CRS Report – Online Consumer Data Collection, October 31, 2022 – “Large amounts of consumer data can be collected, processed, and analyzedby operators of websites and mobile applications (apps) and third parties, which are entities otherthan the website or appprimary operator (e.g., data brokers). Operators collect data for multiple purposes, including providing services, selling user data to third parties,or sending targeted ads directed to specific individuals. The value of consumer data often comes from identifying users and linking their data from various sources to a common identifier. Operators can identify individuals using their personally identifiable information (PII)—such as name, address, or date of birth—and other identifiers, such as those associated with a particular device. Some federal laws prevent entities from collecting or sharing specific types of PII or identifiersin certain circumstances. However, in recent decades, the ubiquityof non-PII (data not directly linked to an individual’s identity, including anonymized or aggregated data) and the emergence of new data collection andt racking tools have made it easier to identify individuals. Consumer data can be collected using various data collection and tracking tools, such as cookies, pixels, device and browser fingerprinting, application programming interfaces (APIs), and software development kits (SDKs). These tools can continuously collect different types of data, including identifiers, even when the consumer visits a different website or app. Some of these tools are necessary for websites and apps to provide services, and others typically are used for online advertising. Some of these tools can be used to help develop a website or app and offer services provided by other operators, which can increase competition.They also can be used to collect large amounts of data, particularly by third parties, causing some to raise consumer data privacy concerns. The United States does not have a comprehensive federal data protection law, although multiple federal statutes create data protection obligations for particular types of information or for entities engaged in certain activities…
Sorry, comments are closed for this post.