Students at Pekin High School recently had a frightening experience. Their personal security information, including their Social Security numbers, became freely available to others. The problem wasn’t identity theft by cyber-criminals, as happens to so many people these days. Instead, the data wasn’t guarded sufficiently, and vendors could “harvest” this information for their use.
It’s open season on our personal or proprietary information. Marketing firms, sales reps, and data hounds want to gather as much information as possible about prospective customers. The simplest way is to ask a person buying a consumer product to fill out a “warranty card,” which not only has sections to complete on the purchased product, but also a host of other questions on purchase history and product preferences and personal data such as birth date, marriage status, and family size.
Data collection can present some real ethical issues. The first—and most important—is how much of the information is mine and how much of it is public? A related question: to what extent can a company market the data and to what extent can I limit that behavior? Maybe you, like me, have received privacy notice policies from credit card companies spelling out how, when, and under what circumstances our information can be shared. We may think we must give permission every time that information about our profiles and habits can be shared, but we may have little direct ownership of information that gets into a customer relations management (CRM) system. We also discover we have very little control over the distribution of our e-mail addresses, since we get so much spam.
We also see the little check boxes on web sites of various organizations asking us whether and to what extent we want information about our data to be transferred—in some cases, to go no further than direct contact from the company to alert us to a product problem, or as far as giving permission to share information about us to third-party companies. That set of choices tends to be limited to larger retailers and service businesses. Smaller businesses may not gather this information. Intentionally or inadvertently, the small business owner or entrepreneur may share information about us. Some companies share information on a mutual basis—a “let’s share files” basis. Others sell information about you and me to other companies or groups so they can e-mail us with a sales pitch.
And, of course, none of these practices has anything to do with the highly unethical practice of “phishing” for information, even under the guise of well-established companies. It’s so frustrating and unnerving to be “phished” with a letter saying our information needs to be updated or clarified. Just click here, the messages say, and fill out the missing information. People constantly respond, only to discover their personal information has been stolen.
“B2B” transactions often have a less defined understanding of ownership of information. In completing various applications or customer profiles, business owners surrender data that reveals a lot about market position, product or service development, or financial status. Some companies assert that all forms and data they receive have been obtained legally. Even so, the question remains: how much information is public and how much is proprietary?
One of the most impressive current examples is the aggressiveness of the Disney Company in pursuing those who copy and use cartoon characters and stories—but how aggressively the company also obtains images and stories on the open market (or so they think). Caterpillar has had to take a strong and clear legal stance in Disney’s use of the Cat trademark in cartoons.
We need to be very careful as individuals in how far we’ll extend the use of personal information—and, to some extent, to accept that some of that information is in the public domain. Companies, businesses, and services have to take the same approach. We still have a lot to do as a society and in commercial transactions in determining the ethics of the use of information. In the meantime, just be careful about how much you want to share—and what information is, in fact, your personal property. IBI