The Freedom Bulletin

After reading this article in the New York Times Magazine, I will never feel the same way about shopping at Target again.

“The desire to collect information on customers is not new for Target or any other large retailer, of course. For decades, Target has collected vast amounts of data on every person who regularly walks into one of its stores. Whenever possible, Target assigns each shopper a unique code — known internally as the Guest ID number — that keeps tabs on everything they buy. ‘If you use a credit card or a coupon, or fill out a survey, or mail in a refund, or call the customer help line, or open an e-mail we’ve sent you or visit our Web site, we’ll record it and link it to your Guest ID,’ Pole said. ‘We want to know everything we can.’

Also linked to your Guest ID is demographic information like your age, whether you are married and have kids, which part of town you live in, how long it takes you to drive to the store, your estimated salary, whether you’ve moved recently, what credit cards you carry in your wallet and what Web sites you visit. Target can buy data about your ethnicity, job history, the magazines you read, if you’ve ever declared bankruptcy or got divorced, the year you bought (or lost) your house, where you went to college, what kinds of topics you talk about online, whether you prefer certain brands of coffee, paper towels, cereal or applesauce, your political leanings, reading habits, charitable giving and the number of cars you own.”

When Target faced some backlash about this invasion of privacy (for example, after it sent baby coupons to the home of a pregnant teen whose family didn’t know she was pregnant), they decided not to scale back their information-collecting but to hide it from customers:

“The question became: how could they get their advertisements into expectant mothers’ hands without making it appear they were spying on them? How do you take advantage of someone’s habits without letting them know you’re studying their lives?”

The answer that Target devised was to send people combinations of behaviorally-targeted coupons and coupons that they knew the customers would never use, so that it would look like a standard, non-targeted set of coupons. As a Targer executive explained, “We started mixing in all these ads for things we knew pregnant women would never buy, so the baby ads looked random. We’d put an ad for a lawn mower next to diapers. We’d put a coupon for wineglasses next to infant clothes. That way, it looked like all the products were chosen by chance.”

Creepy, huh? What makes it creepier is that according to the article, all of this tracking is within the law.

This demonstrates to me, at least, that we need stronger laws against behavioral tracking, not only on the Internet but in physical stores like Target as well. Stores need to collect some information in order to function, for example, they need to run credit cards through a computer in order for people to pay, and cashiers need to see what a customer is purchasing inorder to ring up the transaction. It also makes sense for stores to track which items are the most popular, which items are returned the most often, in which seasons certain items are most frequently bought, and other general statistics. But in my opinion, unless customers consetnt, it is not okay for stores to create profiles of individuals, in other words to connect information about what a particular customer purchased from one visit to the next. If someone wants to consent to being tracked, perhaps in exchange for coupons or other discounts, fine. (Although there is a fine line between this and punishing people who do not want to be tracked by charging them higher prices, which is not fine.) But for businesses to track personal information about their customers without giving them any meaningful choice in the matter violates people’s rights to privacy and liberty.

The European Commission is considering a law that would greatly strengthen online privacy and restrict companies’ ability to track and store people’s Internet activity without their knowledge or consent. According to the New York Times:

Europe is considering a sweeping new law that would force Internet companies like Amazon.com and Facebook to obtain explicit consent from consumers about the use of their personal data, delete that data forever at the consumer’s request and face fines for failing to comply.

The proposed data protection regulation from the European Commission, a copy of which was obtained by The New York Times, could have significant consequences for all Internet companies that trade in personal data, whether it is pictures that people post on social networks or what they buy on retail sites or look for on a search engine.

The regulation would compel Web sites to tell consumers why their data is being collected and retain it for only as long as necessary. If data is stolen, sites would have to notify regulators within 24 hours. It also offers consumers the right to transport their data from one service to another — to deactivate a Facebook account, for example, and take one’s trove of pictures and posts and contacts to Google Plus.

This kind of law is exactly what not just Europe but the entire world needs. Companies should not be allowed to collect vast amounts of data, which they keep indefinitely, about people’s most private activities, when people are neither aware that this information will be seen by anyone but themselves, or given any true choice in the matter. As a country that was founded on the idea of individual rights, America should be paying as much attention as Europe does, if not more, to the right of each person to use the Internet while also maintaining their privacy.