This is page 2 of:

Shoppers: “That’s Not What I Signed Up For!”

February 22nd, 2012

But in reality, what we have is a situation where thousands of companies simply post privacy policies on their Web sites, embed them in applications, send them in multipage notices or obscure them in one way or another, knowing that consumers have neither the time nor the inclination to read them. This may be fine for the ordinary day-to-day transactions. But when a Web application or a device gathers information that most reasonable people would consider to be intimately personal, or whether it uses that information in an unusual way, the ordinary “simply click here” of day-to-day life may not be sufficient.

The application in question authenticates a user and his or her device by gathering information about how the user has used the device. Thus, if you use your cell phone as an authenticating device, the payment system will examine how you have used the device, who you have called, who your most frequent contacts are, what applications you have installed and how often you have used them, and then essentially create a digital signature of the phone and its user.

This type of data analytics reveals much more about the user than simply the fact that he or she isn’t an authorized individual. The contact information, frequency of use and other personal information could certainly be used by the authenticator to market to that user’s friends and relatives, to develop a profile of his or her personality, to learn whether or not that person is having an affair and a host of other personal information. When you decided to opt into a mobile payment system, did you really think that this was what you were buying?

Another problem with this system, like Target’s CRM data mining, is that it’s all or nothing. If you don’t like my privacy policies or you don’t like my settings, well, find yourself another mobile payment system or get out of the loyalty program. It’s my way, or the highway. In many cases, the consumer either has no choice or the available choices are so limited that it amounts to virtually no choice.

As a result, the permanent loss of intimate privacy ends up being a cost of doing business in a modern society. Once this privacy is lost to a specific merchant, it may be lost to all merchants and to other third parties. We can all anticipate a situation where, once the payment system has authenticated you, law enforcement or other government agents can now collect that information from the merchant in furtherance of some legitimate investigative need. Privacy, like virginity, once given up cannot be restored.

So for companies that are thinking of gathering intimate information, or information about which they believe consumers might be squeamish, I suggest there be a super opt in. In addition to the normal privacy policy containing a host of terms and conditions that no consumers are really going to read, if you truly want the “benefit of the bargain” with the consumers willingly giving away their privacy in return for some feature, then I suggest you tell them about it in bold print with capital letters in a 14-point font and throw in a few exclamation points while you are at it.

If you are collecting the names of consumers’ friends and relatives and intimate personal information, and using information for unusual purposes or other “non-standard” uses, then I suggest you tell your customers. Something like, “Hey, this is not the ordinary privacy notice. This is important.” might work, although I am not sure customers would even read that. What you really want to do is make sure customers really do know what they are getting into.

If you disagree with me, I’ll see you in court, buddy. If you agree with me, however, I would love to hear from you.


Comments are closed.


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 60,000 retail IT leaders who subscribe to our free weekly email. Sign up today!

Most Recent Comments

Why Did Gonzales Hackers Like European Cards So Much Better?

I am still unclear about the core point here-- why higher value of European cards. Supply and demand, yes, makes sense. But the fact that the cards were chip and pin (EMV) should make them less valuable because that demonstrably reduces the ability to use them fraudulently. Did the author mean that the chip and pin cards could be used in a country where EMV is not implemented--the US--and this mis-match make it easier to us them since the issuing banks may not have as robust anti-fraud controls as non-EMV banks because they assumed EMV would do the fraud prevention for them Read more...
Two possible reasons that I can think of and have seen in the past - 1) Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code. 2) Also, in offline chip countries the card determines whether or not a transaction is approved, not the issuer. In my experience, European issuers haven't developed the same checks on authorization requests as US issuers. So, these cards might be more valuable because they are more likely to get approved. Read more...
A smart card slot in terminals doesn't mean there is a reader or that the reader is activated. Then, activated reader or not, the U.S. processors don't have apps certified or ready to load into those terminals to accept and process smart card transactions just yet. Don't get your card(t) before the terminal (horse). Read more...
The marketplace does speak. More fraud capacity translates to higher value for the stolen data. Because nearly 100% of all US transactions are authorized online in real time, we have less fraud regardless of whether the card is Magstripe only or chip and PIn. Hence, $10 prices for US cards vs $25 for the European counterparts. Read more...
@David True. The European cards have both an EMV chip AND a mag stripe. Europeans may generally use the chip for their transactions, but the insecure stripe remains vulnerable to skimming, whether it be from a false front on an ATM or a dishonest waiter with a handheld skimmer. If their stripe is skimmed, the track data can still be cloned and used fraudulently in the United States. If European banks only detect fraud from 9-5 GMT, that might explain why American criminals prefer them over American bank issued cards, who have fraud detection in place 24x7. Read more...

Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.