I've stopped giving my information to entities that don't need it.<p>I use fake account information where it is legally permissible and the system is requiring some input to proceed.<p>When I get asked for my phone number, zip code, email address's etc... At checkout in stores, I give a polite "no thank you". Which usually results in a huff and/or an eye roll from the cashier, as if I'm expected to give this info for the privilege of shopping there.<p>If the information sources dry up or are of sufficiently low quality, the market value is significantly reduced, as would be the incentive to collect and store such information.
I am aware of one EU entity that sits on a mountain of such data (and much worse, in fact) with very little in terms of security.<p>I'm simply waiting for the day when there will be a hack like this on the European continent, it's scary what sits in lightly protected databases, especially if you consider the probable sources of data like this and that - at least in Europe - it would be illegal to create such a DB without the consent of those whose information is stored in them.<p>We've lost control is the perfect way to describe things.
Recognizing that my comment here is unrelated to the central question around whether companies should have this data, the irony for NetPropex (and the hundreds of other companies in the same business) of this kind of data availability is that it results in a lot of cold emails and phone calls that largely go ignored. Thus, as the data has become more widespread, it has become less valuable. Buying a list of people to contact, in my experience, is like throwing money in the trash.
Awesome advertisement for netprospex, a lot of people would pay a lot of money for that data. I'm sure their phones are ringing off the hook this week. I'm sure this is unintended, but that's the reality as I see it.
I got a warning this morning from HaveIBeenPwnd and this article was in the breach email. Considering the current US political environment and the recent article by Tim Berners Lee, this spam list is extra scary.
I believe our current paradigm for how data is stored is fundamentally broken. The author is right that when you choose to use a service you have no real control over how they use your data. Frankly, companies aren't even accountable to uphold their own privacy policies since no one actively monitors them (except perhaps in the context of HIPAA, PCI, etc.)<p>What I'd love to see is a marketplace of "personal data banks" that would work like this:<p>- The bank maintains an isolated database of every major database vendor. The databases are isolated to a single consumer.<p>- The bank exposes API endpoints of every major database to companies like Facebook or new SaaS startups. Those companies now agree -- when requested -- to write your data not to their private database but to the bank's database that is private to you.<p>- You, the consumer, pay the bank a modest monthly fee to control who can access that data, and even optionally cut off access to the original "generator" of data.<p>I guess this still suffers from the need to trust that Facebook is abiding by your request that all data be written to the bank, and network latency becomes a real issue. So maybe it's not the right business model, but it's an important problem to solve.
From a writing point of view, I found it an interesting choice to simply use "author" instead of "Tim Berners-Lee" when attributing the quote in the opening paragraph. Surely dropping TBL by name would give more immediate credibility and encourage the reader to continue.
I think I've finally found the source of my constant influx of spam. It won't fix the downstream sources like resellers but at least I can ask Netprospex to remove me. But since they aren't the ones directly spamming me do they have to comply?
I too firmly believe that Privacy should score higher than business interest. If you do not wish to share such information, a polite "NO, Thanks" is much better.
I wrote on this same topic a few years ago, might interest some:<p><a href="http://magarshak.com/blog/?p=169" rel="nofollow">http://magarshak.com/blog/?p=169</a>
I fail to see the difference between PII for expensive purchase (NetProspex) and PII for cheap purchase (River City, and whoever else is using the stolen data for gain).