A consumer's quest to keep shoppers' data private

For millions of people, using a discount card at the local grocery store has become routine, a sure way to get the best prices, more convenient than coupons, and as unremarkable as a shopping list.

But 14 years after the cards were first introduced, a few iconoclasts are questioning the cards' value and using the Internet to sabotage their market authority.

These supermarket rebels claim that the stores receive an indisputable benefit from the cards - the capacity to create and sharea profile of a shopper's every taste and habit.

"Ever since the cards first came out I [have] felt an apprehension about them," says Rob Cockerham, a 30-something graphic designer who recently launched a one-man campaign against the cards.

What troubles Mr. Cockerham most is the requirement to provide a name, address, and other personal information to get a card.

"I've worked with databases, and anyone who's worked with them knows information gets piled up," he says. "Say I buy vodka and adult diapers at night - I don't want that information to be stockpiled. I'm sure the stores have the best marketing motives, but it makes me nervous."

This year his website,, won a Webby Award - an international prize for exceptional websites - for its tongue-in-cheek descriptions of pranks Cockerham played in his hometown, Sacramento, Calif. Now he has turned to a stunt he hopes will have repercussions anywhere there's a supermarket that honors his Safeway Club Card.

Cockerham calls the scheme the Ultimate Shopper. Visitors to www.cockeyed. com/pranks/safeway/ultimate_shopper.html can order free stickers with copies of his discount card bar code. Slap a sticker on your own card and, presto! you're a Rob Cockerham clone in the eyes of Safeway's computers, creating a single shopper with superhuman powers of consumption - and an entirely inconsistent record of purchases.

Some 500 people in the United States and Canada have joined Cockerham's revolt since he started offering the bar code in January. A section of his website features photos of faux Cockerhams holding up their cards or grinning over prizes they won - a bag of cookies or a bottle of juice - for being such enthusiastic consumers.

Safeway, based in Pleasanton, Calif., knows about the prank, but has decided to tolerate it so far, says Brian Dowling, a company spokesman.

"We don't view it as something that hampers the operation of our card marketing program," Mr. Dowling says.

"From the way it's been described to us, it's on a small scale. I'm not sure it even registers. I think [Cockerham is] raising an issue that we don't see as an issue. We do work aggressively to protect our customers' data."

In addition to Cockerham's campaign, other websites let people trade their cards or print their own bar codes. Still, the numbers of false cards is tiny compared to the legitimate data available to stores, says Trish Brynjolfsson at Catalina Marketing, the St. Petersburg, Fla., repository for some 100 million customer shopping records.

"This technology is taking us back to the true one-to-one marketing we used to see," she says. "Because of programs like frequent flier [rewards], where companies have done a good job of marketing, people are willing to exchange some ... personal information for relevant savings information and value."

While Cockerham sees the sabotage as lighthearted jabs in Big Brother's ribs, some privacy activists say it's time to get serious.

"His solution is brilliant, but it won't solve the problem," says Katherine Albrecht, founder and director of Consumers Against Supermarket Privacy Invasion and Numbering in Nashua, N.H.

"Many people think the way around the system is signing up as Mickey Mouse or George Orwell," she says. "But the minute a store scans an ATM or credit card, the shopper's real name goes at the top of the record."

Privacy activists say shopper data could be subject to seizure by court order - if, say, an attorney wanted to investigate the spending patterns of a defendant in a lawsuit or if police needed to establish who was in a store at a given time.

There's also the issue of unauthorized releases of information, says Larry Ponemon, chairman and founder of the Ponemon Institute, a think tank in Tucson, Ariz., that specializes in data-privacy issues. In one such leak, a low-level corporate employee allegedly volunteered information to a law enforcement agency shortly after the Sept. 11, 2001, terrorist attacks.

Still, he says, investigators might derive few trustworthy clues from card records. Generally stores have had little incentive to keep data pristine - if a cardholder received an extra coupon for an item not on his usual shopping list, that probably wouldn't cost the store a sale, and might even gain one.

But even if the information is properly organized, it remains an ephemeral tool, says Ed McLaughlin, director of the Food Industry Management Program at Cornell University in Ithaca, N.Y.

"You have to appreciate that your standard Ralphs or Safeway supermarket gets 35,000 customers a week, each purchasing 30 or 40 items," he says. "Yes, they have the capability to track every one of those items over time, but the reality is that it's so complicated there's no way they can do it. If someone comes to you asking, 'How many Twinkies did Joe buy last year?' it would take a programmer a week to get the information, and that's patently preposterous."

Professor McLaughlin says some industry experts expect stores to get better control of the information in another decade - but they made the same prediction 10 years ago.

Such assurances don't comfort Ms. Albrecht, the privacy activist. "When it comes to saving money, people think every little bit helps," she says. "They don't realize this data is being collected on them."

of 5 stories this month > Get unlimited stories
You've read 5 of 5 free stories

Only $1 for your first month.

Get unlimited Monitor journalism.