Borders fire sale stirs controversy over selling customer data
When you sign up for services with many retailers, you’re often asked to opt in to marketing programs with the express promise from the company that they will respect your privacy and never sell that information to a third party. So what happens when they go ahead and do that anyway?
This is the battle going on right now with the assets from the bankruptcy of Borders. The liquidation of the company involves much more than bargain sales on books and re-leasing real estate. Last week, the defunct chain sold its intellectual property to Barnes & Noble for $13.9 million, and included in that was a ream of customer data. What information do they have? A list of videos, DVDs and books you bought at Borders and Walden Books stores as well as from Borders.com. They have your name, your address, your email, your phone number. They don’t have financial information.
For the nearly 50 million people whose names are in the records of Borders stores, you’ve got less than two weeks to exercise your right to have your personal information removed or it will be handed over to Barnes & Noble. That is despite the fact that those customers allowed Borders to use their data with the caveat that the company would never sell it to a third party.
Prior to the release of the information, the Federal Trade Commission appealed to the consumer privacy ombudsman appointed by the bankruptcy court, urging that consumers be asked before their information could be sold.
“In light of the promises Borders made to its customers, we believe it would be appropriate for Borders to obtain express consent from its customers, specifying the potential purchaser, before it transfers the data,” wrote FTC consumer chief David Vladeck. “The consent process would allow customers to make their own determination as to whether a transfer of their information would be acceptable to them. For consumers who did not consent, their data would be purged.”
Instead, the bankruptcy court gave Barnes & Noble the green light to keep all the information and use it to market its products — unless consumers said they wanted their names removed within 15 days of an email notifying them. The deadline in the email from Barnes & Noble CEO William Lynch is Oct. 15. The deadline to opt out is Oct. 29 if you are on the customer list but you did not receive the email.
“It’s important for you to understand, however, that you have the absolute right to opt-out of having your customer data transferred to Barnes & Noble,” Lynch wrote.
To try to get you not to opt-out, Lynch dangled the idea that some “offers” would be forthcoming. But if you do want to have your information destroyed rather than shared with Barnes & Noble, go to this page on the company’s site.
The consumer privacy ombudsman in this case, attorney Michael St. Patrick Baxter, said in a court filing this week that Barnes & Noble’s notice to consumers did not go far enough — creating the impression that the company was generously extending a right to opt out rather than being ordered to do so by a judge. And, he said, the bookseller neglected to inform consumers they were having their buying history sold along with their names and contact information.
“The Ombudsman believes that this information is both relevant and material to a customer’s decision whether to opt out and have his or her (personal information) purged by Buyer,” he wrote. “The right to opt out is only meaningful if customers are provided with sufficient Connecticut senator Richard Blumenthal also weighed in, attacking the very idea that this information could be sold.
“Profiting from personal, sometimes sensitive consumer information — illustrated by this regrettable arrangement — is spreading perniciously,” he said in a statement. “This settlement points to a clear and urgent need for stronger and stringent protections for consumer privacy. The settlement reached between Borders and Barnes and Noble is wholly inadequate and unacceptable.”