Tobacco Company Market Research Program Violates Consumers’ Privacy
Originally Published in the DM News – February 22, 2004
Let’s
face it. As consumers, we’ve run out of places to hide. It seems like no matter
where we go, there’s a company who wants to know more about us so they can do a
better job of selling us something. Frankly, I don’t mind. In fact, I tend to
be fairly generous with my personal information. Particularly when I’m dealing
with nationally recognized brands. Maybe that’s why I found the following data
collection program so unsettling.
Last
Friday night, I went out to my favorite local watering hole to listen to some
music. Once inside the establishment, I noticed an attractive young lady holding
what looked like a clipboard, speaking with a few of my fellow patrons. I’ll
call her Mary. I watched Mary for a little while, and noticed that many of the
people she spoke with appeared to be giving her their credit card in return for
a small gift. So I concluded that Mary was selling something. And judging by
the number of patrons who gave Mary their card, it must have been a good deal.
After
a few minutes, it was my turn to chat with Mary. I asked her what she was
selling. I was surprised to hear that Mary wasn’t selling anything at all. She
worked for a large tobacco company, and wanted to know if I’d participate in a
brief survey in exchange for a free lighter. While I’m not a smoker, I said
‘yes’. I figured that the survey was anonymous and that maybe it had something
to do with the anti-smoking legislation enacted in New York recently.
I
was wrong on both counts. Mary asked for my driver’s license so she could scan
it into the clipboard sized computer she was holding. I asked Mary why her
company needed my driver’s license. She said that the company wanted to ensure
that I was 21 years old, and they also wanted my name and address ‘for their
records’. Mary had no idea why they needed my name and address, and she wasn’t
particularly accommodating when I asked her to call her supervisor and find
out. After a moment of polite chitchat, she moved on to the next person.
Mary
could not understand why I was reluctant to hand over my driver’s license to
her. After all, by doing so I would be rewarded with a shiny lighter. So what’s
the big deal, right?
Trust
me, Mary. This IS a big deal.
In
exchange for a $2 lighter, several bar patrons were providing their names and
addresses to Mary. Of course, that’s not all they were providing. A New York
State DL contains the date of birth, height, eye color, sex, organ donor
status, a digitized signature, a personally identifiable DL #, and most importantly,
the driver’s picture. And people were providing this information without giving
it much thought.
I
wonder if my fellow patrons realize that what they were giving away was far
more valuable than a lighter. Of course, people have the right to provide their
personal information to any organization they’d like. I just wish they’d ask
more questions before doing so.
A
few people that night asked me if what the tobacco company was doing was legal.
There is a privacy law called the Driver's Privacy Protection Act of 1994.
(DPPA) It was originally enacted to keep States from selling diver’s license
records. Some legal experts feel that the DPPA could be used to contest
driver's license scanning by companies conducting market research. However, the
practice not been challenged in court yet.
There
are also a handful of guidelines for responsible data collection that were
established by the U.S. Government over 30 years ago. These guidelines have
been restated time and time again by the FTC, and are generally accepted by the
direct marketing industry as acceptable practices. Basically, the guidelines
state that companies should obtain a consumer’s informed consent prior to
collecting any personally identifiable data. In other words, a company should
let consumers know they are collecting their personal information, what they
plan to do with it, and how long they plan to keep it. And the consumer must
give the company express or implicit permission for the company to collect his
or her data.
I
have no idea what happens to the data that Mary scans into her computer. Maybe
the tobacco company keeps all or some of the data. Perhaps they dispose of it
entirely. Mary couldn’t tell me, and the tobacco company didn’t return my
calls.
The
purpose of this article is not to condemn this practice on legal grounds. Let’s
concede that it is legal for a company to collect data in this manner. However,
just because something is technically legal doesn’t mean that it is ethical.
And sending attractive twenty something representatives into places where
patrons are known to have diminished capacities is not market research - it’s
bad business.
Why
is it bad business? Collecting data in this way plays into the fears of
consumers, whom we all know are increasingly wary of providing personal
information to companies. The specter of a company putting together a profile
that combines age with smoking habits and selling that information to life
insurance companies is quite real in many consumer minds. And if the company
collecting the data isn’t telling the consumer what will happen with their
data, the consumer mind is free to think the worst.
The
net result is that when a company is not completely open with a consumer
regarding their data collection practices, they make it less likely that the
consumer will give up their information to the next company who asks. And that
makes life harder for the rest of the consumer marketing industry.
Moreover,
how valid is information collected under these circumstances? Mary was
surveying bar patrons long after midnight on a Friday evening. It’s pretty
likely that some of the respondents were under the influence. Is the tobacco
company relying upon the accuracy of these responses to help them achieve their
marketing objectives?
Think
about it this way. ‘Nude celebrity’ websites also ask for driver’s license or
credit card information ‘so that they may verify age’. Does any legitimate
business want their data collection strategies to be lumped into that category?
The
political climate has changed dramatically over the past few years. The
national do not call list and Can-Spam Act are the most recent examples of the
Government stepping in when self-regulation wasn’t effective. These types of
data collection practices are an invitation for the Government to step in. And
if the Government gets involved, nobody in the industry is going to be happy
about it. Think about the total cost to your organization of the recent state
and federal SPAM legislation. Why wait until the Government gets involved?
Let’s end this practice right now.
Sound
marketing programs build consumer’s trust. They foster a relationship between a
company and a consumer. Is this data collection program good business? You tell
me…