Warning: Your card purchases are sold to data brokers
By Allie Johnson
November 19, 2014
If you think your credit card purchases are nobody else's business, think again: Many retailers are selling consumer transaction details to data brokers.
A 2014 Federal Trade Commission report found that over 2,500 retailers sell, swap and share information on consumer credit and debit card purchases.
So, whenever you swipe your card, the store might disseminate data on the type of item you purchased – for example, natural food, toothpaste or high-end shoes – as well as the dollar amount you spent and the date of purchase, according to the FTC report, “Data Brokers: A Call for Transparency and Accountability.”
Before the FTC report came out, consumer advocates knew that data brokers were getting their hands on consumer purchase data, but hadn't been able to prove it was being sold to them by retailers, says Pam Dixon, executive director of the World Privacy Forum, a nonprofit public interest group that has researched data brokers for over 15 years.
“We've finally got full confirmation that this is happening,” Dixon says.
How data brokers find out what you buy
Paying cash makes it fairly easy to keep the contents of your shopping cart secret. But plastic is different, Dixon says: “Credit and debit cards link your purchases to you.”
That's because simply swiping your card gives a retailer two important pieces of information: your name and card number. And at checkout, retailers often ask for your zip code, which can make it easy to find out more, including: your address, email, phone number, whether you're married, how many kids you have and how much money you make, Dixon says.
“We've finally got full confirmation that this is happening.”
–Pam Dixon, World Privacy Forum
If you have an unusual name or live in a sparsely populated area, the retailer might not even need your zip code to figure out who you are, says Paul Stephens, director of policy and advocacy for the Privacy Rights Clearinghouse, a nonprofit consumer advocacy group.
The data, along with a list of past purchases, can help the retailer target market to you — and the data can get traded or sold to a data broker, a company that collects, packages and resells consumer information.
Unlike consumer reporting agencies such as the three major credit bureaus, which provide information to help with decisions on lending, insurance and employment, most data brokers do not have to comply with the Fair Credit Reporting Act, Stephens says.
That means consumers don't have any right to control or see the information collected about them, or get errors corrected, he says.
The information about what you bought can be used to draw conclusions about you, and you can end up on mailing lists of certain types of consumers. For example, lists for sale on NextMark.com include frequent smokers (the list sells for $200), allergy sufferers ($95), consumers who have had their credit card declined ($85), birth control users ($70) and obese consumers ($50).
But targeting advertising and marketing to consumers based on their characteristics and interests isn't necessarily a bad thing, some say. Many consumers welcome personalized offers because they find them useful, says Richard Feinberg, professor of consumer sciences and retailing at Purdue University. “Consumers gladly give information to companies that will add value to their lives,” he says.
But consumers who value privacy might not want companies compiling and distributing detailed personal information linked to their names, Stephens says.
However, many consumers aren't aware that is happening, and don't even think to ask retailers if they're sharing information. And, if they do ask, the cashier probably won't know, Dixon says.
“This is all happening on the back end,” she says.
Can you protect your information from data brokers?
You can't prevent data brokers from getting some information about you. However, you can take steps to keep some of your information private. Here are five tips:
- Just say no to nosy retailers. When a retailer asks for your zip code or other information not needed to complete a transaction, decline to provide it. Consider setting up secondary email addresses for online shopping and be cautious about signing up for sweepstakes, store programs and deals, Stephens says. “Minimize the amount of information that you give out,” he says.
- Don't use credit or debit for very sensitive purchases. Making a purchase you'd rather keep private — such as cigarettes, liquor, adult items or medical supplies that could signal a health problem? “Take a minute, go to the ATM and pay cash,” Dixon says. Or, you could use cash to purchase a gift card to a store where you plan to shop, she says, “at least that gives you some of the convenience of plastic at the checkout.”
- Be cautious with store loyalty programs. Have a wallet full of store loyalty cards? Don't swipe them for purchases you don't want recorded, says Gautam Hans, policy counsel for the Center for Democracy & Technology, a nonprofit that promotes civil liberties. If you use cash but also hand over your loyalty card for a discount, your purchase can be linked to your name and other identifying information, Hans says. “In most states, information from loyalty programs will be shared and will be used for marketing purposes,” Stephens says, although it's illegal in California for supermarket club card issuers to request, sell or share certain personal information.
- Opt out from data brokers when you can. Some data brokers will allow you to opt out of having your information collected and shared, Stephens says. The World Privacy Forum offers a list of data brokers that allow full or partial opt-out, along with links to the opt-out pages.
- Consider using a digital wallet. Digital wallets such as Apple Pay and Google Wallet might help protect consumer privacy around purchases, Dixon says, adding that the forum is researching the issue. Your purchase data still will go to the digital wallet company, Dixon says. “But it does take your data out of the point of sale at every single place you shop,” she says.