Can the Pizza Guy Sell my Personal Information?
A pop quiz from Consumerist:
Pizza delivery companies, since they are called so frequently by consumers, are a hub for collecting personal information. A delivery company can collect and aggregate caller identification information (typically name and phone number), ask the customer for their phone number (which may be different than what is displayed by caller identification), and in order to process the order, acquire the delivery address. Pizza delivery information is used by private investigators and by governments to track individuals. In the marketing context, pizza delivery databases have been discussed as source for phone numbers for wireless 411 databases.
Consumerist links to a research paper by Chris Hoofnagle and Jennifer King about the perceptions or misperceptions regarding "off-line" privacy practices in California. Access a copy of the paper here [pdf] [Consumer Law and Policy Blog].
I've often been struck by how differently people treat online and offline privacy. I guess in the same way that people treat online and offline marketing communications as totally different animals. Why is it that direct mailers have retained the ability to send unsolicited marketing communications which arguably cause greater inconvenience and impose a greater cost than online marketers (who are arguably more regulated, do not mail list notwithstanding)? I guess in general, what is it about online corporate behavior that causes people to be up in arms in a way that they are not vis a vis offline corporate behavior? (Someone has written a book about online hordes and mobs I'm sure which explains all of this.) On a related note, why do companies seem to push the envelope offline and freely engage in the sharing of information in a way that they never would online.
The related question is . . . why from a policy standpoint would you treat the sharing of customer information differently if it's done by an online as opposed to an offline business? Personally I can't think of any good reasons why (maybe to encourage the growth of online commerce, but that hardly seems necessary at this point), but there must be. Otherwise we would not have laws such as California's Online Privacy Protection Act which seems to impose restrictions on the collection and sharing of customer information only on "operators of commercial Web sites" Of course, the easy explanation is that legislation is rarely driven by levelheaded policy considerations. How else could you explain something like the Video Privacy Protection Act (well known to be enacted following the confirmation hearings of then-Judge Bork, where his video rental records were sought and obtained)?
I guess at a certain point, as more and more commerce moves online or involves an online component, this will be irrelevant. Maybe not. Maybe we still need to be watchful of our privacy in those everyday convenience store transactions that are likely to remain offline indefinitely?
Comments