Abstract

https://ssrn.com/abstract=2432955
 


 



How the Fair Credit Reporting Act Regulates Big Data


Chris Jay Hoofnagle


University of California, Berkeley - School of Information; University of California, Berkeley - School of Law

September 10, 2013

Future of Privacy Forum Workshop on Big Data and Privacy: Making Ends Meet, 2013

Abstract:     
This short essay, prepared for the Future of Privacy Forum's Big Data and Privacy: Making Ends Meet event in September 2013, makes two observations concerning "big data." First, big data is not new. Consumer reporting, a field where information about individuals is aggregated and used to assess credit, tenancy, and employment risks, achieved the status of big data in the 1960s. Second, the Fair Credit Reporting Act of 1970 (FCRA) provides rich lessons concerning possible regulatory approaches for big data.

Some say that "big data" requires policymakers to rethink the very nature of privacy laws. They urge policymakers to shift to an approach where governance focuses upon "the usage of data rather than the data itself." Consumer reporting shows us that while use-based regulations of big data provided more transparency and due process, they did not create adequate accountability. Indeed, despite the interventions of the FCRA, consumer reporting agencies (CRAs) remain notoriously unresponsive and unaccountable bureaucracies.

Like today's big data firms, CRAs lacked a direct relationship with the consumer, and this led to a set of predictable pathologies and externalities. CRAs have used messy data and fuzzy logic in ways that produce error costly to consumers. CRAs play a central role in both preventing and causing identity fraud, and have turned this problem into a business opportunity in the form of credit monitoring. Despite the legislative bargain created by the FCRA, which insulated CRAs from defamation suits, CRAs have argued that use restrictions are unconstitutional.

Big data is said to represent a powerful set of technologies. Yet, proposals for its regulation are weaker than the FCRA. Calls for a pure use-based regulatory regime, especially for companies lacking the discipline imposed by a consumer relationship, should be viewed with skepticism.

Number of Pages in PDF File: 6

Keywords: big data, fair credit reporting act, FCRA, use regulations, collection limitation

JEL Classification: D18


Open PDF in Browser Download This Paper

Date posted: May 7, 2014  

Suggested Citation

Hoofnagle, Chris Jay, How the Fair Credit Reporting Act Regulates Big Data (September 10, 2013). Future of Privacy Forum Workshop on Big Data and Privacy: Making Ends Meet, 2013. Available at SSRN: https://ssrn.com/abstract=2432955

Contact Information

Chris Jay Hoofnagle (Contact Author)
University of California, Berkeley - School of Information ( email )
212 South Hall
Berkeley, CA 94720-4600
United States
510-643-0213 (Phone)
HOME PAGE: http://hoofnagle.berkeley.edu
University of California, Berkeley - School of Law ( email )
344 Boalt Hall
Berkeley, CA 94720-7200
United States
510-643-0213 (Phone)
HOME PAGE: http://hoofnagle.berkeley.edu

Feedback to SSRN


Paper statistics
Abstract Views: 1,374
Downloads: 228
Download Rank: 106,051