Pluralistic: At long last, a meaningful step to protect Americans' privacy (16 August 2023)

Today's links

A modified version of 'World's Highest Standard of Living,' Margaret Bourke-White's classic 1937 Life Magazine photograph, which originally depicted a breadline of downtrodden Black people in a Depression breadline standing in front of a billboard depicting a cheerful white family in a luxury sedan, captioned 'World's highest standard of living: there's no way like the American Way.' The image has been modified; the faces of the white family have been replaced with the glaring red eye of HAL 9000 from Stanley Kubrick's '2001: A Space Odyssey'; the people in the breadline have been made partially transparent, with a 'Code Rain' effect from the credit sequences of the Wachowskis' 'Matrix' movies shining through their bodies. The background has been inverted.

At long last, a meaningful step to protect Americans' privacy (permalink)

Privacy raises some thorny, subtle and complex issues. It also raises some stupid-simple ones. The American surveillance industry's shell-game is founded on the deliberate confusion of the two, so that the most modest and sensible actions are posed as reductive, simplistic and unworkable.

Two pillars of the American surveillance industry are credit reporting bureaux and data brokers. Both are unbelievably sleazy, reckless and dangerous, and neither faces any real accountability, let alone regulation.

Remember Equifax, the company that doxed every adult in America and was given a mere wrist-slap, and now continues to assemble nonconsensual dossiers on every one of us, without any material oversight improvements?

Equifax's competitors are no better. Experian doxed the nation again, in 2021:

It's hard to overstate how fucking scummy the credit reporting world is. Equifax invented the business in 1899, when, as the Retail Credit Company, it used private spies to track queers, political dissidents and "race mixers" so that banks and merchants could discriminate against them:

As awful as credit reporting is, the data broker industry makes it look like a paragon of virtue. If you want to target an ad to "Rural and Barely Making It" consumers, the brokers have you covered:

More than 650,000 of these categories exist, allowing advertisers to target substance abusers, depressed teens, and people on the brink of bankruptcy:

These companies follow you everywhere, including to abortion clinics, and sell the data to just about anyone:

There are zillions of these data brokers, operating in an unregulated wild west industry. Many of them have been rolled up into tech giants (Oracle owns more than 80 brokers), while others merely do business with ad-tech giants like Google and Meta, who are some of their best customers.

As bad as these two sectors are, they're even worse in combination – the harms data brokers (sloppy, invasive) inflict on us when they supply credit bureaux (consequential, secretive, intransigent) are far worse than the sum of the harms of each.

And now for some good news. The Consumer Finance Protection Bureau, under the leadership of Rohit Chopra, has declared war on this alliance:

They've proposed new rules limiting the trade between brokers and bureaux, under the Fair Credit Reporting Act, putting strict restrictions on the transfer of information between the two:

As Karl Bode writes for Techdirt, this is long overdue and meaningful. Remember all the handwringing and chest-thumping about Tiktok stealing Americans' data to the Chinese military? China doesn't need Tiktok to get that data – it can buy it from data-brokers. For peanuts.

The CFPB action is part of a muscular style of governance that is characteristic of the best Biden appointees, who are some of the most principled and competent in living memory. These regulators have scoured the legislation that gives them the power to act on behalf of the American people and discovered an arsenal of action they can take:

Alas, not all the Biden appointees have the will or the skill to pull this trick off. The corporate Dems' darlings are mired in #LearnedHelplessness, convinced that they can't – or shouldn't – use their prodigious powers to step in to curb corporate power:

And it's true that privacy regulation faces stiff headwinds. Surveillance is a public-private partnership from hell. Cops and spies love to raid the surveillance industries' dossiers, treating them as an off-the-books, warrantless source of unconstitutional personal data on their targets:

These powerful state actors reliably intervene to hamstring attempts at privacy law, defending the massive profits raked in by data brokers and credit bureaux. These profits, meanwhile, can be mobilized as lobbying dollars that work lawmakers and regulators from the private sector side. Caught in the squeeze between powerful government actors (the true "Deep State") and a cartel of filthy rich private spies, lawmakers and regulators are frozen in place.

Or, at least, they were. The CFPB's discovery that it had the power all along to curb commercial surveillance follows on from the FTC's similar realization last summer:

I don't want to pretend that all privacy questions can be resolved with simple, bright-line rules. It's not clear who "owns" many classes of private data – does your mother own the fact that she gave birth to you, or do you? What if you disagree about such a disclosure – say, if you want to identify your mother as an abusive parent and she objects?

But there are so many stupid-simple privacy questions. Credit bureaux and data-brokers don't inhabit any kind of grey area. They simply should not exist. Getting rid of them is a project of years, but it starts with hacking away at their sources of profits, stripping them of defenses so we can finally annihilate them.

(Image: Cryteria, CC BY 3.0, modified)

Hey look at this (permalink)

A Wayback Machine banner.

This day in history (permalink)

#20yrsago Trademark-holders don’t have to be bullies

#15yrsago Stop Writing Young Adult Science Fiction

#15yrsago Young Adult Books Will Save Science Fiction

#15yrsago RIAA has to pay $107,951 for court costs in failed suit against disabled single mom

#15yrsago Scamorama: book explains how to get into scambaiting as a hobby

#10yrsago NSA leaks trigger steep rise in ad/third-party-cookie blocking

#10yrsago On slagging off other writers’ books

#10yrsago Decoding NSA doublespeak

#10yrsago Dear airline execs: crowing about new fees and price hikes before your merger makes the DoJ mad

#10yrsago Copyright troll’s lawyer wants record sealed so we won’t make fun of him

#10yrsago Horse Association must accept clones on registry
#10yrsago Which Congresscritters want to sell out the America’s laws to offshore copyright giants?

#10yrsago Lavabit’s owner threatened with arrest for shutting down rather than spying on customers

#10yrsago Little Brother inspired Google to encrypt its users’ traffic

#10yrsago Dutch ebook sellers promise to spy on everyone’s reading habits, share them with “anti-piracy” group

#10yrsago WalMart’s trove of decade-old, massive, low-capacity hard-drives

#10yrsago Why terrorist bosses are micro-managing dicks

#10yrsago Audio memoir of original Disney Imagineer, with free sex-and-drugs excerpt!

#5yrsago 1,000 Googlers sign petition opposing Google’s plan to launch a censored Chinese search engine

#5yrsago Chicago police data reveals how dirty cops spread corruption like a disease

#5yrsago Billionaire making a bid for Democratic Florida Governor nomination invested millions in Puerto Rican debt

#5yrsago Excellent advice for new law students

#5yrsago Award-winning security research reveals a host of never-seen, currently unblockable web-tracking techniques

#5yrsago How a civic hacker used open data to halve tickets at Chicago’s most confusing parking spot

#5yrsago Truthful security disclosures should always be legal. Period.

#5yrsago Talking surveillance, elections, monopolies, and Facebook on the Bots and Ballots podcast

#5yrsago Insecure medical equipment protocols let attackers spoof diagnostic information

#5yrsago Majority of young Americans distrust capitalism, embrace socialism

#5yrsago New Zealand bans most offshore residential real-estate ownership

#1yrago This weekend, I watched a hacker jailbreak a John Deere tractor live on stage

#1yrago How Democrats could win more elections: Do stuff. Make it timely. Tell people about it.

Colophon (permalink)

Today's top sources:

Currently writing:

  • A Little Brother short story about DIY insulin PLANNING

  • Picks and Shovels, a Martin Hench noir thriller about the heroic era of the PC. FORTHCOMING TOR BOOKS JAN 2025

  • The Bezzle, a Martin Hench noir thriller novel about the prison-tech industry. FORTHCOMING TOR BOOKS FEB 2024

  • Vigilant, Little Brother short story about remote invigilation. FORTHCOMING ON TOR.COM

  • Moral Hazard, a short story for MIT Tech Review's 12 Tomorrows. FIRST DRAFT COMPLETE, ACCEPTED FOR PUBLICATION

  • Spill, a Little Brother short story about pipeline protests. FORTHCOMING ON TOR.COM

Latest podcast: The Internet Con: How to Seize the Means of Computation (audiobook outtake)

Upcoming appearances:

Recent appearances:

Latest books:

Upcoming books:

  • The Internet Con: A nonfiction book about interoperability and Big Tech, Verso, September 2023

  • The Lost Cause: a post-Green New Deal eco-topian novel about truth and reconciliation with white nationalist militias, Tor Books, November 2023

This work – excluding any serialized fiction – is licensed under a Creative Commons Attribution 4.0 license. That means you can use it any way you like, including commercially, provided that you attribute it to me, Cory Doctorow, and include a link to

Quotations and images are not included in this license; they are included either under a limitation or exception to copyright, or on the basis of a separate license. Please exercise caution.

How to get Pluralistic:

Blog (no ads, tracking, or data-collection):

Newsletter (no ads, tracking, or data-collection):

Mastodon (no ads, tracking, or data-collection):

Medium (no ads, paywalled):

(Latest Medium column: "Enshitternet: The old, good internet deserves a new, good internet"

Twitter (mass-scale, unrestricted, third-party surveillance and advertising):

Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):

"When life gives you SARS, you make sarsaparilla" -Joey "Accordion Guy" DeVilla