Data Broker List Act of 20 21 This bill establishes requirements for data brokers that obtain personal information about consumers for the sale to other businesses. Specifically, data brokers are prohibited from (1) acquiring such information by fraud, (2) using such information for a specified prohibited purpose such as fraud or identity theft, or (3) selling such information to a third party that the broker should reasonably know intends to use the information for a specified prohibited purpose. Data brokers also must implement safeguards to prevent security breaches that result in the improper disclosure of such personal information. Additionally, they must register with the Federal Trade Commission (FTC) on an annual basis and the FTC must publish the registry. Violations of these requirements are enforceable by the FTC as unfair or deceptive business practices.