The Dossier Economy: A Firsthand Account from Inside the Personal Data Substitute Layer

In April 2024, a Florida-based data aggregation company filed under the corporate name Jerico Pictures, Inc., operating publicly as National Public Data, was breached by hackers operating from systems initially traced through credentials the company had reused from a demonstration project. The breach exposed approximately 2.9 billion records — names, current and past addresses, Social Security numbers, dates of birth, and telephone numbers — for individuals in the United States, United Kingdom, and Canada. The exposed dataset was, depending on the population estimate one accepts, comparable in size to the combined adult populations of the three affected countries, with substantial duplication across multiple instances of the same individual.

The company filed for bankruptcy in late 2024 amid a wave of class-action lawsuits. The California Privacy Protection Agency pursued the company in the U.S. Bankruptcy Court for the Southern District of Florida; the court ultimately dismissed the bankruptcy petition; the CPPA filed an administrative action seeking to recover a $46,000 fine for failure to register with the California Data Broker Registry. The website's domain was subsequently acquired by new owners who, as the disclosure notice on the rebuilt site states, "have zero affiliation" with the previous operators.

The aggregation infrastructure that the National Public Data breach exposed continues to operate. Approximately 4,000 data brokerage entities operate in the United States. The global data broker market was valued at approximately $290 billion in 2025 and is forecast to grow to between $464 billion and $812 billion by 2032-2034. North America accounts for approximately 41-48% of global data broker revenue. Acxiom — one of the largest single data brokers — maintains over 2.5 billion consumer records with more than 12,000 distinct data attributes per individual. LexisNexis Risk Solutions, owned by the British-Dutch information company RELX, operates the LexisNexis Digital Identity Network, which analyzes an average of 39.9 billion transactions annually across its global infrastructure. The average price per individual record for the 18-25 demographic is $0.36.

From December 2015 through December 2020, I led the core API team at Emailage. We were a Phoenix-based fraud prevention company that LexisNexis Risk Solutions acquired in 2020 for $480 million. The technology my team built integrated dozens of external data sources — social media platforms, voice and SMS providers like Twilio, global IP geolocation databases, domain registration records (WHOIS), email reputation systems, breach data archives, payment fraud feeds, identity verification systems — into composite risk profiles that could be returned through a single API call, typically in one to one-and-a-half seconds depending on the depth of analysis the client wanted. The product served thousands of businesses globally, helping them assess transactional risk in real time.

The fraud prevention function it served was, and remains, genuinely beneficial. Identity theft costs American consumers approximately $43 billion annually per the Federal Trade Commission. The infrastructure I helped build is part of how that number is not several times larger.

That is one true description of the work.

The other true description, which the framework requires me to engage with equal honesty, is this: the same technical infrastructure that protects legitimate transactions from fraudsters is, by structural necessity, building and maintaining the most granular dossier on individual human beings that has ever existed in human history. The contributory network model — through which client businesses share their fraud signals with the central database in exchange for access to the broader network's intelligence — is operationally an aggregation engine that runs continuously, across billions of transactions, with no individual's affirmative consent to the aggregation. The data subject — the human being whose digital and physical signals are being correlated — is not a participant in the system. They are its raw material.

This is the second essay in the Inside the Substitute Layer thread within the New Austrian Economics catalog. The first installment (Article 21) engaged the operational substitute layer at the central-bank level, drawing on my five years building residential mortgage securitization infrastructure at the Bank of New Zealand. This essay engages the operational substitute layer at the personal-data level, drawing on my five years building risk-scoring infrastructure at Emailage — including the period through the LexisNexis acquisition close in March 2020 — and on the framework's broader analytical apparatus.

The thread's editorial discipline applies: firsthand operational specificity, framework-applied analysis, explicit acknowledgment of what direct testimony does and does not establish. The pieces are not exposés. They are not whistleblowing. They are framework-applied descriptions of specific institutional environments I worked inside, presented for the reader to evaluate on their own terms.

The framework's First Principles definitions provide the analytical structure for what follows. The graphic below summarizes the four that matter most for this essay; the full catalog of definitions lives at newaustrianeconomics.com/definitions.

These definitions are about to do substantial analytical work, because what trades as wealth, what counts as wealth, and what does not, is the central distinction the framework requires before any specific industry can be properly read.

What the dossier actually is

The personal data trade operates on aggregated digital exhaust — the byproducts that ordinary digital life produces as it passes through the systems that mediate it. A single identifier opens onto a continuously-updated web of related attributes: each linkage was assembled through a different specific commercial arrangement, each contributes another layer to the composite representation, and the result is a dossier whose density bears no resemblance to anything the data subject ever consented to assemble.

A composite dossier on a typical American adult — one assembled by an Acxiom or LexisNexis or Experian — contains thousands of attributes. The data subject knows essentially none of it exists. Their participation in the system is structurally invisible to them: they sign up for an email service, they apply for a credit card, they buy a house, they vote, they donate to a charity, they fill in a survey for a chance to win a gift card, they share a location with a friend through an app. Each individual act is unremarkable. The aggregation of all such acts, across years, across data sources, across the contributory networks that connect them, produces a representation of a human being that is more detailed than any biographer ever wrote, traded continuously among thousands of commercial entities, accessible through APIs that return composite scores in milliseconds.

The economic value of this representation is substantial. The data broker industry's revenue at $290 billion in 2025 is larger than the GDP of all but the top 50 countries in the world. The marginal cost of an individual's data attributes is approximately $0.36 in the most heavily-traded demographic segment. The wholesale market for this material operates continuously, at scale, with sophisticated pricing mechanisms, contributory data-sharing agreements, and integrated technical infrastructure connecting buyers and sellers through programmatic exchanges that no individual data subject ever sees.

The framework's first analytical move

The framework's First Principles definition of wealth is the analytical entry point. Wealth, in the classical political economy tradition the framework operates within, is the result of labor applied to land. Land in this definition means the broader natural environment — the substrate on which production operates. Labor in this definition means human effort directed toward producing things of exchange value. The combination of labor and land produces wealth: grain, lumber, manufactured goods, buildings, the artifacts of human productive activity.

Personal data, in this framework, is not wealth.

The information that constitutes the personal data trade is not produced by labor applied to land. It is produced as a byproduct of human existence in environments instrumented to capture the byproducts. The data subject is not laboring to produce their data; they are existing, and the data is being captured. The aggregators are not applying labor to land to produce the data; they are applying technology to other people's existence to capture and assemble it. There is no act of production in the classical political economy sense. There is only extraction.

A reader fluent in 21st-century economics will reasonably object that this definition appears anachronistic — most of the modern economy is digital, knowledge-based, and increasingly AI-mediated, and very little of what trades commercially looks like grain or lumber. The objection deserves direct engagement. The classical definition was never an inventory of what exists in the economy; it was always a test for distinguishing real wealth from claims on wealth. Smith, Ricardo, George, Menger, and Fekete each used the labor-to-land formulation as a diagnostic that exposes substitute-layer phenomena by asking what the trading economy is actually built on. A definition's value is not measured by how much of contemporary practice it includes. It is measured by what it lets you see.

Applied to 2026, the digital economy still sits on a substantial physical substrate — server farms, electrical generation, lithium and rare earth mining, the engineers and electricians and energy workers whose labor sustains the compute — and the definition still does the diagnostic work the framework requires. The harder extension — what the framework says when AI capital can structurally substitute for human labor at scale, compressing the labor-to-wealth pathway for a meaningful share of the population — is the subject of a forthcoming Series One essay that this catalog will engage as a dedicated theoretical piece. For present purposes the definition holds, and it lets us read what the dossier economy actually is: a substitute-layer phenomenon, not productive output.

This matters analytically. The data broker industry is trading something that is not wealth — but that trades as if it were wealth — for $290 billion annually. The framework's definitional structure identifies this as a substitute-layer phenomenon by direct analogy to the catalog's prior analyses.

Article 8 documented how agency mortgage-backed securities operate as paper substitutes for the underlying low-saleability properties of residential mortgages — paper claims that trade as monetary instruments while the underlying assets remain structurally illiquid. Article 24 documented how COMEX paper silver operates as a paper substitute for physical silver, with the paper trading at scale while the physical backing is structurally insufficient. The personal data trade is the same structural pattern at the individual level: aggregated information about persons trades as wealth, while the underlying "asset" — the existence of the persons whose data is being aggregated — is neither produced by their labor nor monetizable by them.

The framework's analytical observation: the dossier economy is operationally the largest single substitute-layer phenomenon in the modern economy, by participation if not by dollar value, because every digitally-active adult human being is structurally a participant whose information is being aggregated and traded without their participation in the resulting value capture.

The Emailage operational reality

I want to describe the operational reality of the system I worked inside, because the abstraction obscures the specifics that matter analytically.

Emailage's core product was an email risk score. A business — typically an online retailer, a financial services company, an insurance carrier, a gaming platform — would integrate our API into their transaction flow. At a point in the customer journey when assessment was needed (account creation, purchase, application submission), the business would call our API with the customer's email address and various contextual attributes (IP address, device fingerprint, transaction amount, billing information).

The API was configurable for response timing depending on the depth of analysis the client wanted; most production integrations operated in the one-to-one-and-a-half second range, with the system returning a composite risk score and a set of underlying signals: how long had this email been observed in our network, was it associated with prior fraud attempts, did it appear in known breach datasets, was it linked to a high-risk geography, did it show patterns associated with tumbling attacks (the systematic variation of email addresses to evade detection), did the linked social media presence match the claimed identity, did the IP geography match the billing address, did the domain registration history suggest recent creation for fraud purposes.

The integration was simple from the client's perspective. The complexity sat in the data infrastructure behind the API.

My team integrated dozens of external data sources. Twilio gave us telephone number metadata — line types, carrier information, port history, country origination. Domain registries (through reseller APIs and direct WHOIS access) gave us domain age, registration patterns, hosting infrastructure. IP intelligence vendors (MaxMind, ipinfo.io, and similar) gave us geolocation, ISP classification, threat intelligence flags. Social media APIs — these were always changing, always being restricted or shut off, with us building integrations and then maintaining them as the platforms changed terms — gave us account presence indicators. Breach data aggregators gave us "this email appeared in these breach datasets" lookups. Internal contributory data — what other businesses in our network had flagged, in real time — gave us reputation signals continuously updated by every transaction the network processed.

The contributory network was the structural innovation. Other email-risk vendors operated on static datasets and required customers to wait for periodic data refreshes. Emailage built a continuous-feedback network: every fraud signal that a participating business shared with us became, in real time, an input to the next risk score we returned to any participating business. Network effects compounded. The more clients we had, the more signals flowed through the network, the more accurate our scores became, the more valuable participation in the network was, the more clients we attracted.

By the time LexisNexis closed the acquisition in March 2020 for $480 million, the contributory network was processing transactions for thousands of businesses across financial services, e-commerce, insurance, telecom, gaming, and other sectors, with established market presence across the U.S., Latin America, Europe, and Asia Pacific. Emailage's network was subsequently integrated into the LexisNexis Digital Identity Network, which analyzes approximately 39.9 billion transactions annually across its full global infrastructure.

The framework's reading: the contributory network is structurally identical to the mechanism by which a central bank constructs an operational substitute layer. Article 21's BNZ analysis described how the Reserve Bank of New Zealand mandated commercial banks to construct securitization infrastructure that converted illiquid mortgages into central-bank-eligible collateral. The contributory network does the same thing at the personal-data level: it constructs an infrastructure that converts otherwise-isolated business-level fraud signals into a continuously-traded composite asset (the network's collective intelligence) that no single participant could have produced independently. The substrate is different — central bank reserves in the BNZ case, transactional risk signals in the Emailage case — but the structural mechanism is the same.

The good and the harm, named precisely

I want to be honest about what the system I helped build does, in both directions, because the framework requires intellectual honesty about both.

The legitimate good. Online fraud is real. Synthetic identity fraud (where attackers assemble bogus identities from real-and-fake combinations of data) costs U.S. financial institutions billions annually. Account takeover fraud (where attackers gain access to legitimate users' accounts) produces real harm to real victims. Payment fraud, application fraud, and tax fraud all cost real people real money and real time spent recovering from the consequences. The infrastructure I helped build at Emailage genuinely reduces this fraud. Legitimate users get their transactions approved faster because the risk-scoring infrastructure can clear them in seconds without requiring manual review. The framework does not dispute that the fraud-prevention function serves a real social good and that the people building the systems serving that function are doing legitimate, valuable work.

The structural harm. The same infrastructure that reduces fraud is, by operational necessity, the infrastructure of mass surveillance. The composite profile that allows a legitimate user's transaction to be cleared in real time also exists, simultaneously, as a representation of that user that is bought, sold, traded, and queried for purposes that have nothing to do with fraud prevention.

The marketing arm of the same parent corporation that uses the data for fraud prevention also uses it for targeted advertising. The political consulting firm that subscribes to the same data uses it for campaign targeting. The bail bond company uses it to assess risk on prospective clients. The law enforcement agency uses it (through specific commercial arrangements that are now widely documented) to bypass the warrant requirements that would apply to obtaining the same information from a phone carrier directly. The insurance company uses it to differentiate rates. The employer uses it to screen candidates. The HOA uses it to screen residents.

In every one of these cases, the data subject is unaware that the specific use is occurring. There is no mechanism by which the data subject can audit who has accessed their dossier or why. There is no mechanism by which the data subject can correct errors in the dossier (though some narrow regulatory frameworks like the Fair Credit Reporting Act provide limited correction rights for specific subsets). There is no mechanism by which the data subject participates in the economic value generated from the trade in their information.

The framework's diagnostic. The legitimate fraud-prevention function does not justify the broader substitute-layer infrastructure that produces it. The same way the framework's Article 8 analysis distinguished the legitimate function of agency MBS (providing liquidity to mortgage markets) from the structural consequences of that infrastructure (concentrating substrate fragility in the central bank's balance sheet), the analysis of the personal data trade requires distinguishing the legitimate function (fraud prevention) from the structural consequences (continuous mass surveillance with no meaningful individual control over participation or value capture).

The two functions are intertwined operationally but distinct analytically. The framework's reading is that the legitimate function is structurally insufficient justification for the apparatus that produces it, in the same way the legitimate function of central bank liquidity provision is structurally insufficient justification for the post-2008 substitute-layer architecture.

The corporate personhood asymmetry

The structural feature that makes the personal data trade especially consequential is the legal asymmetry between the entities buying and selling the data and the human beings whose data is being traded. This asymmetry is not natural law. It is the operational result of approximately 140 years of specific case law decisions that have systematically expanded the legal rights of corporations beyond what the framework's First Principles tradition — the classical political economy lineage running through Smith, Ricardo, George, Menger, and Fekete — would have considered defensible.

Adam Smith, writing The Wealth of Nations in 1776, was sharply critical of the joint-stock company form that subsequently evolved into the modern corporation. Smith's specific objection: the directors of joint-stock companies "being the managers rather of other people's money than of their own, it cannot well be expected that they should watch over it with the same anxious vigilance with which the partners in a private copartnery frequently watch over their own. Like the stewards of a rich man, they are apt to consider attention to small matters as not for their master's honour and very easily give themselves a dispensation from having it. Negligence and profusion, therefore, must always prevail, more or less, in the management of the affairs of such a company."

Smith favored private partnerships where each partner was personally liable to the full extent of their fortune for the debts of the business — a structure in which the individuals making business decisions bore personal consequences for those decisions.

In the colonial and early American period, corporate charters reflected a structural assumption that corporations existed to serve specific public purposes and that their continued existence was contingent on their continuing to serve those purposes. Charters were granted by state legislatures for specific projects — building a bridge, operating a turnpike, establishing a bank, founding a college. The charters were time-limited (typically 20-50 years), specific in scope, and revocable if the corporation operated outside its chartered purpose or contrary to the public interest. The state of Virginia, in 1809, formally revoked the charter of the Bank of Virginia for "abusing its privileges." Similar revocations occurred throughout the early American period. Corporate existence was understood as a privilege the state granted, not a natural right.

This structure was systematically dismantled across the 19th century through a series of court decisions that progressively expanded the rights of corporations relative to the public interest and natural persons. The decisive transformation occurred in Santa Clara County v. Southern Pacific Railroad Company (1886), a case that the framework's analytical tradition cannot engage without addressing the specific legal-historical malpractice that produced its outcome.

Santa Clara County v. Southern Pacific was, on its facts, a routine tax dispute. Santa Clara County had assessed property tax on Southern Pacific Railroad including a stretch of fencing along the railroad right-of-way that the railroad argued should have been separately assessed under the relevant California statute. The case was substantively about whether the specific fencing was properly included in the assessment. The court ruled for the railroad on the narrow tax question. The case did not decide any constitutional question about whether corporations are persons under the Fourteenth Amendment.

What happened, instead, was that the court reporter — a Connecticut railroad lawyer named J.C. Bancroft Davis, who had been appointed Reporter of Decisions for the Supreme Court — wrote a headnote (a summary that traditionally precedes the formal opinion in published case reports, intended as a navigation aid for readers) stating that the Court had held that the Fourteenth Amendment applied to corporations. The headnote attributed to Chief Justice Morrison Waite the comment: "The Court does not wish to hear argument on the question whether the provision in the Fourteenth Amendment to the Constitution which forbids a state to deny to any person within its jurisdiction the equal protection of the laws applies to these corporations. We are all of opinion that it does."

This statement, made before oral argument and never incorporated into the court's formal opinion, was published in the United States Reports as if it were holding of the court. Subsequent decisions cited Santa Clara County as authority for the proposition that corporations are persons under the Fourteenth Amendment. The court has never formally repudiated Davis's headnote. The result is that, for approximately 140 years, American corporate law has rested on a constitutional proposition that the Supreme Court never actually decided.

The historical record is even more striking than this summary suggests. Between 1890 and 1910 — the two decades immediately following Santa Clara — the Fourteenth Amendment was invoked in 288 federal court cases. Nineteen of those cases concerned the protection of Black Americans (the population the Fourteenth Amendment was specifically designed to protect after the Civil War). Two hundred sixty-nine concerned the protection of corporations. The constitutional amendment passed in 1868 to secure equal protection for the freed slaves was, within thirty years of its ratification, being used overwhelmingly to secure constitutional rights for business entities that had not existed when the amendment was drafted and to which its drafters had not directed any consideration.

The structural pattern accelerated through the 20th century. Buckley v. Valeo (1976) established that political campaign spending is constitutionally protected speech. First National Bank of Boston v. Bellotti (1978) extended this protection to corporate political spending on ballot initiatives. Citizens United v. Federal Election Commission (2010) extended the protection to corporate spending in federal candidate elections. Burwell v. Hobby Lobby Stores (2014) extended Religious Freedom Restoration Act protections to closely-held corporations. The cumulative effect: corporations now possess constitutional rights — speech, religious exercise, equal protection, due process, property — that in many specific operational respects exceed the protections available to natural persons in their interactions with corporations.

What it looks like at the data level

The corporate personhood doctrine becomes operationally consequential when applied to the personal data trade. Consider the structural position of the data subject — an individual American adult — relative to the corporate entities that aggregate their information.

The data subject's legal position consists of narrow statutory protections within specific federal regimes (Fair Credit Reporting Act, HIPAA, COPPA), state-level coverage that exists in roughly 20 states as of 2026 (California, Colorado, Virginia, and similar), and difficult-to-litigate common-law privacy torts that rarely produce meaningful damages. There is no federal omnibus privacy law. There is no right for the subject to know every entity that holds their data. There is no right to participate in the economic value generated from the trade.

The data broker's legal position is structurally different. Constitutional protection under the First Amendment covers the compilation and sale of public-record data (Sorrell v. IMS Health, 2011, holding that the sale of prescription data was protected speech). The Fourteenth Amendment protects the conduct of the brokerage business as commercial activity. Federal preemption shields specific sectors from state-level interference. Arbitration clauses in the agreements data subjects originally signed produce practical immunity from class-action liability. The ability to lobby for and shape regulatory frameworks is itself a corporate right exercised continuously.

The asymmetry is operational. When National Public Data exposed 2.9 billion records, the consequences flowed primarily to the affected data subjects — credit monitoring, freezes, identity theft remediation, anxiety, time — while the company filed bankruptcy and continued operating under new ownership. The CPPA's enforcement action sought to recover a $46,000 fine. The cumulative cost to the individuals whose records were exposed is unquantifiable but is certainly in the billions of dollars in downstream consequences. The corporate person and the natural person were treated, operationally, as if they were comparably situated participants in the legal system. They were not.

The Fekete/Menger reading

The framework's analytical tradition — Menger's saleability spectrum, Fekete's monetary theory, the classical political economy lineage these draw from — provides the structural reading of the personal data economy.

The diagnostic move that matters is recognizing that the same information has dramatically different saleability profiles depending on which party in the transaction holds it. From the data subject's perspective, personal information fails the Mengerian saleability tests almost completely. The subject cannot divide it into sellable units. They cannot prevent its continuous generation through ordinary digital existence. They cannot meaningfully transport it, because it flows to aggregators automatically rather than at their direction. They cannot make it homogeneous, because it is uniquely theirs while being treated by buyers as fungible attribute data. They cannot capture the value generated from its widespread demand.

And the freedom from political weaponization that Menger placed at the structural foundation of saleable wealth — the principle that a monetary commodity must be protected from arbitrary seizure to function as such — is precisely inverted in the data subject's case. The entire apparatus exists to enable corporate, governmental, or political action against them.

From the aggregator's perspective, the same information passes every saleability test. It is highly divisible, sold by attribute or composite. It is highly durable; information assets do not depreciate operationally. It is highly transportable; the entire trade is digital. It is highly homogeneous within the aggregator's model. It is continuously demanded across multiple buyer categories. And the freedom from political weaponization that matters to the aggregator is the freedom of the aggregator from accountability — exactly the protection corporate personhood doctrine has produced.

This asymmetry is the framework's central observation about the dossier economy. The same information that is a low-saleability burden to one party is a high-saleability asset to another, and the asymmetry between the two perspectives is what generates the $290 billion annual industry. The pattern is structurally identical to what the catalog has documented in housing finance (Article 8's MBS analysis), precious metals (Article 24's paper-physical decoupling), cryptocurrency (Article 25's seizure mechanisms), and labor markets (Article 28's saleability inversion). The dossier economy is the same pattern operating at the level of personal information.

Fekete's monetary theory provides additional traction here. Fekete's central observation was that the fiat monetary system substitutes notes for wealth, allowing claims to be created without the underlying productive base classical monetary theory required. The dossier economy operates by an analogous mechanism: it substitutes information claims for the underlying production the framework's wealth definition requires. The information being traded is not the result of labor applied to land; it is the byproduct of the data subject's existence, captured by infrastructure the subject did not authorize and does not control. The trade is, in Fekete's vocabulary, a trade in claims rather than in wealth — and the economic value generated is not productive output but the appropriation of value from the data subject's life into the aggregator's balance sheet.

What households should take from this

The first thing is to recognize the structural asymmetry honestly. Every digitally active adult is a participant in the dossier economy; the participation does not require meaningful consent, because the data is gathered through the ordinary course of digital existence. The "I have nothing to hide" posture is not the source of protection it sounds like — the aggregation happens whether you participate carefully or not. Tactical privacy hygiene matters less than understanding where in the structural asymmetry you are positioned.

There is still real value in reducing data exposure where you have meaningful discretion. Email addresses, phone numbers, and payment methods are the heaviest identity-linking surfaces — using multiple email addresses for different categories of use, payment methods that limit downstream linkage, and selective disclosure of identifiers beyond what a service's actual function requires all produce measurable reduction in the granularity of the resulting dossier. They do not eliminate the dossier.

The regulatory mechanisms that exist are imperfect but worth using. California's CCPA and the roughly twenty similar state laws provide rights to know what data brokers hold, to request deletion, and to opt out of sale. Compliance is uneven and deletion is often incomplete. California's DROP (Delete Request and Opt-Out Platform), launching in 2026, allows a single request to direct all registered data brokers to delete personal information — the closest thing to a single-point-of-leverage that currently exists for U.S. residents.

When a major breach affects you, the standard 12-month complimentary credit monitoring offering from the breached entity is operationally cheap for the offering party and structurally inadequate to the harm. Accept it (it has positive expected value), but understand it does not address the permanence of having personal identifiers in unauthorized hands. The standard credit-reporting agency freeze, free since 2018, is more valuable than the monitoring product for long-term protection.

Finally, recognize that the structural problem is political, not technical. Individual data hygiene cannot solve a problem produced by 140 years of case law development that elevated corporate rights above natural-person rights. The framework is not advocating nihilism but accurate understanding: the dossier economy will continue to operate at scale, with continued breaches and continued asymmetric harm, until the underlying legal-political structure is modified. Tactical fixes produce marginal benefits. Structural fixes require sustained political engagement across the spectrum from antitrust enforcement to constitutional amendment.

The closing observation

In 1776, Adam Smith warned about joint-stock companies operating in distant markets, with directors managing other people's money rather than their own. He could not have anticipated the specific form the warning would take 250 years later: corporate entities with constitutional rights aggregating personal data on billions of human beings across populations they have no accountability to, generating economic value at vast scale, with the legal frameworks built across 19th and 20th century American jurisprudence shielding them from the consequences of the harms they produce while concentrating the consequences on the natural persons whose lives are the raw material.

The British East India Company became, eventually, a case study in business school history. The structural problem Smith identified did not contract; it expanded. The personal data trade is the most ubiquitous, least visible, and structurally consequential manifestation of the corporate form Smith warned about. It operates through the same asymmetry between corporate scale and individual accountability that he diagnosed, with constitutional protections accumulated through 140 years of case law that hand the corporate participant rights the natural-person participant does not possess.

I worked inside one node of this apparatus for five years. The infrastructure I helped build does what I have described. The legitimate fraud-prevention function it delivers is real, and the people building these systems are doing valuable work. The same infrastructure is, by structural necessity, the largest continuously-operating surveillance system in history, trading information about human beings at $0.36 per record without their participation in the value capture. Both descriptions are true. The framework requires holding both.

The dossier is the substitute-layer artifact. It is information that trades as wealth without being wealth in the classical political economy sense — not the result of labor applied to land but the byproduct of human existence captured by infrastructure the subjects did not authorize. By participation it is larger than any monetary substitute layer the catalog has documented. By dollar value it is one of the largest single industries in the world. By structural asymmetry between the parties involved, it is the cleanest contemporary example of what Smith was trying to prevent.

The framework can read what it is and what it does. The reader can evaluate the account on its own terms. The trade will continue to operate at scale until the underlying legal-political structure is modified — which, given the entrenched interests and the constitutional architecture supporting them, is not a near-term prospect. The first step toward changing that is making the structure visible. That is what this essay has tried to do.

---

This is the second installment of "Inside the Substitute Layer." The author led the core API team at Emailage from December 2015 through December 2020, including the LexisNexis Risk Solutions acquisition close in 2020. Emailage was acquired by LexisNexis Risk Solutions (a subsidiary of RELX) in 2020 for $480 million as documented in RELX's Form 20-F SEC filing; the technology subsequently became part of the LexisNexis Digital Identity Network. All operational details about Emailage's infrastructure are presented as direct recollection from the author's time at the company. The 2024 National Public Data breach, the data broker industry size figures, the corporate personhood case law history, and the Adam Smith citations are drawn from publicly available sources that can be consulted for independent verification. The framework's First Principles definitions are drawn from newaustrianeconomics.com/definitions, sourced from Ingo Bischoff / SF School of Economics, founded 2006.