Authors: Martin Lindstrom
And in April 2011, a firestorm erupted when it was discovered that the iPhone, the 3G version of the
iPad, and Google’s Android phone all contain software that silently tracks and records the user’s location—and has been doing so, unbeknownst to the vast majority of users, for a year or longer. In the case of the Android, the software records data about the user’s location as frequently as every few seconds, then transmits that data back to the company, where it is stored in a database, as regularly as every few hours. In the case of the iPhone and iPad, two San Francisco programmers discovered, the data also gets stored in a file that is automatically copied onto the hard drive of any computer synced to the device. Meaning that if I charge my iPad on a colleague’s or acquaintance’s computer, he or she now possesses a permanent record of my whereabouts over the last year—in a file that could be easily hacked, copied, or disseminated via the cloud. And the worst part? Various reputable news outlets report that
Apple has been loading up phones with this software—which can’t, by the way, be turned off—without users’ knowledge; it simply appeared one day, silently and invisibly, as part of a (seemingly) routine upgrade. Understandably, privacy advocates were
outraged at this blatant attempt to capture what the
Wall Street Journal
cites as a “$2.9 billion market for location-based services.”
The newest ploy to turn our own cell phones into data-mining tools? An iPhone app called
shopkick, rolled out in November 2010, just in time for the holiday shopping season, which offers reward points for shopping. Redeemable everywhere from Macy’s to Sports Authority to Best Buy, a few points are awarded for simply checking into a store, more points for scanning a product, and, of course, still more points for buying. But of course, that’s not all you get. Each time you check in to a store, scan a product, or make a purchase, shopkick collects and crunches the data about your purchase and then uses it to send targeted deals and offers straight to your phone.
I don’t know about you, but I’m starting to feel creeped out.
I
t may not shock you to learn that
Walmart, the biggest and most profitable retailer in the world, also operates one of the most massive databanks in the world. Capturing data on point-of-sale transactions from nearly three thousand stores in six countries, Walmart maintains a 7.5-terabyte Teradata warehouse
10
—a database many times the size of the federal government’s. Because of its size, Walmart has unprecedented access to information about a staggering number of us. Which is why, at any given time, Walmart always knows what’s selling and what’s languishing, and with which specific customers, too (in fact, the chain store is famous for hoarding its data somewhat obsessively). And it knows how to use this information to make us spend. I talked earlier about how retailers like Walmart employ a company to help them predict and capitalize on extreme weather events like earthquakes and snowstorms. Well, it turns out they also use the data about past extreme weather events to figure out which products (beyond the obvious) to stock. For example, a few years ago, when a hurricane was approaching the Atlantic coast, Walmart crunched the numbers to figure out what hurricane victims had purchased during the previous hurricane. No, it wasn’t flashlights. Instead, the top-selling prehurricane item was beer,
while, oddly enough, sales of strawberry Pop-Tarts, of all things, had increased sevenfold. Accordingly, trucks bulging with toaster pastries and six-packs were soon speeding toward the site of the oncoming storm.
But the scariest thing about this isn’t that it’s making the giant retailer a lot of money (which it is, of course). It’s that the typical shopper has
absolutely no idea
how closely she is being monitored. At Walmart there are no loyalty cards to swipe, no coupon bar codes to scan, just “everyday low prices.” So without any loyalty program in place, how does Walmart capture information? Via our very own credit and debit cards.
It’s amazing what a sophisticated data miner can learn from a credit card. In 2002,
J. P. Martin, an executive at
Canadian Tire (which, in addition to tires and car accessories, sells electronics, sporting goods, and kitchen appliances), began analyzing the data gleaned from the credit card transactions the company had processed the year before. Among the many things Martin found: people who bought carbon monoxide monitors practically never missed payments, and neither did people who bought those little soft pads that keep furniture legs from scratching up your floor. They also found that people who bought cheap, no-name automotive oil were much more likely to miss a credit card payment than people who got the expensive, brand-name stuff, and that if a person bought a chrome-skull car accessory, he “was pretty likely to miss paying his bill eventually.”
11
From all this Martin concluded that the brands we buy are “the windows into our souls—or at least into our willingness to make good on our debts.”
12
This wasn’t just an isolated experiment. Martin’s methods are actually very common. Most credit card companies have (and in fact have always had, though they are getting far more sophisticated thanks to technology) systems in place that pore through all your data looking for clues that you might stop making payments. What kind of clues? Well, logging onto your online account in the middle of the night is one, as it bespeaks anxiety about your finances. If you use a card to buy essentials like groceries or prescriptions, it’s another indication that you may have fallen on hard times. Have you all of a sudden charged a large expense to a credit card you seldom use? That’s another red flag that you may be delinquent with your upcoming monthly payment, or even
teetering toward financial insolvency.
American Express has admitted it once used data about where its “members” shopped to set its credit limits, decreasing the limits if signs indicated a person was having money trouble. Though it has suspended the practice, not every company has; in 2008 it was revealed that one subprime credit card marketer had decreased credit limits on cardholders who frequented “pawnshops, massage parlors, tire retread shops, marriage counselors and bars and nightclubs.”
13
No matter which credit card you use, each and every time you charge something on it, the company records how much you spent and on what type of product. And while cagey company representatives refuse to reveal how they use this data, the least you should know is that every single credit card transaction (online or off) is assigned a “merchant category code,” a four-digit number that indicates what kind of business or service the charge was for. The category codes include everything from “wig and toupee stores” to “packaged beer, wine and liquor stores” to “pawnshops” to “wholesale clubs” to “bail and bond payments,”
14
all of which, when you think about it, tell the credit card companies a whole lot about you and your lifestyle. Men: please note that if you happen to be among the 87 percent of males in the United States who buy less-spoken-about products or subscriptions on Web sites promising that some vague and discreet wording like “international trading company” will appear on your credit card statement (rather than, say, Carl’s Adult Videos), that little merchant category code will still reveal the truth to the credit card company.
Have a lot of transactions in the “air travel” category? You may get an offer in the mail for either travel-related services or a rewards-equipped credit card from a major hotel chain. Says Paul Stephens, the director of policy and advocacy for the San Diego–based Privacy Rights Clearinghouse, “Depending on how extensively you use your credit card, they conceivably have a very clear, distinct picture of an individual.”
15
These kinds of tactics explain why a person in serious debt can expect to find a handful of new credit card offers proclaiming to be for individuals with “less-than-perfect credit” awaiting them in their mailboxes. Who’s behind these offers, and how do they know so much about our finances that they show up when they do? Well, certain
financial institutions—including the big-three credit rating agencies, Equifax, Experian, and TransUnion—pore through all kinds of documents, including bank and court records, to craft intricate profiles of the financial lives of over one hundred million Americans.
16
They then turn around and sell this detailed data, including names, addresses, Social Security numbers, marital statuses, recent family births, education levels, car makes, TV cable service providers, and even magazine subscriptions, to
banks, credit card companies, and mortgage brokers, who then fiercely compete to find untapped customers—even those who would normally face an uphill battle getting credit in the first place! Yes, that’s right: the companies responsible for maintaining and updating your credit scores are the very same ones turning around and selling your financial information to credit card companies and mortgage lenders.
Most people write it off as a timely coincidence when an offer for a new home equity loan arrives in the mail just as they’ve started struggling to make their mortgage payments. But it isn’t. “We called people who were astounded,” said Allan E. Geller, chief executive of Visions Marketing Services, a Lancaster, Pennsylvania–based company that carries out telemarketing campaigns for banks offering new terms of credit. “They said, ‘I can’t believe you just called me. How did you know we were just getting ready to do that?’ ” He adds, “We were just sitting back laughing.” The goal of this incredibly devious tactic is to create “the appearance of almost irresistible serendipity,”
17
like a devil whispering into our ears at the precise moment our defenses are at their lowest and our needs are highest.
Thanks to data-mining practices, banks and lenders know enough about our finances to tailor the specific wording in unsolicited letters to our individual situations. Often they even go so far as to calculate, to the dollar, what we would save on a mortgage or a monthly credit card payment if we “took advantage” of the offer in question. A few years back, one bank took this personalization to an extreme. It actually took satellite snapshots of a particular neighborhood and then highlighted each homeowner’s property on the envelope accompanying the personalized credit offer. Not surprisingly, most consumers were spooked, and the campaign was withdrawn.
Again, while neither banks nor credit card companies will confirm their precise internal methodologies, it’s widely acknowledged that
property deeds are one of their major sources of data. Since property deeds are public records, each time we buy a piece of property we get put on a list, known in the industry as a “trigger list,” indicating that we’ve just moved or are about to move. Companies then purchase these “trigger lists” and use them to shower us not just with loan offers and credit card offers but also with decorating catalogs, magazine subscriptions, and more. Knowing that homeowners spend close to $12,000 furnishing their new digs within the first six months of moving into a new home, and a good percentage of that in the first weeks or days, a company known as ALC Milestones New Movers and New Homeowners, for example, sells companies and businesses—like Crate & Barrel and Pottery Barn—updates every twenty-four hours about who has just purchased a property and is in need of brand-new furnishings.
18
Using a technique known as “
predictive modeling” (which is essentially comparing your behavior to that of consumers who fit roughly the profile you do), data compilers and banks know whether you are likely to need new home credit before even you do. Equifax (yes, one of the companies that maintains your credit score) even offers lenders a brochure called “TargetPoint Predictive Triggers,” whose “advanced profiling techniques” promise to help them sniff out consumers who show a “statistical propensity to acquire new credit.”
19
Naturally, the company declines to reveal its exact formula, but let’s figure out how it might do it. Let’s say a bank does a mail campaign offering new terms for home refinance. You receive the offer, check the box saying you might be interested and would like to learn more, and send the card in, complete with your name and address. Next, data crunchers proceed to pull together other information they have about you on file, including the value of your home, your outstanding credit card debt, and whatever savings you may (or may not) have. The bank then feeds all this into sophisticated statistical models that ferret out other consumers who match the profile you do (e.g., other consumers who have a good-sized property, shop at Williams-Sonoma, etc.), whom they then know to target with similar offers. In effect, the bank is getting us to unwittingly rat out one another.
In 2010, the U.S. Congress passed a bill designed to protect unsuspecting consumers (especially young consumers) from predatory credit card companies. Among the requirements of the new act was that colleges and universities publicly reveal the long-standing secret contracts they enjoy with credit card companies. That’s how it was discovered that in 2007 hundreds of institutions of higher learning (including some very prestigious ones, like Yale University) had entered into a highly lucrative “affinity agreement” by which they were essentially selling Chase bank access to their alumni, staff, sports fans, and even students.
20
This is also how it was revealed that a staggering eight hundred of the United States’ two-year colleges and seven hundred of the country’s four-year colleges maintained similar agreements with various credit card companies or
banks.
Under some of these agreements, the colleges received a cut of every new bank account a student opened; under others, they got a percentage of every retail purchase a student made with their new card; under still others, the schools actually earned money if an alumnus took on debt. Obviously, this was a huge incentive for these schools to encourage their students to rack up credit, which is why so many permitted credit card companies to advertise on campus, with some even granting the companies access to private campus events.
21