Big Brother Watch supporter, Tank Green, explains how she discovered her card payments were used to link her in-store and online shopping – and how she challenged it.
I’d wager that almost everyone reading this blog post has at least one preferred retailer that they have shopped from both on and offline. For instance, you might get your groceries delivered once a month, but do smaller weekly top-up shops from a bricks and mortar version of that same retailer. Or maybe you sometimes buy from your favourite clothes shop online when you are certain of your size, and sometimes go in-store if you need to try something on.
Would you expect that the seemingly anonymous purchases you make in store to be linked to your online identity? As I found out, they sometimes are.
Recently, I went to a real-world Gap store and bought a pair of trousers using my credit card. I provided no details of who I was to the cashier.
However, a couple of days later, I received the following email:
I found this email deeply unsettling: how on earth could Gap have known I was there? How had my seemingly anonymous purchase been linked to me as a named, private individual without my consent? I was so alarmed that I immediately emailed Gap’s privacy team to find out what had happened.
Over the next three weeks, I emailed my request for information four times. Eventually, I received a reply:
I found this explanation (and how hard I had to work to get it) extremely troubling. Firstly, retailers are not allowed to store card details without a customer’s consent. Secondly, signing up to receive marketing emails did not mean that I was consenting to be tracked in real life: it simply meant that I wanted to be alerted to sales and promotions events via email.
Needless to say, Gap has lost a customer over this: I value my right to privacy and any company which does not respect that right does not deserve my money.
However, it was not enough for me to just boycott Gap: I also decided to put in a complaint to the Information Commissioners Office (ICO) as I believed that Gap’s actions were a breach of the Data Protection Act. It turns out that so did the ICO:
The ICO upholding my complaint is a mini-victory for our right to privacy. But if Gap is doing this, I strongly suspect that other retailers are too.
So be aware – are your favourite shops tracking your spending?
If you suspect that they are, let Big Brother Watch know – and don’t be afraid to challenge them!