A Wall Street Journal article earlier this week reported that Visa and MasterCard are exploring new ways to take data about your buying habits in the brick-and-mortar world and let online marketers use that information to target you with ads when you browse the web. But buried a little ways down in the article are some details that are considerably more alarming. Visa, the article says, wants access to everything from your insurance claim history to your Facebook friends list to your DNA. Yes, you read that right:
According to a Visa patent application published in April, the company sees potential to use a wide array of personal details to create profiles that could be used for ad targeting well beyond shopping details. It describes the possibility of also using “information from social network websites, information from credit bureaus, information from search engines, information about insurance claims, information from DNA databanks,” and other sources.
This is a huge can of worms, warns Lillie Coney, associate director of the Electronic Privacy Information Center. “This is going to be problematic,” she says, because there isn’t any legislation in the U.S. that would explicitly prohibit collecting this kind of information. And while companies might initially see this kind of data as nothing more sinister than market research on steroids, Coney says a repository of such intimate data would prove irresistible for all manner of other organizations — some of which won’t just want to sell you books.
Forming any kind of a DNA database creates an “If you build it, they will come” situation. “If this becomes a requirement of application [for credit], they’re going to have a database of DNA that could be sold, that could be marketed,” she says. Any entity — from an employer to a health insurer to a law enforcement agency — could potentially have access to your most personal details. “It’s not going to sit there and not be used,” she says.
What if a company decides not to give you a credit card because it has used DNA to discover that a relative of yours doesn’t pay his or her bills? What if they take a peek at your genetic code and see that you’re at risk for an expensive health ailment and decide to deny you credit?
“It sounds far-fetched,” she admits, but credit card and reporting companies have already proven themselves remarkably skilled at integrating seemingly unrelated parts of your life into their calculations. This is why people with lower credit scores might have to pay higher car insurance premiums, for example. According to Coney, if these companies have their way, this could be just the tip of the iceberg.
What’s more, if a big financial institution has a data breach today, you may have to fight fraudulent charges or outright identity theft. What if that wasn’t just your Social Security number, but your fingerprints or DNA that a cybercrook got his hands on? “What identity theft victims are dealing with now would be nothing compared with what could happen,” Coney warns.
Beth Robertson, director of payments research at Javelin Strategy & Research, discusses this topic in a recent blog post. Javelin is a research company that serves the financial services industry, so her take on Visa and MasterCard’s quest for more personal consumer information is far more sanguine than Coney’s. But she makes a couple of points that consumers would do well to keep in mind.
“Very similar concepts are already in [the] market,” she writes. It’s a point Coney makes as well; financial companies, websites where we shop and other businesses collect far more information about us that most consumers realize. Guarding your personal information will probably become more important and more challenging in the future, but shoppers concerned about their privacy should already be cautious about where they fill in their email address or cell phone number, or what kind of programs they give access to places like their social networking profiles.
Some of this information is used in a way that benefits consumers, Robertson says; detailed data about purchase habits can help a company notice suspicious or fraudulent activity quickly. And online and mobile coupon or reward programs are designed to give customers a discount in exchange for information. “Consumers always have the ability to opt-out of participating in these programs, but they rarely do, as the rewards offers they typically receive are highly targeted to their interests,” she observes.
This last observation worries Coney, who says consumers might not realize the depth of information they’re already giving marketers in exchange for marked-down prices. “There’s nothing free,” she says.