What Congress is missing about databrokers and doxxing

Upcoming legislation won’t protect judicial and legislative leaders, even if Rand Paul gets his way.

From the recently proposed legislation from judicial safety to period tracking apps, it’s clear that legislation writers don’t get that we don’t have control over our own data.

Last week, Nicholas Roske allegedly attempted to kill Supreme Court Justice Brett Kavanaugh. While death threats and attempted murder of a Justice are no longer out of the question, pending legislation regarding judicial safety should be reviewed carefully. The proposed Daniel Anderl Judicial Security and Privacy Act of 2021 that Congress is fast-tracking, for example, leaves justices completely vulnerable, as it misses three key points:

1. The most sensitive data that databrokers sell consists not of data we absently agree to sharing when committing to terms of service agreements. The danger is in the data sold without consent or knowledge: state agencies like DMVs, county assessors, and elections boards, private and public utilities, and even credit bureaus sell our data to databrokers. That data includes home addresses, phone numbers, partner and childrens names, and makes, models and license plate numbers of vehicles.

2. The proposed law too narrowly defines databroker, so that conglomerates may skirt liability; Thomson Reuters’ CLEAR product, for example, requires users to share unnecessary information, which it sold to ICE. There’s no qualification for sharing those data with the parent company or across its many subsidiaries. Further, databrokers can simply widen their commercial activities to continue purchasing and reselling data.

3. Unlike the Driver's Privacy Protection Act of 1994, this proposed law doesn’t limit the resale of data. More concerning, the legislation merely requires government agencies to mark data as private, but doesn’t stipulate against selling unmasked data.

It’s right to expand the protections of personal information to include security for the justices’ families, and Members of Congress. However, the gap between what databrokers know they can get away with and what our legislators understand about technology means these bills wouldn't make justices, their families, and Members of Congress any safer. In fact, the false promise of security may even make them more vulnerable.

And in that widening chasm, we’re on our own. That’s why we made Brightlines.