This week, the Center for Democracy & Technology (CDT) submitted a complaint (.pdf) to the Federal Trade Commission (FTC) alleging that the data broker website Spokeo was violating federal financial privacy law by not taking adequate safeguards to protect consumers. Spokeo is a website that bills itself as a search engine that allows users the ability to look up “people-related information from phone books, social networks, marketing lists, business sites, and other public sources.”
According the CDT’s complaint, Spokeo is in violation of t
he Fair Credit Reporting Act, which requires “consumer reporting agencies” to take certain actions to protect consumer privacy, including allowing consumers the right to access information about themselves, to correct mistakes and to be advised of adverse decisions made based on Spokeo’s data. The FCRA also strictly limits the disclosure of consumer data to a limited number of “permissible purposes,” yet the CDT complaint does not appear to raise claims regarding Spokeo’s disclosure of consumer data to its users. The complaint does allege that Spokeo’s actions amount to unfair and deceptive acts in violation of the FTC Act.