It was the late 1990s. My then-boyfriend/now-husband and I popped into Radio Shack, an electronics store, to buy a small part for our home entertainment center.
We set our $5 item on the counter to pay. The clerk smiled and readied his hands to type information on a keyboard that was attached to the cash register.
“Name, address, and phone number, please?”
My husband shook his head no, declining to give the clerk that information while still pulling money from his wallet to pay.
“Well, I can’t sell you this item unless you give me that information,” the clerk shrugged.
“If I make up a name, address, and phone number right now, then can you sell it to me?”
“Well, we don’t want that!” the clerk retorted.
“And I don’t want to be part of your marketing experiment,” my husband replied.
We walked out, went somewhere else for the part, and never returned to Radio Shack.
(Side note: Radio Shack eventually changed its in-store customer data collection practices. They also declared bankruptcy in 2015 and 2017 and closed hundreds of stores.)
Consent: Who’s Responsible for Data Privacy?
You can probably think of at least one time when you’ve given your personal information to a company during an online or offline transaction: your name, home address, phone number, e-mail address, credit card number, birthday, health information, social security number, or bank account number.
But chances are, you probably have no idea how many companies wind up actually possessing your data because your original “ok” came with a chain of “oks” to share that data with other companies.
And that might not necessarily be a big deal – if it was a given that those other companies were mindful and protective of your most sensitive credit card, health, or financial data.
Or that it wouldn’t eventually become part of a security incident or data breach.
But unfortunately, that level of consumer trust in business isn’t there. And with 2,000+ data breaches reported in 2019 alone, maybe that’s with good reason.
According to a November 2019 study by the Pew Research Center, 79 percent of Americans aren’t confident “that companies will… take responsibility if they misuse or compromise personal information.”
The same study said 69 percent “have this same lack of confidence that firms will use their personal information in ways they will be comfortable with.”
Who Has Power Over Your Data? Generally, Not You.
At the moment, data privacy laws like GDPR and CCPA are a step toward customers having greater control of the data they share with the businesses. But legislation is complex, which means it won’t be easy for companies to implement. Meanwhile, their privacy practices may be slow to change.
So how can you take at least some control? You’ve probably heard the standard, spot-on advice about changing your passwords regularly, setting up a PIN for your mobile device, keeping your malware defenses updated, being careful with free wi-fi, securing your home wi-fi, and not clicking on strange links in strange e-mails, for example. Maybe you’ve done those things, and maybe you haven’t.
But here are some more ideas to take more power over your personal information.
- Read up! According to the Pew study, 59 percent of Americans know nothing or very little about what is done with the information companies collect about them. So, find out! Read the privacy policies of the places where you do business.
Yes, yes. I know! Privacy notices aren’t sexy, right?! They’re nowhere near as relaxing to read as that New York Times best seller you picked up for your beach trip last summer. But what you read in a privacy notice may daze you just as much as the plot twist in that beach read.
I recently came across a privacy notice for a bank that shares sensitive customer data (social security number, account balances and transaction history, credit history) with other companies even when customers are longer customers. It also won’t let you say no to their sharing your data with other financial companies.
The notice doesn’t detail those other companies or their data protection practices, but we do know that, according to a study by Verizon, about 10 percent of breaches occur at financial services companies. (Can you hear me now?)
To be fair, the bank is doing what the law allows. By reading up, at least you’ll understand what power you have over your data and be ok with it, limit sharing, or decide to walk away from the relationships or transaction.
- Dig into the settings of your online life. Most people seem to understand that websites and apps collect information about your browsing, location, and purchase history. You open an app or sign into a site, buy something, and have the item shipped to your house. You then sign out or close the app. It may not bother you that the company tracks that data for their own purposes. But that’s just the beginning.
A new feature within Facebook’s privacy settings called “Off-Facebook Activity” just shined a spotlight on the likelihood that just about every website or app you use links your browsing and purchase activity back to your account on Facebook.
I checked my “Off-Facebook Activity” settings and discovered 491 websites had linked data about my visits, browsing history, and purchases back to Facebook. The same Facebook that has been plagued by data breaches in the past couple of years.
So navigate to the privacy settings on your social media profiles, free e-mail accounts, and web browsers. Understand what you’re sharing, and how you can use the privacy options to control what you wish.
- Say something. If you don’t like the data privacy policies where you do business, or if you find them confusing, then speak up. Put that feedback on a comment card, in an e-mail to the company, or on a survey. Right now, several U.S. states are working on privacy legislation. The U.S. Congress is considering multiple bills toward a national data privacy standard (although they’ve been slow to advance). Companies that collect and share your personal data can do so only to the extent the law allows. So, contact your elected officials and support laws that are in line with what you expect as a consumer.
Some say the conversation around data privacy is just getting started. It’s been a thing at my house since the ‘90s. But the rise of the internet, mobile devices, smartphones, and social media has made the conversation more complex.
However, awareness is building. Some technology companies are already developing products that include considerations for consent and privacy in the product design. That’s great news for what lies ahead for customers who want more control over their personal data.
Want to build consumer trust
or learn more about
new data privacy laws?
We’ve got you covered!