Stupid Alarmist Watch: Uh, Yeah; Give Criminals Your Game Plan
By Ken Magill
Just when it seemed privacy alarmism couldn’t get any more baseless comes a gem of an article from AP spreading fear about retailers’ efforts at preventing returns fraud.
“It's not just the government that might be keeping tabs on you. Many retailers are tracking you, too – or at least your merchandise returns,” began the piece headlined “Retailers Keeping Tabs on Consumers' Return Habits.”
The companies say it's all in the name of security and fighting fraud,” the piece continued. “They want to be able to identify chronic returners or gangs of thieves trying to make off with high-end products that are returned later for store credit.”
But. There’s always an eye-roller of a but.
“Consumer advocates are raising transparency issues about the practice of having companies collect information on consumers and create ‘return profiles’ of customers at big-name stores such as Best Buy, J.C. Penney, Victoria's Secret, Home Depot and Nike.”
Usually articles quoting privacy zealots decrying commercial use of data have them offering up ridiculous, hypothetical harm scenarios. They can’t recount any cases of real damage, after all.
But the AP piece didn’t even go that far.
The privacy advocates in it simply pontificated without apparently having been asked to justify their opinions in any way.
"There should be no secret databases. That's a basic rule of privacy practices," said Ed Mierzwinski, consumer program director at the U.S. Public Interest Research Group, according to the article. "Consumers should know that information is being collected about them."
Maybe consumers should know. For what purpose is unclear. But criminals shouldn’t know. And the trouble is, most of us often have a heck of a time telling the two apart. That is, unless we witness certain behavior—something these retailers are attempting to do with returns profiling.
What’s more, unlike marketing data, returns-profiling data is presumably used on a reactive, not proactive basis.
No one is sending marketing messages to suspected fraudsters saying: “We think you’re a criminal. Here’s a coupon for a competitor.”
[Author’s note: I would love to take credit for that last line, but can’t. My colleague, friend and occasional informal editor Richard H. Levey came up with it.]
In any case, any scrap of information retailers reveal about their fraud-prevention efforts will be exploited to commit fraud in more creative ways if possible.
Keeping bad guys in the dark is the reason email inbox providers won’t share publicly information about their spam-fighting techniques.
This logic is apparently lost on at least one Federal-Trade-Commission staffer, though:
"Most people think when they hand over a driver's license that it's just to confirm identity and not to be kept to be used for future transactions," said the FTC's Bob Schoshinski, assistant director at the agency's division of privacy and identity protection, according to AP. "It shouldn't be that a third party [a fraud-prevention vendor mentioned earlier in the article] is keeping a profile on someone without them being informed what's going to happen when they hand over their driver's license or some other information to a retailer."
While it’s possible that informing consumers their returns behavior is being monitored for patterns indicating possible fraud might get criminals to go elsewhere, it should be solely up to retailers to make this determination.
Mierzwinski and Schoshinski apparently don’t take into account just how creative some criminals can be and the sophistication it must take retailers to stay a step ahead of them.
Nowhere does the AP article say Mierzwinski and Schoshinski are against retail security cameras. They just hate the idea of returns-data profiling, even though it is aimed at exactly the same purpose with the same level of intrusiveness.
The latter just happens to be more sophisticated than the former—certainly no more dangerous to non-criminals.