76  PRIVACY IN A CYBER AGE

           In 2005, one such company—ChoicePoint—had records on over 220 mil-
                     5
           lion people.  Professor Christopher Slobogin notes that the amount of
           information culled by corporate data miners
              can provide the inquirer with a wide array of data about any of us, including
              basic demographic information, income, net worth, real [sic] property holdings,
              social security number, current and previous addresses, phone numbers and
              fax numbers, names of neighbors, driver records, license plate and VIN
              numbers, bankruptcy and debtor filings, employment, business and criminal
              records, bank account balances and activity, stock purchases, and credit card
              activity. 6
           For example, in 2009, a law professor at Fordham University gained minor
           notoriety when he assigned his class to create a dossier on Justice Anto-
           nin Scalia using only the information they could find online. The result
           was a fifteen-page document “that included the justice’s home address
           and home phone number, his wife’s personal e-mail address and the TV
                                 7
           shows and food he prefers.”  Some privacy merchants even keep dossiers
           on the crimes a person has committed, their divorces, political leanings,
           and their interests in topics that include religion, the Bible, gambling, and
                            8
           adult entertainment.  Other companies amass lists of “victims of sexual
           assault, and lists of people with sexually transmitted diseases. Lists of
           people who have Alzheimer’s, dementia and AIDS. Lists of the impotent
           and depressed.” 9
              Although several data-mining companies allow individuals to opt out
           of their databases, people must contact each company individually, and
           even then information may still linger in some search results or websites.
           Google, for example, generally does not remove search results if the infor-
           mation contained is truthful and not illegal. 10
              The privacy merchants are limited by laws that Congress (and states)
           have enacted that carve out subsets of data, particularly medical and financial
           records, in which the privacy merchants cannot freely trade. However,
           very little attention has been paid to the fact that information is fungible.
           Through a process that might be called “privacy violating triangulation”
           (PVT), one can readily derive much about a person’s medical, financial,
           or other protected private side by using “innocent facts” that are not privi-
           leged by law. A piece of seemingly benign information—for instance, the
           number of days a person failed to show up for work, or whether the person
           purchased a wig—suggests volumes about one’s medical condition. By
           building a portfolio of many such apparently innocuous facts, one could
           infer a great deal, effectively violating the realm of privacy surrounding
           individuals’ most sensitive information. Thus, a study of Facebook shows
           “how the on-line social network data could be used to predict some