
Data Broker Lets You See Their Dossier About You Starting Today - smcnally
http://www.forbes.com/sites/adamtanner/2013/09/04/800-pound-gorilla-among-data-brokers-lets-you-see-their-dossier-about-you-starting-today/
======
rgbrenner
"Acxiom offers marketing and information management services, including
multichannel marketing, addressable advertising and database management.
Acxiom collects, analyzes, and parses customer and business information for
clients, helping them to target advertising campaigns, score leads, and more."
[0]

An advertising company wants me to enter my name and address and make sure the
database they sell has the correct information on me.. hmm... I think I'll
pass.

0\. [http://en.wikipedia.org/wiki/Acxiom](http://en.wikipedia.org/wiki/Acxiom)

~~~
nohuck13
Last 4 digits of SSN is particularly flagrant. I could almost believe (if I
wanted to give them the benefit of the doubt, which I don't, particularly)
that they are using name and email as good-faith identifiers to let me opt
out. After all, they need to identify me with _something_. But what could they
possibly be doing with SSN unless they have offline credit score information
obtained from some third party, which they couldn't previously link
confidently to my advertising profile, and now they can?

~~~
jcater
Is a 4 digit SSN number suffix really enough to be helpful to them in that
regard? I guess they could find all "jcater"s with those 4 digits and make
assumptions, but that is far from unique.

~~~
opendais
Yes.

ZipCode + SSN is enough to identify you, even without your name, close to 100%
of the time. Toss in your name and I'd be amazed they'd ever got a false
positive. I'm [honestly] not sure why they even bother asking for a mailing
address other than to go from 99.9% confidence to 100%.

Fyi, there is ~8k people [on average] in a zip code. The odds of your name and
SSN repeating inside a zip code is low. Name tho? Name could happen with
reasonable odds. I used to know someone in my zip code with an identical
first/last [not middle] name.

~~~
skwirl
I'm going to give you the benefit of the doubt and assume you misread the post
you are replying to, which referred to the last 4 digits of a SSN, and
incorrectly assumed we were talking about full SSNs. Because otherwise your
statement is absurdly wrong.

If there are 10,000 possible 4 digit combinations and 8,000 people in a ZIP
code on average, the odds that someone else will share the last 4 digits of my
SSN is 1-(1-1/10000)^7999 which comes out to 55%. So in reality, more often
than not, you will share the last 4 digits of your SSN with someone in your
zip code.

Also, there are a few zip codes with 100,000+ people in them, and many zip
codes with 50,000+ people in them. These zip codes account for many millions
of people. You are guaranteed that nearly every resident will share the last 4
digits of their social security number with at least one other person in these
zip codes.

~~~
opendais
Yes, I was rushing and didn't read all that clearly.

------
jcampbell1
From my account it is pretty clear who is sharing data with them. They have 5
purchase records, and think I am into furniture and linens. Overstock.com and
Jennifer Convertibles are guilty of selling out their customers.

Amazon is clearly not selling them information.

Overstock.com is now on my douchebag list.

~~~
adrr
I noticed it keys off of address and name for purchases. Created two accounts,
one is home address which i never ship to and the other is my girlfriends
house which had most my purchases except high value items which i ship to
work. First account was completely empty on data. Second account had
information filled out, seems to use purchases to determine interests. The
vendor in question was one of the largest party supply e-commerce stores.

------
joshuaellinger
I work with a client that uses Acxiom data.

My contacts say this is a real and legit attempt to get out in front of
potential regulation. Because of the regulations around credit data, it is
derived from a variety of non-credit sources. The only information they are
likely to use from this site is the email address. In general, they do not
trust user-provided information.

I think the reaction they are hoping for is "I guess that's not so bad" but
what I think they are going to get is "wow, you don't know anything about me."

Oh, and they really do honor the opt-out stuff. So few people do it that it
actually improves the response rate of advertisers because the people who care
enough to opt out are never going to respond.

I wish they put a hit counter on it. I'd love to see how much traffic they
get.

~~~
xradionut
One of the companies I work with uses various data brokers. They have more
than you realize. Especially if you have a vehicle and a house.

~~~
joshuaellinger
Only if you have a loan. The regulated credit data is pretty solid. The
unregulated stuff.... not so much.

------
leef
So in order to see the information they may or may not have on you they ask
for your name, full address, last 4 ssn, date of birth, and email... if they
didn't have any data on you before they do now.

~~~
smcnally
I had precisely the same reaction in the comments of the article.
[http://t.co/g6LpJvdGzL](http://t.co/g6LpJvdGzL)

~~~
jyu
This reminds me of the fake IQ quiz games, where if you take the test, you
fail.

~~~
smcnally
You'd think one of the leaders in the personal data broking field -- online
and off -- would be able to go about this a bit less ham-fistedly.

But I'm also surprised as many hacker newsers have submitted their info as it
sounds. So, if hamfisted works, hamfist.

------
sytelus
I can't believe they bought off Forbes to market this scam. This is not about
data disclosure, this is about collecting even more data in the name of
"educating" you. You will be giving away most important pieces of your
information to them in trying to know whatever half ass information they might
supposedly have. If they really wanted to disclose fairly then they can just
ask for email and do verification by sending link in email. They shouldn't
need birth date and precious last digits of your SSN.

~~~
sytelus
Before anyone types away their information, you _should_ read this paragraph.
This is a huge scam, a clever one:

 _In the privacy policy for the new site, Acxiom says it will allow users to
edit and suppress information about themselves. However, to see their file,
users must give up personal data and pass an authentication exam. That means
giving your address, email, last four digits of your Social Security number
and date of birth. Can they use that information? “The information you provide
may be shared within the Acxiom Corporation family of businesses,” the company
says._

------
dbarlett
I highly recommend requesting a LexisNexis Risk Solutions Full File Disclosure
[1] at least once a year. You have to mail in copies of an ID and proof of
address, but I found signs of identity theft that didn't appear on other
credit reports.

[1]
[https://personalreports.lexisnexis.com/access_your_personal_...](https://personalreports.lexisnexis.com/access_your_personal_information.jsp)

~~~
tlrobinson
Interesting. Are there services (like LifeLock or something) that will
aggregate these types of information for you regularly automatically?

------
strlen
I've worked with somebody who came from Acxiom's grid computing division --
who has left after they were sold of to EMC. Essentially they had a fairly
advanced grid computing infrastructure (comparable to Map/Reduce or other
Scatter/Gather) for what seems like a while before Google has. Compared to
what was then (2007) Hadoop's State of the Art (mind you, we were working
together at Yahoo) it seemed quite impressive.

Now I wonder if the reason for their sale was prescience about open source
grid processing -- which would have been against the grain at the time (this
was before Hadoop was universally adopted even at Yahoo).

What's also interesting is that the sale indicated they also believed that
they were to have no competitive advantage in further
development/deployment/maintenance of data infrastructure. This is unlike the
Internet firms I've worked at where even if the entire stack was open source,
continued in-house development and operation of the stack was vital to the
business. At first that surprised me, but then again compared to, e.g.,
Internet advertising data their data is never anonymous, much cleaner, and
smaller in absolute volume (number web pages each unique client visits in a
week -- which is a number greater than each unique individual -- visits vs.
number of items each individual purchases from a store in a week).

~~~
mulligan
Wasn't mapreduce developed at google around 2003? From what year are you
comparing Acxiom's system?

~~~
strlen
As far as I understand, they've been doing grid computing since the mid-90s at
Acxiom (the person I talked to joined in 1996/1997, afaik).

------
sbecker
Instead of signing up and cleaning their data for them, or "opting out" by
installing their special cookie which continues to track you around the
internet, opt out the right way: block all ad networks via a browser extension
like Disconnect or Ghostery.

More options and tools here: [http://lifehacker.com/the-best-browser-
extensions-that-prote...](http://lifehacker.com/the-best-browser-extensions-
that-protect-your-privacy-479408034)

~~~
chewxy
Not really. What most opt-out cookies do is that they have a "DO NOT TRACK" or
"IGNORE" in the cookie fields.

Let's say you run a DMP, you think you can be smart by tracking people with
cookies that have a "DO NOT TRACK"==True field.

Very soon though, you will be deluged by more noise than signal, and it quite
literally becomes useless. It's honestly easier for companies to not track
people who have a opt-out cookie.

Source: Wrote a prototype DMP for my company once

~~~
sbecker
I was curious as to what Acxiom's cookies actually look like after opting out.
With a fresh Chrome Igcognito session, following through the opt out process,
I get 20 cookies. Plenty of unique GUIDs perfectly capable of tracking me
through the internet, and no occurances of "DO NOT TRACK" or "IGNORE".
Screenshot here:

[http://img443.imageshack.us/img443/950/d2ys.png](http://img443.imageshack.us/img443/950/d2ys.png)

Also, can you define DMP? I did do some googling first, and I'm not sure which
acronym you're referring to.

EDIT: Found it. DMP stands for Data Management Platform. For anyone else:
[http://www.adopsinsider.com/online-ad-measurement-
tracking/d...](http://www.adopsinsider.com/online-ad-measurement-
tracking/data-management-platforms/what-are-data-management-platforms/)

------
cj
I'm 21, and apparently married with an 8 year old daughter. I also drive a
truck, own a home that I bought in 05/2008, and have an amex card.

Interesting that my profile is so specific, yet utterly incorrect.

~~~
meatwad
Very interesting, you might want to check your credit report, your identity
may have been stolen..

~~~
cema
Also possible, their algorithms are incorrectly linking data from another
person's records. Still a good idea to check, of course.

------
paxtonab
I would not give this company the last 4 of my SS to see what they know about
me. My SS and the confirmation information they are seeking is worth far more
to them than any info they will give me.

In fact this whole site reeks of a scam, similar to a "Free personality test"
or "Love IQ" test online that is really just a way to gain valuable personal
information, except instead of playing off social anxieties to trick people
into taking a test they are playing off privacy anxieties to get people to
divulge more information...

------
graupel
Looking at my data, it's so so so tempting to opt-out, but then again I'd
rather see targeted ads than 'one crazy trick to get rid of my belly fat'
ones....

~~~
mthoms
Care to share what kind of info they had and how accurate it was generally?

~~~
nsxwolf
Mine was pretty bad. They had some very basic pieces of public information
wrong.

This is clearly not the same data I had when I used their web service at a
startup I worked at in 2000. They had a service you could provide a phone
number to and it would return a little story like this:

"Bob Smith from Portland, Oregon uses in-home pregnancy tests, drinks imported
beer, and listens to alternative rock radio stations."

None of those sorts of rich details are in my data.

------
Wingman4l7
_Finally, an excuse to relate an Acxiom anecdote!_

As a budding CS major I had a job with Acxiom. Most of it involved running
phone books through sheet fed scanners, collating a truly massive amount of
publicly available information. A lot of work was done on a custom OCR engine
to parse all of this data.

~~~
mthoms
>running phone books through sheet fed scanners

Wow. I had to take a minute to let that sink in.

------
cdcarter
None of the data they had about me, besides what I had just entered, was
correct. This, I suppose, is encouraging.

~~~
eksith
You may have inadvertently improved their accuracy by 100% as a primary
source.

~~~
Casseres
Indeed. I would have run CCleaner first and use IE (which I never use) to make
sure they didn't get any new info out of me. The only thing they could get at
that point is my IP address unless I went through a trusted VPN.

------
opendais
Ya, just scroll to the bottom and 'install the opt out cookie' is what I did.
No clue if they actually honor it but figured worth a shot. ;)

No way in hell I'm giving them my social, address, etc. XD

------
mbillie1
Can't authenticate me based on my information (steady address for 2+ years, on
credit reports, drivers' license, etc)... and to fix this I can photograph and
encrypt my DL/passport?

:(

------
leeoniya
to see what others may know about your magazine subscriptions, enter your
social here ___-__-____, and address here __________, (which we'll share with
our trusted partners)

/s (kinda)

------
skennedy
At the bottom of their new user signup page is a link to an "opt out" section.
If believed, they allow you to install an online cookie and mail them forms to
stop Acxiom from tracking you online and selling your data.

[http://acxiom.com/about-acxiom/privacy/us-consumer-
choices/](http://acxiom.com/about-acxiom/privacy/us-consumer-choices/)

------
tlrobinson
_" instead of getting a great offer on a hotel package in your favorite
vacation spot, you might see an ad for the latest, greatest weight loss
solution."_

Translation: "Fuck you, we'll show you obnoxious weight loss ads instead"

------
awda
Well, I'm happy they're totally wrong about me. Married ?! Two children ?!
German ?! At least they got Male right...

------
forgottenpaswrd
I also do that. I can tell you everything about you, if you want to test me,
please send me:

Your full name.

Your date of birth.

your zip code. Your street. The number.

your social security number.

Your marital status. Please specify the sex of your kids and also their ages o
I could contrast with my database better and inform you if you are wrong.

Your job.

This is a classic storyteller or talker with your ancestors trick.

------
brokenparser
> _They have files on 700 million individuals_

Allright, let's sign up...

> _State: ZIP:_

So... USA only? Okay, let's see
[http://www.census.gov/population/www/popclockus.html](http://www.census.gov/population/www/popclockus.html)

> _316,606,919_

Not quite 700M, calling BS.

~~~
ngoel36
That's a 300M population...today. Assuming avg US life expectancy of 75 years,
that's another 4M in turnover for every year that they have data for, plus I
assume records of another ~150-250M records from those that have only stayed
in the US temporarily and aren't reflected in census numbers.

------
the_watcher
I just entered my info. The have my birthday wrong, think I am married and
have a kid. They also got my credit card types wrong (should be the easiest
thing to collect too), and were way off on my purchasing behavior. This is not
that scary.

------
s_q_b
Nada. Zip. Zilch. I know it's a good thing, but kinda disappointing in a way.

------
SteveDeFacto
Don't do it! I entered all that information and it said I needed to manually
authenticate. Basically, they want me to provide even more information. Can't
opt out and I just gave them more info...

------
coallen6
Pointless. They had no data on me. Now I've given them more than they ever had
on me and their "opt-out" maze doesn't delete my info. _face-palm_

------
gry
> If you want to get the best advertising delivered to you, based on your
> actual interests, start here.

They make no compunction, though, that's not what I want.

------
blackysky
let me review this... an advertising company wants even more data about me...
remind me those anti-virus software... let me scan your computer for free and
boom even more spywares .... IP+browser info+SSN+full name+ location....that's
gold !!! don't know how many people is going to complete the form but that's a
great marketing campaign... scare people to create a sense of urgency...

------
ojbyrne
Good to see how inaccurate, sparse, and almost completely useless to marketers
my record is. Being an immigrant on a work visa has its advantages!

------
ambiate
All they had were my vehicles. They also think I'm a 72 year old African
American. Nothing on my home, shopping, etc.

------
suyash
I'm not going to sign up to opt out. I have a feeling it is going to trick me
to give my personal data myself.

------
mattdeboard
Well thankfully they have literally no data about me, apparently.

------
joshdance
"It's a trap" \- Ackbar

------
elf25
Submitted new user form at www.aboutthedata.com/... "We'll fix the error
soon!" WTF? Is this a phishing site?

~~~
suyash
seems like you got tricked :(

