Download this Paper Open PDF in Browser

How the Fair Credit Reporting Act Regulates Big Data

Future of Privacy Forum Workshop on Big Data and Privacy: Making Ends Meet, 2013

6 Pages Posted: 7 May 2014  

Chris Jay Hoofnagle

University of California, Berkeley - School of Information; University of California, Berkeley - School of Law

Date Written: September 10, 2013

Abstract

This short essay, prepared for the Future of Privacy Forum's Big Data and Privacy: Making Ends Meet event in September 2013, makes two observations concerning "big data." First, big data is not new. Consumer reporting, a field where information about individuals is aggregated and used to assess credit, tenancy, and employment risks, achieved the status of big data in the 1960s. Second, the Fair Credit Reporting Act of 1970 (FCRA) provides rich lessons concerning possible regulatory approaches for big data.

Some say that "big data" requires policymakers to rethink the very nature of privacy laws. They urge policymakers to shift to an approach where governance focuses upon "the usage of data rather than the data itself." Consumer reporting shows us that while use-based regulations of big data provided more transparency and due process, they did not create adequate accountability. Indeed, despite the interventions of the FCRA, consumer reporting agencies (CRAs) remain notoriously unresponsive and unaccountable bureaucracies.

Like today's big data firms, CRAs lacked a direct relationship with the consumer, and this led to a set of predictable pathologies and externalities. CRAs have used messy data and fuzzy logic in ways that produce error costly to consumers. CRAs play a central role in both preventing and causing identity fraud, and have turned this problem into a business opportunity in the form of credit monitoring. Despite the legislative bargain created by the FCRA, which insulated CRAs from defamation suits, CRAs have argued that use restrictions are unconstitutional.

Big data is said to represent a powerful set of technologies. Yet, proposals for its regulation are weaker than the FCRA. Calls for a pure use-based regulatory regime, especially for companies lacking the discipline imposed by a consumer relationship, should be viewed with skepticism.

Keywords: big data, fair credit reporting act, FCRA, use regulations, collection limitation

JEL Classification: D18

Suggested Citation

Hoofnagle, Chris Jay, How the Fair Credit Reporting Act Regulates Big Data (September 10, 2013). Future of Privacy Forum Workshop on Big Data and Privacy: Making Ends Meet, 2013. Available at SSRN: https://ssrn.com/abstract=2432955

Chris Hoofnagle (Contact Author)

University of California, Berkeley - School of Information ( email )

212 South Hall
Berkeley, CA 94720-4600
United States
510-643-0213 (Phone)

HOME PAGE: http://hoofnagle.berkeley.edu

University of California, Berkeley - School of Law ( email )

344 Boalt Hall
Berkeley, CA 94720-7200
United States
510-643-0213 (Phone)

HOME PAGE: http://hoofnagle.berkeley.edu

Paper statistics

Downloads
291
Rank
89,104
Abstract Views
1,681