Technology

Lawmakers press companies that collect U.S. consumer data to reveal how they buy and sell it

Representative Cathy McMorris Rodgers (R-WA), chair of the House Energy and Commerce Committee speaks during the hearing with TikTok CEO Shou Zi Chew before the House Energy and Commerce Committee in the Rayburn House Office Building on Capitol Hill on March 23, 2023 in Washington, DC.
Chip Somodevilla | Getty Images

A bipartisan group of lawmakers is pressing more than 20 data broker companies, including Equifax, Oracle and Whitepages, to reveal the types of information they collect on U.S. consumers and how they distribute it, according to letters shared exclusively with CNBC.

In the letters, 10 lawmakers asked the companies for detailed responses on the types of sensitive information they gather, such as health, location and phone data, including apps consumers download to their devices. The companies were also asked what information they collect on minors.

The push comes as the House Energy and Commerce Committee continues its review of data brokers, a key portion of the tech industry that collects and sells heaps of Americans’ digital information.

The letters ask whether the brokers consider any type of data to be off limits for them to buy or sell, what restrictions they put on data they share with third parties and how they verify the accuracy of the data they collect and distribute. Additional questions span from seeking to understand how much money the businesses make from selling data to how many sources they use to get that information.

Last month, the subcommittee on oversight and investigations held a hearing with expert witnesses to examine “the role of data brokers in the digital economy.” The letters indicate the committee remains focused on this slice of the tech industry as it looks to pass comprehensive privacy legislation. It also shows that Congress is focused on a broader swath of companies than just the massive players like Google and Facebook that attract so much scrutiny.

The lawmakers point to a recent proposed settlement between the Federal Trade Commission and online mental health service provider BetterHelp, after the agency alleged the company shared sensitive customer data with third-party websites for advertising.

“American privacy concerns in the data broker industry are not new, and existing laws do not sufficiently protect Americans’ data from misuse,” the letter said, adding that an FTC report in 2014 left wiggle room. In that report, the regulator recommended that Congress force brokers to give consumers greater control over their data, but the “data brokers can easily circumvent existing rules and laws,” the letter said.

Lawmakers who signed the letter include Committee Chair Cathy McMorris, R-Wash., and ranking member Frank Pallone, D-N.J., as well as several subcommittee chairs and ranking members: Reps. Morgan Griffith, R-Va., Kathy Castor, D-Fla., Brett Guthrie, R-Ky., Anna Eshoo, D-Calif., Bob Latta, R-Ohio, Doris Matsui, D-Calif., Gus Bilirakis, R-Fla., and Jan Schakowsky, D-Ill.

Here’s the full list of data brokers who received the letter::

  • Acxiom
  • AtData
  • Babel Street 
  • CoreLogic Solutions
  • Epsilon Data Management
  • Equifax 
  • Experian 
  • Gravy Analytics
  • Intelius
  • Kochava
  • LiveRamp
  • Mylife 
  • Oracle America
  • PeopleConnect
  • Placer.ai 
  • RELX
  • Safegraph
  • Spokeo 
  • Thomson Reuters 
  • TransUnion 
  • Verisk Analytics 
  • Whitepages

Subscribe to CNBC on YouTube.

WATCH: Facebook battles Apple over user privacy features in iOS update