Released: April 06, 2016

Consumer consent and privacy: New principles released by Consumer Action

Organization sees dire need to limit use of data by companies with no direct relationship to consumers

Contact: .(JavaScript must be enabled to view this email address), 202-544-3088

Consumers need reliable methods of granting or revoking permission to use their personal information when it’s sold to unrelated companies or recycled in unexpected ways

Washington, DC—Recognize it or not, there is a consumer bargain at the core of the Information Age—consent to have one’s personal data collected, in return for an expanding universe of digital services that can make consumers’ lives more convenient, efficient, cost-effective, enchanting and entertaining. But giving your data in exchange for something you want or need is one thing, while seeing it vacuumed up during mergers and acquisitions and passed along to who knows who is a much different story.

Consumer Action, a national non-profit organization dedicated to empowering underrepresented consumers nationwide, takes a look at this Faustian bargain and finds that consumers’ consent for how their data is used is vague, misunderstood and often ignored altogether. In a white paper released today, Aligning privacy, permissions and profit: Improving consumers’ control over data consent, the organization outlines a series of principles for data privacy, all centered on a single premise: Consumer consent should guide corporate behavior and proper use of customer data.

Consumer Action warns companies that this bargain frays when consumers fear a loss of data control, and collapses when the trust between companies and their customers is broken. In the new white paper, the organization takes the fundamental position that companies that lack a direct, first-party relationship with consumers should not have access or rights to data about them.

As one example recently in the news, Consumer Action cites Match.com parent’s purchase of test prep company The Princeton Review to demonstrate how little control consumers have over their personal information. This is not an issue of selling data about consumers who got something free in exchange. Students and their parents paid for test prep services and we’d wager most of them would not expect that their names, emails and other personal information might be shared to market dating services—or worse, exposed to hackers and scammers.

Similarly, in the health space, corporate wellness programs should not be conduits for sending sensitive employee health and fitness data to third party marketers. These crucial issues of our time revolve around the principle of consent and consumers deserve the opportunity to grant (or revoke) granular, specific consent for access to data about themselves.

Consumer control of personally identifiable information and other transactional data—a shaky proposition at best—quickly spirals out of control when data is sold to corporate conglomerates of unrelated businesses or shared with third parties such as data brokers with no existing relationship with the consumers.

“Consumers should be able to control, limit or prohibit sharing of their personally identifiable information between unrelated companies unless they are given an opportunity to consent to data sharing,” said Ken McEldowney, executive director of Consumer Action. “While these issues are complex, they also impact every single consumer in America; it’s time for companies to step up their privacy commitments or risk a wholesale flight of their customer base.”

The full white paper can be found here on Consumer Action’s website. (Short url: bit.ly/principles_for_consent)

* * *

Through multilingual consumer education materials, community outreach and issue-focused advocacy, Consumer Action empowers underrepresented consumers nationwide to assert their rights in the marketplace and financially prosper.