With little national fanfare, Vermont’s new data brokering law – requiring businesses which buy and sell your personal data to register and disclose to the state of Vermont that they are a data broker – went into effect a few weeks ago.
A couple of weeks back, the hacker group Rex Mundi blackmailed AmeriCash Advance, demanding that the payday lender give the group around $20,000. If AmeriCash Advance didn’t pay up, Rex Mundi would publish the thousands of loan-applicant records it stole from the payday lender. Now, a couple of weeks later, AmeriCash Advance hasn’t paid the extortion fee, so Rex Mundi did in fact publish all those loan-applicant records. This is a newsworthy story in its own right, but what really makes it important is that it reveals how utterly unsecured so much of our private information (Social Security numbers, credit card numbers, banking data, etc.) is. And our private information and other data are not just vulnerable to skilled hackers – it’s vulnerable in general because it is often so poorly protected.
At this point, most of us know that Facebook collects an enormous amount of personal information about its users. Facebook relentlessly absorbs data – unfathomable amounts of data – that it saves and then uses for various purposes, like targeted advertising. But what kind of personal information does Facebook collect? How much personal information does Facebook have about you? What, in short, does Facebook know about you?