Considering the data-heavy lifestyles of contemporary people, it should come as no surprise that many organizations gather digital data regarding people’s preferences and everyday activities. If this data is compatible with the organization’s goals, it can be used directly, and, if not, there is likely a buyer for such databases in the market. Loyalty cards are one of the ways of gathering information about people’s consumer habits, and, as with all data gathering about individuals, data safety is the utmost concern. Pingo and Narayan (2016) point out the drawback of the practice for the consumers. According to them, it is virtually impossible to guarantee that the data in question will not be stolen, and the only way to mitigate the risks is through digital privacy education (Pingo and Narayan, 2016). Should the data be stolen, it is likely to be sold as well, but the information about people’s individual preferences can be used for purposes other than business too.
The emphasis on privacy education should not undermine the necessity of legal protection of data privacy. As of now, the overreaching framework in terms of data privacy is the General Data Protection Regulation (GDPR). It outlines the basic principles of data handling, such as fairness, transparency, or purpose limitation, but does not elaborate on their specific application. A useful and significant addition would be a legally reinforced opportunity for the customer to remain anonymous. Blanco-Justicia and Domingo-Ferrer (2016) describe a potential mechanism for that built with the use of partially blind signatures and the generalization of product receipts. If there was a legal requirement for vendors to provide an option for the customers to remain anonymous, it could improve the situation with regard to privacy protection.
References
Blanco-Justicia, A., & Domingo-Ferrer, J. (2016). Privacy-aware loyalty programs. Computer Communications, 82, 83-94.
Pingo, Z., & Narayan, B. (2016). When personal data becomes open data: An exploration of lifelogging, user privacy, and implications for privacy literacy. In Morishima, A., Rauber, A., & Liew, C. L. (Eds.), Proceedings of the 18th International Conference on Asia-Pacific Digital Libraries, 3-9. Springer Link.