Checkout? No, data grab.
I was in Meijer the other day to do my weekly grocery shopping. Meijer is a Michigan-based big-box retailer, whose stores were the country’s first supercenters. For those who have not been to a Meijer, therefore, it is similar in concept to Arkansas-based Wal-Mart or Minnesota-based Target. The cashier saw me glancing at a brochure at the checkout and volunteered information about their mPerks program (mperks.meijer.com).
This is the newest way to use coupons. No longer does the consumer have to go through the laborious process of clipping them; simply bring in your cell phone and redeem them. Sounds great, doesn’t it? All the convenience modern technology has to offer. And though that was one piece of information the cashier did not volunteer, all the surveillance.
If , as Supreme Court Justice Louis Brandeis asserted in 1928, people have “the right to be let alone” (Everett-Church, 2009), consumers should question the degree to which retailers agree with him; they should be thinking very carefully about what rights they might be surrendering when they enter a retailer’s brick and mortar establishment, use its mobile applications like mPerks, or visit that chain’s website.
Retailers stress customer service: Sears, in its mission statement, speaks of trust (Sears mission statement, n.d.); Walmart speaks of saving their customers money and making their lives better (Walmart mission statement, n.d.); and Target speaks of “exceptional guest experiences” (Target mission statement, n.d.). Meijer stresses “core values” which begin with customers “meeting their needs and exceeding their expectations” (Meijer Core Values, n.d.). One wonders how many customers have the expectation of being surveilled?
Consumers are becoming increasingly aware of the degree to which their private information has become a commodity; they would not be wrong to assume that retailers feel the one right consumers absolutely do not have once inside a store or on a website, is the right to be “let alone.”
Consumers might think their buying habits were their own affair as well: Who’s business is it but theirs what they buy, and where? (Kabay & Takacs, 2009). But profiling is not just for criminals, and most consumers likely fail to realize that retailers engage in widespread profiling of their customers (Kabay & Takacs, 2009).
Privacy laws agree with Justice Brandeis and assert that people have some control over information about ourselves (Judy et al, 2009) but we live in the Information Age and information is an increasingly valuable commodity. One business writer used another name for our era: “the era of Big Data” (Matthews, 2012). It is hardly surprising then that consumers find themselves part of a big box “data grab” (Hill, 2012).
Add to this competitive and technologically enhanced environment that in the United States the private sector has generally regulated itself (Judy et al, 2009), and you have a recipe for disaster: Whatever nice things a company’s mission statement might say about customers it must be remembered that corporate entities answers solely to stockholders who want to make a profit.
In their 2010 report, the Federal Trade Commission (2010), found that some companies use consumer information in an “irresponsible or even reckless manner” (p. i). The result is that the old Roman expression, caveat emptor (“let the buyer beware”) has more relevance than ever.
The Data Grab and its Consequences: Gathering Data from Brick and Mortar Stores
The moment they walk into a Walmart or a Meijer store, customers are greeted. And shopping is likely to become more intrusive, not less. Every shopper is likely aware of price scanners and even phones that can be picked up by a customer to request assistance in a department, but retailers are always seeking to be more proactive in their approach.
The Federal Trade Commission (FTC) sought public feedback on the subject of facial recognition software as far back as 2011 (Federal Trade Commission, 2011) and a letter from several members of congress to the FTC in January 2012, expressed concerns that some companies were already employing it unbeknownst to consumers (Barton et al, 2012).
In their report, the Federal Trade Commission (2012) concluded that while the potential for abuse is very real, the relative newness of the technology offers the opportunity to ensure that as the industry grows it does so in a way that benefits both business and consumer (p. 21).
Some retailers now routinely ask customers for their zip codes when they make a purchase. With mPerks you must enter your telephone number to use your virtual coupons. While a zip code is no doubt helpful information for a retailer and no great threat to a consumer, it still represents a degree of intrusion. Some customers decline to volunteer even this much information.
Consumers have to expect to give out more or less personal information depending on what they are buying. If they are purchasing alcohol, for example, they will be required by law to provide proof of age in the form of a valid ID or drivers license. The same might apply to certain pharmacy transactions (e.g. pseudoephedrine), or when purchasing a hunting or fishing license.
Gathering Data from Mobile Apps
Use of mobile devices only serves to expose consumers to more information gathering, not less, and retailers are helpful in providing Wi-Fi for “savvy” (or unwary?) customers (Albright, 2011). Mobile apps like mPerks are a special concern and their use has prompted calls for federal regulation (Johnson, 2013).
These retailers’ apps can now tell customers where to find what they are looking for, down to the aisle number; they can also potentially tell the retailer where the customer is (Yu, 2012). Walmart’s mobile and digital head calls this bringing the online store to the store, a tactic not to be despised because about 1 in 5 sales are lost due to the inability of the shopper to find the item they’re searching for (Yu, 2012).
These apps may allow consumers to shop more efficiently in a brick and mortar environment, but they also allow the retailer to track the consumer much more efficiently. Just as consumers value the commodities provided by retailers, retailers value the commodity provided by consumers: information (Himma, 2006).
Gathering Data from Websites
As a society, we have not yet arrived at the point portrayed in Steven Spielberg’s 2002 film Minority Report where, upon walking into a retailer, big billboards greet consumers by name and in a voice impossible to ignore tells them what they need to buy next, but thanks to facial recognition software, a family walking into a car dealer, for example, could see monitors suddenly flash ads for minivans (Plant, 2012). The underlying technology exists already in the form of online behavioral (OBA) or interest-based advertising (IBA) (Federal Trade Commission, 2009; Understanding online advertising, n.d.).
This predictive technology allows retailers to populate their websites (or in-store monitors) with customer-specific, or targeted ads; in other words, ads for products tailored to their interest based on data previously gathered about their likes and buying habits (Understanding online advertising, n.d.).
The online data gathered comes from what are known as cookies, and among that disturbing quantity of data is knowledge of the consumer’s whereabouts. It is not without reason that in 2009 the FTC published a staff report to address privacy concerns with regards this new technology (Federal Trade Commission, 2009).
Beacons allow companies to track “exact Internet usage and surfing patterns” (Judy et al, 2009, p. 69-15) and since they can be present even in advertisements, these big box retailers will know if a consumer visited other websites that have, for example, Walmart ads present.
It is reasonable to assume that most people would probably decline having Walmart place a tracking device of plastic or metal on their person (for the record, there is no evidence Walmart does this), and they should at least be aware of what they are surrendering when they submit to placement of a tracking device composed of data. Privacy threats are a genuine concern, both for corporations and consumers and questions of “how much is enough?” are more relevant than ever.
If you don’t agree, they say, don’t shop at Meijer. It’s as simple as that. What was all that great stuff they said about customers in their core values again?
The bottom line is that consumers should enjoy a reasonable expectation that their private information remains their property unless and until they consent to give it to, or share it with, another.
A Question of Consent
Unfortunately for retailers, what they might be (and are) doing to siphon more information from consumers is bigger news than the steps they might be (and are) taking to safeguard that information. For example, Business Insider marked New Year 2013 with a piece entitled “12 sneaky ways that big retailers track your every move” (Lutz & McConnell, 2013) and it hardly speaks well of retailers that the Harvard Business Review a year earlier could speak of retailers “fighting” customers’ anonymity (Plant, 2012).
Consumers want their anonymity intact and protected, not fought. The Harvard Business Review cites the example given above of a family presented with minivan ads as a form of “soft surveillance” but retailers need to understand that consumers might see it not as soft but as underhanded, and indeed, retail executives are warned that they need to know “how invasive the company can be” in a particular location, and how such efforts might “affect its relationship with customers” (Plant 2012).
Recommendations for a Better Consumer Environment
Consumers want to know and retailers ought to be more forthcoming about data gathering. Transparency is at least as valuable a commodity in post-Bush America as information and a display of open-handedness is more likely to attract customers than drive them away. The FTC’s 2010 staff report urges companies to address transparency concerns, stressing the importance of detailing changes to privacy policies rather than simply updating them (Federal Trade Commission, 2010).
Retailers would do well to begin their privacy policies with a solemn guarantee of what they will not do to infringe upon the privacy rights of consumers, rather than with a discussion of what information will be collected. Consumers want to know, for example, that they will not be followed by “trackers” who will follow them as they shop, be subject to use of facial recognition software, or to use mobile apps to track their movement through stores and malls (Lutz & McConnell, 2013). The same concerns apply to browsing history.
Many of these technologies are not discussed in the existing privacy policies of Meijer, Walmart, Target, and Sears. But failure to address them is no assurance that they are not currently being, or will not in the future, be employed. A clear-cut, unequivocal rejection will serve better than silence; consumers know these technologies are out there and so they should be discussed. Each concern should be addressed in detail, removing the need for uncertainty and fear at the outset.
Sears ran afoul of the FTC in 2009 when it was found to have provided insufficient information in a disclosure to consumers voluntarily participating in a study (Yan, 2010). It is with good reason that Part IV of the FTC’s 2009 staff letter provided principles for self-regulation (Federal Trade Commission, 2009). The FTC’s first point related to the need for transparency and called for not only a clear statement of intent by retailers but an opportunity for consumers to not simply opt out of OBA but to decide whether they wish to participate in the first place (Federal Trade Commission, 2009). It should not be assumed that failure to say “no” represents consent.
Mobile apps could also be made more consumer friendly and less privacy intrusive. The Federal Trade Commission (2013) observed that operating system providers currently offer app developers “substantial amounts” of user data (pp. i-ii). The FTC recommended that users be given the opportunity to grant their affirmative express consent and to have knowledge of the types of data apps they have downloaded access. It was also recommended that apps have a Do Not Track (DNT) mechanism, which would allow users to prevent tracking by, say, Walmart or their third party affiliates (Federal Trade Commission, 2013).
The FTC urged expeditious adaption of their recommendations (Federal Trade Commission, 2013). For our purposes here, this also means that if they are not now engaging in such tracking, all three companies examined, Walmart, Sears, and Target, should assure consumers via their privacy policies of that fact and make a full disclosure of their mobile apps’ capabilities.
Retailers will benefit from actively cultivating trust more than by simply promising it and the FTC’s repeated calls for transparency are well-noted. There are certainly consumers who will consent to share information when it is asked for if there are benefits to doing so (Kooser, n.d.). Customer loyalty programs like Meijer’s mPerks demonstrate this: In exchange for discounts and special offers, a retailer gains useful insight into a consumer’s buying habits. Requesting, rather than requiring, consumers to share data would provide retailers with useful information about consumers while reducing privacy concerns and the risk of lawsuits and/or regulatory penalties.
In the end, it all comes down to the consumer and what the consumer is willing to tolerate in terms of intrusion into their privacy. But first the consumer must be aware of the existence and then the extent of this intrusion. Only then will informed choices be possible, and only then can retailers be informed by the people they claim to serve, what will and will not be tolerated in a free and open society.
Albright, M. (2011, January 11). Retailers seek to enhance shopping experience through gadgets. Tampa Bay Times. Retrieved from http://www.tampabay.com/news/business/retail/retailers-seek-to-enhance-shopping-experience-through-gadgets/1144841
Barton, J., Farenthold, B., Grijalva, R., Burgess, M., Markey, E., & Chabot, S. (2012, January 31). United States Congress. Letter to the Federal Trade Commission. Retrieved from http://markey.house.gov/sites/markey.house.gov/files/documents/2012_0131%20Letter%20to%20Jon%20Leibowitz.pdf
Everett-Church, R. (2006). Privacy law and the Internet. In H. Bidgoli (Ed.), Handbook of information security, volume 2. New York, NY: John Wiley & Sons.
Federal Trade Commission. (2009). FTC Staff Report: Self-regulatory principles for online behavioral advertising. Retrieved from http://www.ftc.gov/os/2009/02/P085400behavadreport.pdf
Federal Trade Commission. (2010). FTC Staff Report: Protecting consumer privacy in an era of rapid change. Retrieved from http://www.ftc.gov/os/2010/12/101201privacyreport
Federal Trade Commission. (2011, December 23). FTC Seeks Public Comments on Facial Recognition Technology. Retrieved from http://ftc.gov/opa/2011/12/facefacts.shtm
Federal Trade Commission. (2012). FTC Staff Report: Facing facts: Best practices for common uses of facial recognition technologies. Retrieved from http://www.ftc.gov/os/2012/10/121022facialtechrpt.pdf
Federal Trade Commission. (2013). FTC Staff Report: Mobile privacy disclosures: Building trust through transparency. Retrieved from http://www.ftc.gov/os/2013/02/130201mobileprivacyreport.pdf
Ghosh, A.K., Baumgarten, K., Hadley, J. & Lovaas, S. (2009). Web-based vulnerabilities. In Bosworth, et al., (Eds.), Computer security handbook. New York, NY: John Wiley & Sons.
Hill, K. (2012, February 16). How Target figured out a teen girl was pregnant before her father did. Forbes Magazine. Retrieved from http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/
Himma, K.E. (2006). Legal, social and ethical issues of the Internet. In H. Bidgoli (Ed.), Handbook of information security, volume 2. New York, NY: John Wiley & Sons.
Ingersoll, G. (2012, October 22). Retailers may start targeting customers with new surveillance technology. Business Insider. Retrieved from http://www.businessinsider.com/new-surveillance-tech-analyzes-shopper-behavior-to-improve-customer-service-2012-10
Johnson, J.A. (2013). Retailers can protect themselves by protecting consumer privacy. Retail Law Strategist, 13(1), 1-4.
Judy, H.L., David, S.L., Hayes, B.S., Ritter, J.B., & Rotenberg, M. (2009). Privacy in cyberspace: U.S. and European perspectives. In Bosworth, et al., (Eds.), Computer security handbook. New York, NY: John Wiley & Sons.
Kabay, M.E., Takacs, N. (2009). E-mail and internet use policies. In Bosworth, et al., (Eds.), Computer security handbook. New York, NY: John Wiley & Sons.
Kooser, A. (n.d.). About the ethical & practical aspects of using customer loyalty cards. The Houston Chronicle.
Retrieved from http://smallbusiness.chron.com/ethical-practical-aspects-using-customer-loyalty-cards-3287.html
Matthews, C. (2012, August 31). Future of retail: How companies can employ big data to create a better shopping experience. Time Magazine. Retrieved from http://business.time.com/2012/08/31/future-of-retail-how-companies-can-employ-big-data-to-create-a-better-shopping-experience/
Meijer core values (n.d.). Meijer.com. Retrieved from http://www.meijer.com/content/corporate.jsp?pageName=our_values
Plant, R. (2012, August 28). Retailers turn to ‘soft surveillance’ to fight customer anonymity. Harvard Business Review. Retrieved from http://blogs.hbr.org/cs/2012/08/retailers_turn_to_soft_surveil.html
Sears mission statement. (n.d.). About.com. Retrieved from http://retailindustry.about.com/od/retailbestpractices/ig/Company-Mission-Statements/Sears-Holdings-Mission-Statement.htm
Target mission statement. (n.d.). Target.com. Retrieved from https://corporate.target.com/about/mission-values
Understanding online advertising. (n.d.). NetworkAdvertising.org. Retrieved from http://www.networkadvertising.org/understanding-online-advertising
Yu, R. (2012, August 28). Retailers introduce indoor navigation in apps. USA Today. Retrieved from http://usatoday30.usatoday.com/tech/news/story/2012-08-27/big-retailer-mobile-apps/57381210/1
Walmart mission statement. (n.d.). About.com. Retrieved from http://retailindustry.about.com/od/retailbestpractices/ig/Company-Mission-Statements/Wal-Mart-Mission-Statement.htm
Zetter, K. (2009, December 28). Walmart sued over surveillance camera in bathroom. Wired.com. Retrieved from http://www.wired.com/threatlevel/2009/12/walmart-sued/
Image from JSOnline
[Updated 7.8.2013 9:51 am to correct Arkansas rather than Georgia as Walmart's home base]
Big Box Retailers Grab Big Data – What You Need to Know When You Shop was written by Hrafnkell Haraldsson for PoliticusUSA.
© PoliticusUSA, Jul. 8th, 2013 — All Rights Reserved