Spokeo data broker to pay $800,000 in FTC privacy case
- — 12 June, 2012 15:27
Data broker and online people search service Spokeo will pay US$800,000 to settle U.S. Federal Trade Commission charges that it sold consumer profiles to other companies without taking steps required under the U.S. Fair Credit Reporting Act (FCRA) to protect consumers, the FTC announced Tuesday.
In the first FTC case addressing the sale of Internet and social media data in the employment screening area, the agency alleged that Spokeo operated as a consumer reporting agency but failed to ensure that the information it sold would be used only for legal purposes, the agency said. Spokeo also violated the FCRA by failing to ensure that the information it sold was accurate and by failing to tell users of its consumer reports about the company's obligations under the credit law, the FTC alleged.
Spokeo marketed consumer profiles to companies in the human resources, background screening and recruiting industries, the FTC said.
Spokeo collects personal information about consumers from hundreds of online and offline data sources, including social networks, the FTC said. It merges the data to create detailed personal profiles of consumers, containing the consumer's name, address, age range, and email address. The profiles can also include hobbies, ethnicity, religion, participation on social networking sites, and photos.
From 2008 to 2010, Spokeo marketed the profiles on a subscription basis to human resources professionals, job recruiters and others as an employment screening tool, the FTC said. The company encouraged recruiters to "explore beyond the resume."
Spokeo created a special section of its website for recruiters, the FTC said.
The company never intended to act as a consumer reporting agency, Spokeo founder and President Harrison Tang wrote in a blog post. Spokeo has made changes to its website and its business practices to comply with the FCRA, he wrote.
The changes will "ensure an honest and transparent service that will continue to be easy for our customers to use," he added. "We are a technology company organizing people-related data in innovative ways. We do not create our own content, we do not possess or have access to private financial information, and we do not offer consumer reports."
The agreement with the FTC will "allow for a continued open dialogue regarding our business practices," Tang wrote. "We also believe our industry must listen to the public and work with policymakers to act on consumer privacy interests."
The FTC alleged that Spokeo failed to notify consumers that it was required to tell them of adverse actions taken against them by buyers of the consumer data. Spokeo also posted deceptive endorsements of its service on websites and blogs by portraying the endorsements as independent when they were created by Spokeo's own employees, the FTC alleged.
Under the settlement, the FTC has barred Spokeo from future violations of the FCRA and from making misrepresentations about its endorsements.
The FCRA, passed by Congress in 1970, was intended to promote the accuracy, fairness, and privacy of information in the files of consumer reporting agencies.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.
Get exclusive access to CSO, invitation only events, reports & analysis. 
