FCW, which bills itself as your "Government IT Resource", is running an article on the US government's use of the services of data aggregators. It also has a summary of legislative initiatives to regulate them, incuding the following:
Shopping for data:
"Federal lawmakers have introduced 18 cybersecurity bills and state legislators have offered 30 bills to regulate the use of personal information and to respond to growing online threats stemming from spyware, phishing and other pernicious activities on the Internet.
Here are a few highlights from bills proposed by Sen. Dianne Feinstein (D-Calif.) and Sens. Charles Schumer (D-N.Y.) and Bill Nelson (D-Fla.):
S. 751 (Feinstein):
Would require any agency or company that collects personal information to notify potential victims of identity theft when a security breach is discovered.
Would impose a fine of up to $50,000 a day for each day that a company fails to notify victims about unauthorized access to personal information. S. 768 (Schumer-Nelson):
Would create an Office of Identity Theft at the Federal Trade Commission to help victims of identity theft.
Would require any company that holds sensitive personal information to take reasonable steps to protect it. "