jgd@Dixie.Com (John G. DeArmond) (04/06/91)
imp@Solbourne.COM (Warner Losh) writes: >The Safeways around here have something called a preferred customer >card. If you make more than $100 in purchases, you start to get >coupons for free stuff (these are fixed, everyone gets the same >coupons). Does anybody know if they record the purchases as well? Yes. This is probably the most insidious form of privacy invasion currently underway . Before I describe what is going on, let me qualify myself. Up until about 6 months ago, I was a software development manager hired as a consultant to manage the development of what was/is to be one the largest personal lifestyle data collection systems in the nation. This system will be known as GiftLink (a name change may be in the works) and is a joint effort between GTE, several of the major consumer goods manufacturers and Kroger (mainly as a test market). I left the project after I realized what was going on. I've sat quiet for these 6 months even though I had no contractural obligation to do so but now it's time to speak out. What you buy, what sequence you buy it in, when you buy and where you buy is considered to be some of the hottest data available today. All kinds of schemes are being tested, from smart carts in some Kroger stores here in Atlanta that track your motions through the store to much more evil schemes such as GiftLink. There are several competing products to GiftLink already on the market. Citibank operates probably the largest one. The safeway system is yet another. In most cases, the program is passed off to unsuspecting customers as nothing more than electronic trading stamps. The customer simply subscribes to this neat incentive buying service, gets a card that is presented during each checkout, and in return, they get trinkets as a reward for unwittingly giving away intimate details about their life. Here's what happens. All modern Point of Sale (POS) systems have the capability to collect extremely detailed transaction records. Typically, the UPC code, the time&date stamp, the quantity, the checkout lane and the price are captured. When special software called demographics code is installed on the POS computer, the purchase transaction consisting of all the individual item records can be associated with an identifying number. This scheme was originally developed to assist in test marketing. People would be given code numbers - not associated with any individual but with groups - and asked to give the number at the checkout. Thus, general buying demographics could be collected while not invading the privacy of an individual. The frequent buyer people realized that this scheme could be extended to allow a number to be assigned to each customer which would allow tracking purchase habits in great detail. This data is so valuable that in the event the POS system is old enough to not collect all the detail, snooping hardware has been built that literally logs the cahsiers' keystrokes. The system I designed is intended to collect data from the thousands of participating stores around the country, filter it, and transmit it to a mainframe for further processing. This massive database stores each item you buy while participating in a frequent buyer program as well as when and where you bought it. EVERY SINGLE ITEM. Citibank (and probably others) have been doing something similiar with credit card purchases for years. This is much worse, however, because the use of coded membership cards coupled with UPC coding on all products allows collection detail not possible from credit card invoices. Plus data can be collected even on cash sales. Obstensibly this data is to be collected into 2 databases. One contains all the detail associated with user id numbers. The other contains summary data along with identifying information such as name, address, phone number, etc. In the case of GTE, they state that they will not merge these databases. It is my opinion that they cannot avoid merging the databases because a) they do not have absolute control and b) the data is simply too valuable. It may not be obvious what this system can do to the private individual. I'm going to point out a few things. Since these databases contain information on every single item you buy under the program, incredable detail about your life can be modeled. For example, it is trivial to figure out how much red meat and high chlorestrol foods you buy. Or how much booze or beer you buy. Or when your wife buys an early pregnancy test. Or what OTC drugs you might buy in order to treat illnesses that you don't want on the record. Consider what this information is worth to the insurance industry. Consider how much they would pay for this information. Then consider how long this data is going to be kept confidential. Worse, consider the INACCURATE conclusions that can be drawn from analysis of this data. Your buying fatback meat for your dog could flag you as a high heart attack risk. Your buying an EPT test kit just to see what's in it could flag an incipitent pregnacy. Your buying a lot of beer to season the food that you cook and donate to the local old folks shelter could flag you as a drunk. It would do well to remember how compassionate the insurance companies are to people that they can legally screw. Or consider what the IRS could do toward lifestyle modeling if they had access to accurate figures on your total outlay for food and other essentials. Suppose you spend more on food than the model assumes. You get audited because the model says you're probably not reporting part of your income. Remember that with the IRS, you are guilty until proven innocent. This is a call to action. Forceful action should be taken at once. The first thing that you can do is to NEVER give ANY identifying information to a store. Not even your phone number. A phone number is all that is needed to match your transactions to your name and address. Secondly, always pay in cash. Not checks, not debit cards but good old greenbacks. One of the best ways to mask your habits is to always get your money from the same automated teller, and always for the same amount. Third, if you detect your favorite store messing around with any kind of customer tracking programs, complain loud, long and often. Nail the store manager every time you go in. Write letters and make phone calls to the store's home office. Write letters to your newspaper. Consider a petition campaign. Also consider windshield flyers for cars in the parkings lots. (lightening speed is necessary here :-) Consider door-to-door or neighborhood handbill campaigns. Polls show that an overwhelming majority of people today are concerned about their privacy. This is the issue that can catalyze people to action. All people need is a well defined evil to focus on. Just as the LA cop beating galvanized people against the cops, so can this issue motivate people to fight for their privacy. Let's do it!!! John -- John De Armond, WD4OQC | "Purveyors of speed to the Trade" (tm) Rapid Deployment System, Inc. | Home of the Nidgets (tm) Marietta, Ga | jgd@dixie.com |"Politically InCorrect.. And damn proud of it
marks@ssdevo.enet.dec.com (Randy Marks) (04/11/91)
In article <9296@rsiatl.Dixie.Com>, jgd@Dixie.Com (John G. DeArmond) writes...
[very informative article about POS data collection deleted]
I'm wondering if the same thing is going on with these new services
which allow you to pay your bills by phone. The info is not as detailed
as the POS scanners which John described, but it does allow a central
electronic collection point to amass data about your household which
is not available otherwise. I chose not to subscribe to such a bill
paying service for this reason.
Randy Marks
(UUCP) {decvax,ucbvax,allegra}!decwrl!ssdevo.enet!marks
(INTERNET) marks@ssdevo.enet.dec.com
(domain-based INTERNET) marks%ssdevo.enet@decwrl.dec.com
..........................................................................
From rare places come rare experiences.
..........................................................................