files on a person's job status,
marital history, neighborhood, and perceived character.
A lot of this stuff, by the way, was based on really dubious stuff like race.
The information that they used was often sourced from local retailers, employers, and public documents.
There was no easy way for individuals to see what was being written about them, by the way,
and a lot of this information I just want to say again was really subjective and really, really racist.
When these credit files were digitized and standardized, they became the template for commercial data collection.
A person's financial reputation could now be accessed in seconds.
Banks and lenders saw this as revolutionary.
It allowed faster, more confident decisions on loans and credit lines.
for consumers, it introduced a layer of invisible scrutiny.
A mistake or false report could travel with someone for years.
Appeals were also really difficult.
Most people didn't even know at this point that they were being judged by this number.
The creation of these early databases marked a shift in power.
Decisions about a person's trustworthiness, financial worth, and stability were being made
by institutions based on private data.
And these records were not neutral.
They were shaped by what the company chose to collect, how it interpreted the data, and what biases were baked into the assumptions.
behind these scoring mechanisms. And I'll say, for the third time, a lot of biases were built
into these scoring mechanisms. While government agencies and credit bureaus were building formal
systems for tracking and rating individuals, private businesses were discovering the value of categorization.
Large retailers like Sears began refining their marketing strategies by using publicly available
data, including census records, phone directories, and property listings to divide the American
public into marketable segments. Catalogs that were previously just blasted out to everyone
became mailers that were more tailored.
One neighborhood, for instance, received promotion for luxury goods,
while another got offers for tools and discount appliances.
Race, income, household size, and geography became tools for sorting customers.
These choices were all built on assumptions about entire communities.
For consumers, this shift meant that the offers and opportunities available to them
increasingly reflected the expectations that other people and corporations had about their demographic.
People were being defined by the average behavior of their zip code,
or the statistical norms of their racial or
economic group. And the feedback loop was self-reinforcing. So like if wealthier neighborhoods
received better credit card offers and exclusive promotions, they continue to accrue that advantage,
while the poorer areas were targeted with like financing schemes and products with built-in
risk. The census, which is a tool meant to support equal representation and social planning,
became raw material for corporate targeting. And it's important to note here, by the way,
that the census doesn't track individuals precise. So census data available to marketers is aggregated
and anonymized, but it was still incredibly valuable. The data,
was free and public and marketers suddenly had access to aggregate info on age, race, gender,
employment, housing, status, and more, all organized by location. This was really the beginning
of profiling as a business model because it proved you could sell more by assuming more about
consumers. And of course, the people receiving these catalogs had no idea that these decisions
were even being made. Everything changed again when all of these records became digitized and
computing entered the mainstream. In the 1950s and 1960s, IBM and other companies began selling
massive computers to government offices, banks, insurance providers, and large corporations.
The machines were designed to process an enormous amount of data quickly. They allowed
corporations to sort and analyze data in ways that had previously never been possible.
Records that used to be scattered across departments could now be centralized. Files could
be updated, copied, and shared at crazy new scale. A single machine could store millions of individual
profiles, each one linked to identifiers like names and financial history. For institutions,
the benefits were obvious. Faster processing, easier reporting, cheaper costs, better risk analysis.
But for consumers, the risks were harder to see. Once data was entered into these systems,
it became almost impossible to track its path. A record created in one office could be shared
with another. A person's file could be updated or flagged without their knowledge. Mistakes could
be replicated across systems and outdated information could go unnoticed for years. And underneath,
this technological revolution, a bigger problem was brewing. Privacy law had not even remotely
kept up with computing power. The assumption was basically that if data was collected legally,
it could be stored and used however corporation saw fit. This created a landscape where
data companies had almost no liability for misusing data. And so, insurance companies created
actuarial models based on decades of consumer data. Banks developed internal algorithms to predict
default risk. Retailers began tracking inventory and customer purchases to optimize pricing and
placement. All of this required more and more and more and more data. Pretty soon, the industry is
moving away from passive data collection and more into active surveillance. By the end of the 1970s,
the concept of personal data had become a permanent feature of American life. It was collected
routinely and stored indefinitely, and it was undeniably being used in ways that were so wildly
outside its original context. Data was becoming seen as a resource to be mined. The 1980s and
1990s marked the birth of the modern data brokering industry. It was during this time that a bunch of
big companies emerged to sell consumer data. Axiom, which was founded in 1969 under the name
Demographics Inc., grew to become one of the largest data brokers in the 1980s. The company assembled
one of the most detailed consumer databases in the country, pulling together voter records,
survey responses, product registrations, real estate transactions, like warranty cards,
literally so much they gathered. By the mid-1990s, Axiom was
claiming to maintain data on more than 200 million Americans, tracking as many as 1,500 attributes
per person. These attributes spanned nearly every aspect of a person's daily life. So their income,
credit card use, vehicle ownership, hobbies, number of children, brand preferences, and more.
Axiom developed systems that allowed corporate clients to build extremely detailed profiles on people
and target them with an uncanny level of precision. Experian, another credit reporting and data
brokering company grew by acquiring U.S. credit and marketing data firms. The company combined
financial data with consumer lifestyle information, allowing clients to create highly specific
outreach and sales strategies. Experian operated on the idea that the more pieces of data could
collect, the more predictive and accurate its tools would become. And they were actually ultimately
kind of right about that. This entire ecosystem developed out of view from the average consumer.
People had no access to the data that was shared or how they were viewed. They couldn't contest
what was collected. Yet those records were constantly shaping decisions made by banks, landlords,
retailers, and even political organizations. Relational databases, which evolved around this time,
changed how companies could use data. A relational database is a system that stores information
in organized tables, where it can basically be used to connect different pieces of data to each other.
These systems allowed information to be organized, cross-referenced, and queried in real-time.
So it became really easy to connect, like, a person's mailing address to their transaction
history or shopping habits. This let data harvesting organizations,
build more complex models that they could run even more advanced analysis on. Other new types of
software let companies centralize internal data from inventory, customer support, billing and marketing,
as more functions across corporations were getting digitized because computers were proliferating.
Soon, every little interaction, like making a purchase, submitting a form, or making a customer
service request could trigger a cascade of data collection behind the scenes. This information could
then be licensed and sold often repeatedly. The people generating the data, though, had no
awareness of any of this. The only part of the interaction that they were aware of was like the
moment of transaction or when they submitted a form or whatever. As this increasingly complex
and sprawling data collection industry was being built, laws struggled to catch up. The Fair Credit
Reporting Act of 1970 required credit reporting agencies to maintain fair and accurate consumer data,
but it only applied to a narrow set of use cases like employment, housing, credit, and insurance.
Companies like Axiom and Experian structured their services to
fall outside of these categories. As long as the information that they provided was for marketing,
analytics, or corporate use, they were basically exempt. This distinction created a massive loophole.
Firms could collect intimate details about millions of people without providing notice or offering
any mechanism for correction, all in service of corporate profit. Policymakers, meanwhile, as usual,
were completely in the dark about how far this industry had advanced in just a few years.
When they finally did start to ask even the most basic questions,
industry lobbying groups argued that data-driven marketing was actually good for consumers.
They made a lot of the same BS promises that they're still making today.
They convinced lawmakers that collecting data was this like good thing for consumers
that would allow them to serve people more relevant ads and potentially lower prices
and give them faster service.
And because lawmakers and people in Congress had such a poor understanding of technology,
they could barely comprehend how these new computerized systems even worked.
So regulation just stalled.
Lobbying groups and industry organizations like the direct marketing association,
especially resisted reforms.
They lobbied against data transparency laws and fought back against opt-out mechanisms.
And their efforts were really successful.
For most of the 1990s, data brokers operated in a complete legal vacuum.
As technology progressed, the data brokering industry capitalized on it.
The introduction of the browser cookie in 1994,
enabled persistent user tracking.
With cookies, companies could finally recognize returning users,
track their behavior over time,
and assemble detailed records about preferences and activity.
The browsing history of a user was no longer private and locked away.
It became accessible to any website that placed a tracker in the user's browser.
These trackers did not stay limited to the original website.
Advertising networks started placing third-party cookies across thousands of domains,
a user visiting a news site or a recipe blog or,
or shopping platform might unknowingly interact with the same tracker across all three.
Over time, these trackers formed a detailed behavioral profile of an individual, often tied to a
unique identifier.
For the average person, this meant that private habits like what time they read the news,
what products they used, what stuff they were browsing online, was suddenly all being
monitored in real time.
Overnight, browsing behavior had become an asset that was traded between ad networks and
data firms. In 1995, the Federal Trade Commission issued a report acknowledging that consumers were
largely unaware of these practices and had no control over their data. The report urged the
development of basic privacy principles. But instead of legislation, it led to these like fake
voluntary guidelines that basically did nothing to change the entire industry's trajectory.
As this whole digital economy surged forward, the Children's Online Privacy Protection Act,
which you might know as Kappa, passed in 1998. It was one of the few people.
pieces of legislation aimed at restricting data collection, but it only applied to users under the age of 13.
For everyone else, the internet remained largely unregulated. Websites were required to post privacy
policies, but those documents were long, vague, and pretty much ignored. The average user had no
idea what they were agreeing to, and consent was buried under pages and pages and pages of legalese.
It's still, by the way, like the same today. Opt-out mechanisms were difficult to locate or required
repeated action, and once a user agreed to data collection, even unknowingly, their information
could be retained indefinitely. Throughout all of this, the FTC was issuing these guidance and
warnings, but the agency lacked the tools and authority to create any sort of meaningful,
comprehensive protections. Europe passed the data protection directive in 1995, which required
companies to handle data with some level of transparency and accountability, so American companies
operating in Europe face stricter standards, but U.S.-based users didn't receive any
any of those same safeguards. As the data brokering industry boomed due to lack of oversight,
suddenly every company wanted to harvest as much data as possible and personalize their marketing.
We're talking catalog companies, banks, telecom providers, retail chains, like any company you can
think of. They all realized around this time that they could increase profits by customizing
their marketing campaigns through data and targeting, especially online. Data providers created
systems for sorting people into lifestyle segments, and marketers began using products like Prism,
tech platform that classifies every U.S. household into one of 68 consumer categories. This was a big
thing, by the way, when I was doing research in the 2000s, the categories all have these like really
kitschy names associated with them, like even just the term empty nesters and more. Like, these are all
marketing terms that suddenly this industry was using to segment people. And each segment was given
this detailed description of behaviors, values, and essentially what their buying patterns would
look like. So a household that had just welcomed a baby would suddenly receive offers for life
insurance, diapers, minivans. Someone moving into a new house would be targeted with credit card
applications, furniture catalogs, and lawn care promotion. The effect on the actual consumer was
subtle because you as a consumer, you didn't really know why you were receiving certain ads.
Just that like if you thought about it, they seemed strangely relevant. But behind the scenes,
this entire new industry was harvesting all of your past.
behavior and data to figure out how to influence you and influence your next decision.
And this industry was becoming massive.
In 1999, Axiom claimed its infrastructure could process more than 20 billion data records
each year.
That same year, online advertising firm DoubleClick purchased Abacus Direct, which tracked
catalog purchases across millions of households.
The goal was to merge online browsing behavior with offline buying patterns.
And this move really, I think, foreshadowed this dystopian future that we're kind of living in now,
where every person has this kind of like unified data profile built from information related
to every single part of their life and even their offline behavior.
An article announcing DoubleClick's acquisition at the time stated, quote,
the potential audience for internet targeted advertisements is enormous.
Broomfield, Colorado-based Abacus Direct currently maintains only a few million email
addresses in its 88 million household catalog cooperative database.
But DoubleClick, President Kevin Ryan, estimates that his company can reach 75,
million individuals each month. Once the databases are fully joined, marketers will be able to link an
individual's computer browser history with his home address, providing a more complete picture
of any given consumer. You can hear even in this quote how large scale behavioral targeting
was already being set in motion. The data harvesting industry was becoming one large,
massive, unstoppable snowball, despite privacy experts repeatedly sounding the alarm. And they did sound the alarm.
was opposition to all of this.
Most people didn't know what was going on,
but those people, especially the early internet pioneers
who were paying attention to the privacy aspect,
all of this, were screaming at the top of their lungs
for lawmakers to do anything.
Evan Hendricks, editor and publisher of the Privacy Times newsletter,
said at the time that the system being built
where consumers don't get any sort of opt-in
before sharing their data was harmful.
He urged double-click to provide an opt-in
rather than opt-out mechanism, which, of course, they never did.
Hendricks said, quote, gathered data can be subpoenaed by a civil litigant or the government,
health, community activism, or sexual orientation information could be used against you.
I would also be concerned with a marketer having your credit card information and asking
if you want a free trial subscription, which, absent a cancellation policy, would just be billed to your card.
When I was going back and doing this research, it was so crazy how prescient privacy experts like Hendricks were
because literally everything that they warned about and that they were screaming about did
ultimately happen. The commercialization of the internet supercharged the pace and scale of data
collection. Companies realized that every online interaction left behind a trace that could be captured
and monetized. As websites like Amazon, eBay, and Yahoo grew throughout the late 90s and early
2000s, the internet became a marketplace for buying everything you could think of, household goods,
books, clothes, and more. Pretty much every company with websites started storing and analyzing
consumer data to better recommend products. This video is brought to you by Delete Me.
As a high-profile journalist dealing with stalking, death threats, harassment, and more,
I know how crucial it is to protect your privacy online.
Unfortunately, no matter how careful you are, data brokers will collect and sell your personal information
to anyone willing to pay for it.
This includes your name, address, phone number, and more.
When someone buys your data through a broker, they don't just see you.
They see your spouse, your parents, your loved ones, anyone you're connected to.
Removing this information off the internet helps keep you safe from things like identity theft and stalking.
But how do you remove your information from the web when there are thousands of data brokers?
Delete Me is a subscription service that will automatically remove your personal information being sold online.
It's been an absolute game changer for me as somebody that values privacy.
Delete Me scours the internet for your information and handles takedown requests.
They provide regular privacy reports so you can see how much data they found on you, where it was found, and where it was removed.
You can even make custom removal requests.
Their family plans are especially crucial because when you're targeted, your loved ones usually
are too. Get 20% off DeleteMe Consumer plans when you go to join deleteme.com slash Taylor 20 and use
promo code Taylor 20 at checkout. That's join delete me.com slash Taylor 20 and use code Taylor 20 at
checkout. Don't wait until it's too late to safeguard your privacy. Make sure your data and your
families stays protected. In 2000, Google launched AdWords, a product that allowed advertisers
to bid on search terms. This innovation gave advertisers a new way to reach consumers with immediate
intent. If somebody searched the word car insurance, for instance, they could be shown
tailored ads for quotes and providers. Google tracked exactly which ads were being clicked,
how long users stayed on landing pages, and whether they ever returned to search for that
topic again. Google quickly became the most powerful data collector on the web. Every search
entered into its engine revealed something about a person's interests or needs. Over time,
Google connected user behavior across Gmail, YouTube, Google Maps, and built profiles based
on location, activity, devices used like anything you can think of.
And in 2007, Google acquired that company we were just talking about, double-click.
The company that specialized in placing and tracking display ads across the internet.
This acquisition gave Google access to an enormous amount of cross-site behavioral data.
It could now track not only what users searched, but what websites they visited and products they viewed on those websites.
This transformation changed the internet's financial model.
Companies began optimizing their websites for ad conversion.
Another big shift in the 2000s was the rise of social networks.
As data harvesting companies were building up these consumer profiles behind the scenes,
cataloging demographic info, interests, et cetera, et cetera.
Social media companies soon had consumers doing all of the work for them.
Friendster, MySpace, and soon after, Facebook encouraged users to build out these robust digital identities,
where they get people to provide their name, photos, hyper-specific interests, log their IRL connections.
As a millennial, I'm just thinking about the amount of data that I put into my Facebook profile back in the 2000s.
when I got to college. And with the rise of social networking, this data that the data harvesting
industry was paying top dollar for was suddenly being made totally public. People were voluntarily
listing out everything that they liked to do. This was like Brand's wet dream because suddenly all
of these young people who are some of the most like desired demographics in terms of marketing
were openly posting about the brands that they shopped at, music that they listened to and all of
this other really important data and information for marketers that would have previously been
kept private. And marketers at this time seemed to just be going crazy. They could hardly believe
that this was happening. They were so excited. They were like, wait, this website is getting young people
to openly document their relationship status, political views to list their birthday, put their
hobbies out there, upload photos, and then tag those people in photos because we didn't have
facial recognition yet. It was such a massive sea change. And Facebook tracked user behavior both
on and off their platform. They started to embed their like buttons and Facebook pixel trackers
on external websites.
And soon they were also monitoring users
across the entire internet.
But the volume and detail of data posted
to social media platforms far exceeded anything
that most people ever would reveal
to a single institution.
And this new tsunami of information
allowed advertisers to reach consumers based on their identity
instead of just their logged behavior.
So like what that means is that a brand could suddenly target
ads to women age 25 to 34 in the Chicago area
who were engaged,
who like yoga and who shop at Whole Foods.
And users, of course, didn't consider any of this.
They thought that they're, oh, we're just sharing all this information with friends.
And you sure, I'll like Whole Foods on Facebook and, you know, log my activity in all of these ways.
But to marketers, they were like, yes, we want to use this.
We want even more data.
By the early 2010s, search engines, email providers, online retailers, streaming platforms, news sites,
and social networks, of course, were all gathering nonstop data from users almost 24-7.
People had no idea how much of their lives had suddenly.
become visible to companies just in a matter of years.
They didn't even know what data was collected,
how long that data would be stored,
who had access to it, or what it was being used to decide.
From the perspective of a user,
the internet seemed like this, like,
amazing new place full of freedom and discovery,
and it felt so exciting to share your entire life with the world
and post what you had for lunch.
But behind the scenes, the data brokering industry
was building this industrial-scale surveillance system.
And that's what I want you guys to think about,
because I feel like it was just,
just this iceberg that was emerging that nobody saw coming.
Some privacy experts and journalists did try to sound the alarm.
But what really started to kind of make consumers even aware of this stuff
was when people started to notice that ads started to feel a little uncanny.
You started to see this conversation in the early 2010s.
People were like, hey, I'm getting ads that I think reflect private conversations or obscure interests.
Like how would the Facebook mobile app know this about me?
And this led to all these conspiracy theories about the apps.
somehow listening to private conversations through your phone.
It wasn't, by the way, back then.
I just want to debunk that.
It was not doing that.
But people were just so unaware of how precise the data brokering
and targeted advertising industry could be
and how well they could know you.
A pivotal article from this era was this 2012 piece by Charles Duhigg
titled How Companies Learn Your Secrets.
This article is just such a phenomenal picture
of what the data brokering industry looked like in the early 2010s.
In the story, Dohig reports on the case of a father
who stormed into a Minneapolis Target shouting at the manager there because his daughter,
who I guess lived with him, had begun receiving coupons for cribs and baby clothes in the mail.
And he was so livid that the store would be sending this stuff to a young girl.
It turned out Target knew his daughter better than he did.
She actually was pregnant.
He just didn't know it at the time.
And the company's robust data harvesting system was able to predict her pregnancy better than
her own father could.
What was so insidious, though, is that DeUHigg reports that the lesson data brokers took from this target incident and others like it.
Wasn't that they should collect less data or give consumers a little bit more privacy, especially over these intimate milestones in their life.
The problem was that consumers were just getting spooked by realizing how well companies knew them.
One target executive told Doohig, quote, we have the capacity to send every customer an ad booklet specifically designed for them.
says, here's everything you bought last week and a coupon for it. We do that for grocery products
all the time. But Do Higg notes for pregnant women, Target's goal was selling them baby items
that they didn't know they needed yet. The executive said, quote, with pregnancy products,
we learned that some women react badly. So we started mixing in all these ads for things that we knew
pregnant women would never buy. So the baby ads looked random. We'd put an ad for a lawnmower
next to diapers. We'd put a coupon for wine glasses next to infant clothes. That way, it looked like
all the products were chosen by chance. And we found out that as long as the pregnant woman
thinks that she hasn't been spied on, she'll use the coupons. She just assumes that everyone on her
block got the same mailer for diapers and cribs. As long as we don't spook her, it works. And so the
data harvesting industry barreled ahead. The surveillance infrastructure grew throughout the 2010s and the shift
from offline anonymous browsing in stores to the persistent tracking of every single thing that you do and say online, led these massive tech companies to collect more and more and more data.
When COVID hit in 2020, the entire world was pushed online in a way that it hadn't ever been before.
The event was like pouring an entire vat of gasoline onto the fire of the data brokering industry.
The systems that were built over previous decades had finally reached maturity right at the moment when the entire world was forced online.
Suddenly, everyone was doing shopping, telehealth, working, and socializing completely online.
It was a complete bonanza for data brokers.
Giant data harvesters like Axiom, which now goes by LiveRamp, Experian, and CoreLogic, ramped-up collection of personal data.
The industry was suddenly tying things like health-related searches and telehealth usage to remote work patterns
and tracking video call frequency or work-from-home location patterns.
Users were suddenly producing a tsunami of raw data to feed into sprawling data.
databases. When Biden took office and forced everyone back to work without any sort of COVID protections,
mind you, data brokers leaned into real-time location data. In December 2024, the FTC find data
broker's mobile walla and gravy analytics for selling highly detailed geolocation data that revealed
people's visits to hospitals, places of worship, abortion clinics, and even domestic violence
shelters. Mobile Walla alone had aggregated over 500 million unique device IDs,
tied to precise location histories.
The FTC alleged that the companies had used this data
to infer people's health information and religious beliefs
with zero consent as usual.
The FTC said in a statement, quote,
this data can be used to identify and target consumers based on their religion.
The location data collected by the two companies
makes it possible to, quote,
identify where individual consumers lived, worked, and worship,
thus suggesting the mobile device users' religion and routine
and identifying the users' friends and families.
But the sporadic penalties imposed on a few companies have done nothing to slow the spread of this multi-billion dollar industry.
The data brokering market is worth over $300 billion, and it's projected to grow by another $40 billion this year alone.
By the end of the decade, it could well cross half a trillion dollars.
Data brokers reach now stretches into finance, insurance, health care, employment, government surveillance, and law enforcement.
All of this is a far cry from the passive catalog targeting.
of decades past. Companies like LiveRamp have built highly detailed profiles on roughly 2.5 billion
people worldwide. They track thousands of attributes per individual. They know your household income,
details about your pets, your medical history, spiritual affiliation, and even your walking
patterns. This data is then used to determine access to loans, housing. It affects where you
get a job, insurance quotes that you receive, and more. Recently, a wired investigation found
that Google's ad tech platform DV360 allowed highly sensitive targeting that enabled marketers
to target people with serious chronic health illnesses and crushing debt, as well as the makers
of classified defense technology.
This sort of thing could have serious national security implications.
Justin Sherman, CEO of Global Cyber Strategies, told Wired, quote, this is exactly the kind
of seemingly obscure data that would peak a foreign adversary's interest.
It's not necessarily held in every data set, but it speaks to a medical condition.
It speaks to use of a powerful drug.
It speaks to something that could potentially be exploited in the intelligence context.
As Wired reported, quote, many of the conditions, behaviors, and traits reflected in data,
such as likelihood of financial debt, propensity for high alcohol use, and certain medical conditions,
are criteria that can adversely affect a federal employee's eligibility to access classified information,
illustrating the potential of its use for blackmail purposes.
Basically, a foreign adversary could get access to this type of commercially available
data and blackmail someone in the intelligence community, like a military official saying,
hey, I have all this data that shows you're actually an alcoholic or you're actually doing this and
that, or you're actually, you know, probably about to default on your debt. You can see just like
all the ways that data can be weaponized against you by our own government and other bad actors
and corporations, but also foreign adversaries. Data brokers are now moving even more heavily into
what's called micro-targeting, gathering extremely niche and detailed data. And it's easy for them to do
this as the internet becomes more embedded in every area of our life. And what's really terrifying,
too, is how aggressively the data brokering industry and its clients are embracing AI. Even many
public AI systems are trained on massive data sets, many of which include personal information
gathered by brokers and scraped from public websites. This includes social media posts,
forum comments, product reviews, basically anything that can be harvested in digital form.
Companies like Clearview AI have built databases using billions of facial images.
pulled from publicly accessible websites without permission.
Developers feed AI models raw material to teach them how to recognize patterns or identify people.
This training data often contains private details that were never meant to be stored in a permanent model.
People's names, likenesses, personal information.
It can all just be harvested so easily and used, again, without your consent.
Data brokers and tech companies are also investing heavily in harvesting new forms of personal data.
This includes biometric information like facial structure, voice patterns, fingerprints, iris scans, movement signatures.
Retailers use cameras and sensors to track how people navigate the store.
I recently went to Whole Foods and it was like asking if I wanted to pay with my palm.
Mobile apps also collect voice data through microphone access.
Cars can record driving habits and even in vehicle behavior.
Biometric data is so difficult and impossible to change.
Once it's collected, it can be used to confirm identity across multiple systems.
It can also be used to infer mood, health status, and potential future behavior.
A compromised fingerprint or facial template cannot be just reset in any one system.
Misidentification through facial recognition could lead to wrongful arrest, denial of services.
There's just so many ways that it could lead to targeted surveillance.
Even physical posture or your gate and the way you're walking or behaving can now trigger flags
in security systems.
Meanwhile, mergers between these giant ad tech firms and data brokers have created these
highly integrated data and surveillance marketing systems.
Companies like LiveRamp, Oracle, and others now control vast pipelines of consumer data.
This means that fewer firms are needed to identify a person or follow them across devices
and market them based on behavior.
This consolidation in the industry also reduces transparency.
A single platform can now observe activity across apps, websites, smart TVs, and the offline
world.
Most consumers do not fully understand what is being collected, how it's being used, or who
buys it. And they don't have any meaningful ability to choose privacy without making major
tradeoffs to their lives. The next episode of my data broker series will talk about all of this.
We're going to dig into all of the places and ways that data brokers collect data and the
absolutely insane ways that your data can be used against you. I'll also be talking to top privacy
experts on YouTube about how you can fight back and protect yourself from this new global surveillance
industrial complex. Thanks again to Delete me for sponsoring this video. To get your data removed
from the internet, check out join deleteme.com and use code Taylor 20 at checkout for 20% off.
Thanks for watching and don't forget to subscribe to my tech and online culture newsletter,
usermag.co. That's usermag.com where I write about all of this stuff and more. Thanks for watching
and see you next time.