Your Safeway club card can land you in jail.
Like most similar offers, Safeway allows the customer to opt out of the targeted coupons and other marketing offers. Because they store aggregate data for other purposes, however, Safeway still appears to collect purchase records from members who have opted out.
Even though Safeway adequately limits access to purchase records and personal information, other measures are involved in fully protecting any sensitive databank. Safeway is obligated to protect against the insertion of false or erroneous purchase data and to assure that customers can easily audit their purchase record. Safeway fails on both counts.
First, no physical card is necessary to invoke Safeway Club discounts. Any customer may receive discounts using any account, thereby placing a malicious purchase record into that of the account holder. The evil customer must only know a widely available piece of information: the account holder's phone number. If customers are allowed as a matter of convenience to give their phone numbers, it follows that those records should be equally easy to audit in order to detect unauthorized usage of the account.
To their credit, Safeway allows a customer to request in writing and challenge their "information by which [they] can be personally identified." The brochure containing these instructions (below), however, is not clear whether the purchase record is included when such a request is honored. Even if it is assumed that the purchases are included, one customer found himself facing a $75 administration fee to view his record (cbc.ca). While Safeway provides a convenient way to insert purchases into an arbitrary record, this customer found that Safeway viewed record auditing as "a task that is outside the normal course of Safeway business."
Grocer affinity programs have considerable potential to reveal facts about one's basic day-to-day lifestyle. In the case of Safeway, the itemized and dated electronic purchase record associated with a household is a kind of digital medicine cabinet, ranging from plastic sandwich baggies to lighter fluid and never expiring. If Safeway does not limit its coupon-generating purchase records to a reasonable 2-3 week period, does not permanently remove older purchases, or does not protect insertion into a customer's record by requiring a reasonably unforgeable club card, then the Safeway Club system remains a demonstrated threat to personal liberty and privacy.
Node your homework. This was subject to a word limit, so I may expand it.
"Loyalty cards: Getting to know you." CBC News. October 24, 2004. http://www.cbc.ca/marketplace/files/services/privacy/loyalty.html
Furia, Joe. "Firefighter Arrested For Attempted Arson." August 28, 2004. http://www.komotv.com/stories/32785.htm
From Canada Safeway's "Privacy Commitment to our Customers" brochure
What is your personal information?
Personal information means information about an identifiable individual. This includes things such as your name, address, telephone number, credit card number or other information by which you can be personally identified. Personal information does not include the name, title or business address or telephone number of suppliers, contractors or other business people.
We do not disclose your personal information.
Safeway's commitment to you is that we do not sell, lease, transfer or disclose your personal information to any other company, person or third party for commercial purposes. Safeway may disclose personal information in response to a subpoena, court process, specific request by a law enforcement agency, or as otherwise required or permitted by applicable law.
How do we keep your personal information secure?
How accurate is your personal information?
If you want to review and verify personal information we have about you, you can make a written request to do so. You may deliver a written request for access to any Customer Service desk. We may charge you a nominal fee to access your information, however you will be advised of any fee in advance. If you find errors you can request that changes be made and we will consider if the correction should be made. We may be prevented from allowing access to some information, however you will be advised if this is the case. You may challenge our decision not to release certain information.
We only retain your personal information for as long as reasonably required. The length of time information is retained will depend on the purposes for which the information was collected.
Safeway respects the privacy of our customers. We take steps to ensure that your privacy is respected and protected when collecting and using information you provide.
Safeway only collects personally-identifying information from customers when customers apply for a Safeway Club Card; enter sweepstakes or other contests when using your Club Card or other means of entry; visit our web site -- www.safeway.com; and purchase groceries or other items with a method of payment that contains personally-identifying information. "Personally-identifying information" means your name, address, bank account, credit card number, telephone number or other information by which you can be personally identified.
Safeway does not sell or lease personally-identifying information to any other non-affiliated company, person or agency. Safeway will disclose personally-identifying information only if required to do so by law, or if requested to do so by a law enforcement agency in the context of an ongoing criminal investigation where such disclosure could be required by subpoena, search warrant or court order. Such request for information must be cleared by our Legal Department. In addition, Safeway may use any information our customers provide when conducting our own investigations of alleged customer wrongdoing, such as dishonored or fraudulent method of payment.
We provide protection against unauthorized disclosure of the information you share with us. We store information in a secure manner. We restrict access to personally identifying information to only those with a need to know. We also educate those people with access to customer information about their responsibility to protect your privacy and we give them clear guidelines regarding the use and disclosure of such information.