May 26, 2022

Volume XII, Number 146

Advertisement
Advertisement

May 25, 2022

Subscribe to Latest Legal News and Analysis

May 24, 2022

Subscribe to Latest Legal News and Analysis

May 23, 2022

Subscribe to Latest Legal News and Analysis

Sneaking into the Data Business

One of the benefits of GDPR and similar U.S. state privacy laws is that many companies are forced, cajoled, or encouraged to ask permission before capturing, analyzing, repackaging and selling the information they gather about you. Apps delivered under the new laws call attention to behind-the-scenes data activities, when past versions would have quietly hide the evidence.

So now we are more likely to see when a website grabs our personal information and to decide whether we like it. Score one for transparency.

It is common knowledge that the huge companies created by the internet – Google, Amazon and Facebook in particular – were built on a platform of user data, both for internal analytics to hone the services and for revenue generation as user information is sold either directly to other companies or indirectly through serving targeted advertising.  People who run Google searches are not the customers of Google search. Google’s customers pay for access to searchers and their searches. If you are not paying for a service on the Internet, you are the product being sold to paying customers.

But if you are paying for the service, can you be the product too?  Of course.  One look at Amazon’s business model demonstrates that Amazon Prime customers – purchasers of books, underwear and chili crisp – are targets of advertising arising from the ecommerce king and its partner companies. But we also have always known that Amazon’s deal involved online data. What about companies outside the ecommerce realm that we go to for specific areas of assistance and expertise?

It seems to hurt worse when we learn these companies are treating us like products. For example, I have previously written about how diet companies like Weight Watchers have encouraged people to send their DNA for evaluations, making unsupported (and likely unsupportable) claims that a genetically customized diet would help people lose weight. Once the company has the key code to your physical makeup, what will it do with that information? Will it sell that DNA information to others, gather a huge database of customer DNA readings and use it for drug development, or simply run its own analytics to learn more about effectively marketing to you? Diet companies aren’t saying all the ways they will use this data, but if the ancestry DNA programs are any guide, then nearly all options are on the table.

Diet industry may seem to have their customers’ interests at heart, but these companies have been known to push limits of marketing. The Weight Watchers company was being sued by the Federal Trade Commission for using a diet app to illegally gather information on children as young as eight years old without their parents’ consent. The Guardian wrote, “The FTC alleged that the app’s signup process encouraged younger users to falsely claim that they were above 13 years old, despite text that indicated to children below 13 that they needed to sign up with a parent.” This company has been in the process of recasting itself as a lifestyle brand, including adding a digital community called “Connect” that adds another useful stream of data about its paying customers. 

Is all this new data used to sell more subscriptions and services, or will it pimp those customers out to third parties for different kinds of sales?  Twice as expensive for a basic subscription, newer diet company Noom is structured for the digital age with interactive daily content, intrusive online questionnaires and encouraged interactions with other users.  More data allows more ways to use it.

You also don’t expect your tax assistant to be vacuuming your personal data. The Washington Post undertook a data investigation of the major tax preparation organizations finding the “little-discussed evolution of the tax-prep software industry from mere processors of returns to profiteers of personal data. It’s the Facebook-ization of personal finance.” While there is a federal privacy law preventing tax preparation companies from disclosing the contents of its customers’ tax returns to anyone beyond the taxing authorities, the big tax companies “are asking you to grant them special permission to go beyond these default federal protections and use your return — including your income, investments and mortgage details — to help them upsell you on other things.”

The companies call this customer upselling “personalized service” and promote it as customizing the tax preparation experience to your individual needs. If only they could figure out a reason for you to send a DNA sample, then their data personalization could really take off. DNA has as much use in tax preparation as it does in diet recommendations. The Post reports that H&R Block asks to share your data with its overseas affiliated companies. You can choose not to do so, and you can revoke permission after jumping through some hoops. The Post points out that tax company Intuit “recently acquired Credit Karma, whose entire business model … asks you to pay with your privacy for free services like credit scores.” So it is clear that tax preparation companies like Intuit see their future revenues arising from treating their tax preparation customers as the products for data-hungry business customers. They have gathered a tax-preparing herd, and now they are milking it.

Other kinds of life advice companies beyond diet and tax-prep are surely moving into this data-rich space, and milking paying customers for more and more economically valuable data. Realtors, accountants, bartenders, feng shui consultants – all of our advisors and vendors can adopt this data centric model. Who knows what your dry cleaner is capturing about your behavior? 

Read your options carefully before entering into an advisor relationship. Make sure you understand what advantages the “premium package” provides, because you are likely paying for it with both money and chunks of your privacy. If you send or allow collection of extra sensitive information, confirm that you understand what the vendor will use the data for. New laws allow a broader window into the data habits of your advisors. Take advantage of the new knowledge.

Copyright © 2022 Womble Bond Dickinson (US) LLP All Rights Reserved.National Law Review, Volume XII, Number 111
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Theodore Claypoole, Intellectual Property Attorney, Womble Carlyle, private sector lawyer, data breach legal counsel, software development law
Partner

As a Partner of the Firm’s Intellectual Property Practice Group, Ted leads the firm’s IP Transaction Team, as well as data breach incident response teams in the public and private sectors. Ted addressed information security risk management, and cross-border data transfer issue, including those involving the European Union and the Data Protection Safe Harbor. He also negotiates and prepares business process outsourcing, distribution, branding, software development, hosted application and electronic commerce agreements for all types of companies.

...

704-331-4910
Advertisement
Advertisement
Advertisement