When most people think of the companies that are most likely to violate their right to privacy, their mind will likely jump immediately to their smartphone, thinking of Facebook following them around the Internet or Google stalking them in meatspace. Or maybe they’ll think of federal agencies like the National Security Agency, or perhaps they’ll even think of their local police department. Who they probably don’t think about is RadioShack.
The defunct electronics retailer, however, amassed a huge collection of data about their shoppers, from email addresses and physical addresses to shopping habits. All told, RadioShack actually possesses 13 million email addresses and 65 million physical addresses, not to mention the spending habits of all of their 117 million customers. While those totals might pale in comparison to the untold troves of Silicon Valley’s giants, it’s no small change.
At least RadioShack is hoping it isn’t. In the midst of their bankruptcy proceedings, the company has decided to auction off this trove of data to the highest bidder. According to Hilco Streambank, an advisory firm handling RadioShack’s intellectual property, customer information is being packaged with RadioShack’s various trademarks, patents, and even domain names and was sold to a hedge fund with the vaguest name imaginable, Standard General. No one is certain whether SG will use the data in accordance with RadioShack’s once famous privacy policy, usually advertised in-store by a sign which read: “We pride ourselves on not selling our private mailing list.”
This made them an oddity in corporate America. Nearly every major retailer sells off private customer data in bulk, and as RadioShack’s odd case shows, those that promise not to sell your information just might turn to all that sweet, sweet data when the chips are down. It’s incredibly unlikely that RadioShack shoppers of the last few decades had any idea their data was of any worth to the retailer, but consumers should be aware of the immortality their information can give them.
In fact, the only thing that makes RadioShack’s case somewhat special is it means the retailer is reneging on a privacy policy it had for years. To that effect, the states of Texas and Tennessee have filed a suit to stop the sale, citing state and federal laws against selling data if an agreed-to privacy policy says otherwise. In a bit of irony, AT&T is also suing to stop the sale, but only because they believe some of that customer data to be rightfully theirs. The bankruptcy court handling the case has appointed a “privacy ombudsman” to wrangle each party under current privacy laws.
It’s far from the first time a defunct company has tried to sell off customer data after swearing they never would. After the dot-com bubble burst, Toysmart.com attempted to sell off their customers’ data to pay off creditors, but the Federal Trade Commission spotted the sale after pointing out Toysmart’s privacy policy included provisions against it.”When you register with Toysmart.com, you can rest assured that your information will never be shared with a third party,” the FTC stated. If Toysmart wanted to sell their customer’s data, ruled the FTC, the buyer must abide by similar rules. The commission came to a similar decision in the case of Borders bookstores in 2011.
You could be forgiven for assuming your data goes down with the company that collected it, but clearly it’s too valuable an asset to completely destroy. As the “surveillance economy” marches forward, this should especially be a concern in the digital age. What happens, for example, when/if struggling game studio Zynga files for bankruptcy? At its height, the company had 300 million active users who had freely given apps like Farmville access to their Facebook account, location info, and Internet habits through tracking cookies. Likewise, what happens to all the information Myspace, which once had 76 million users, has collected when that company inevitably falls?
The Web is becoming littered with once-popular giants who now, like RadioShack, hold millions of users’ data as their most valuable asset. As the retail world struggles to survive against heated competition with Walmart and online retailers, we might be watching the future of how customer data is handled after a company ceases to exist. And retailers likely have more information on you than you might think.
The micromarketing tactics of companies like Target and Starbucks mean closely—very closely—collecting information from customers, including shopping data and even their physical location in the store. Walmart, the world’s largest retailer, even goes so far as to call itself “a technology company,” citing its bid to track users to “streamline” their experience in the stores and on its website. Many retailers have even begun to track customer movements within a store through their cell phone.
So even stores you’ve only entered can now collect data from you, mostly in the name of finding new ways to advertise at you. While that can sound harmless enough—polls consistently show most Americans prefer convenience over any expectation of privacy—that data can now live past the existence of the company, meaning your personal information could one day be in the hands of a company you might not trust as much as RadioShack or, for that matter, Zynga and Myspace. Like RadioShack, It could even end up under the control of a shady hedge fund with a history of buying defunct companies and struggling to turn them around—meaning your data will then be sold off again and again and again, likely outliving even you.
Screengrab via Radioshack/YouTube