Tuesday, 31 March 2015

Dodgy Data Distraction

You have to love the Daily Mail. They do love a scare story. Yesterday it was your pension data being sold for 5p to unscrupulous cold-callers by allegedly dodgy data companies. Shock horror, we will never be safe in our beds again!

I caught up with the story on the Today programme and heard Chris Graham, the Information Commissioner himself, living up to my nickname for him of Genghis Khan. He was threatening immediate investigations into B2C Data, the company the Mail outed, with his usual £500k fine and a bit of decapitation if the guilty were found guilty.

But just hang on a cotton picking minute. The accusation here was that personal financial information was being passed on (sold) without the knowledge of the individuals concerned. Well the B2C website isn’t exactly hiding its activities under a bushel, Mr Daily Mail. Their website boasts of their 38m strong database and suggests that it has been compiled from a large number of syndicate partners.

So this is not necessarily dodgy and that is what the Daily Mail, the Today programme and the man in the street fail to realise. Every time we apply for something...a mortgage, a phone, a credit card or even a holiday...we freely give lots of information, and somewhere in the small print will be a box to either tick or untick talking about sharing that data.

It’s the junk mail box if you like. You are opting in if you tick it to agree and opting out if you tick it to disagree. And whether you opt in or fail to opt out matters.

All email data to consumers ought to be opt in, by law I believe. Genghis will know this. If you agree to receive emails, lo and behold you will receive emails. Your address will be sold to all and sundry for a few pence. Mine seems to be sold to Viagra salespeople and purveyors of gentlemen’s entertainment but that might just be spam. There is a difference between unsolicited marketing communications and spam you see. One you have agreed to, the other you haven’t.

So, just what are the Daily Mail objecting to here? If B2C are selling data without the required permissions/opt-ins from their syndicated partners, everyone will be in trouble. I am not saying it doesn’t happen, because it does, but the real charlatans are not trumpeting their wares on a web site in my limited experience.

I am afraid the much more likely scenario is that this is all essentially above board. Companies like B2C amalgamate data from a variety of sources and if you as an individual appear on their database it will be because you gave your information to one or more of those sources. If those sources are legitimate they will have asked you a question about selling your data on and you will, perhaps unwittingly, have given them permission to do so. It may have been asked sneakily, it may have been an auto-ticked box on a web form that you failed to notice, but it will have been done.

So what data are they likely to have? Well, basically anything you have ever filled out on a form applying for something. Name, address, phone number, spouse, number of kids, email, mobile and middle name for sure. Salary, job title and number of years in your job. Probably. Nothing startlingly private. Ok, I know it is not stuff that you want published in the Daily Mail, but it is not really doing you any harm appearing on a database, and remember, this information is really only going to be used to select you to receive a phone call or email.

A marketing database is a prospect list, and someone trying to get you to unwisely take your pension now in cash (the threat the Mail was highlighting) will have used your salary to bracket you. He/she earns above X so he/she will likely have a pension of X so is worth a call. Or he/she is this age and earns that, so he/she is a target. Every piece of information they have on you is a selector, and really nothing else. And companies like B2C charge by selection.

The 5p the Mail quoted probably won’t get you a lot more than email, name and postcode. If you want the detailed information, you would pay more. And this information has been on the market for years, both legally and illegally. No doubt, as the Mail says, some of this information ends up in the hands of criminals, but I am not sure you can necessarily blame B2C for that.

This needs investigating of course, but if the accused company have been aggregating data from multiple sources legally, making sure that the opt-ins and outs were all done properly by their syndicate partners and then cleansing and managing their database correctly, I hope they sue the backside off the Mail.

Data is a very misunderstood commodity. We all create it and give it to people without really thinking about what we are doing. As a marketer, I want your email address and your permission to use it. In B2B, my field of expertise, there is much less regulation on this sort of thing but I still want your permission, tacit or proactive, because the communication is more rewarding that way.

The aggregation of business data is every bit as sly as the consumer stuff. For instance, Companies House happily sells its data on every business registered with it for a nice fat fee. Then the data companies start adding to this basic registered address and directors info by overlaying directory data to get trading addresses and phone numbers. Maybe some research will be done at some stage to pick up some contact names and bingo, you have a list.

You may not realise that you gave your data away. You may have been slightly tricked into not noticing the box which would have stopped it all. But you have done it dozens of times. We are all on hundreds of different lists. Just one example you probably do not realise, the Bounty rep who called on you or your partner whilst you were recovering from the birth of your baby. They gave you some nice freebies and took some information off you, and that information is one of the most valuable data sets in the country. New parents are an easy touch you see, like prospective pensioners. I wonder if the Mail will investigate that?

The moral of all this is that it is never good to give your data away. Find the box if you are filling out a form and find a responsible data security and recycling professional if you disposing of any old computers! Simples.