Jan 23 Among the millions of consumers who
received recent emails from Target Corp apologizing that
their personal data might have been accessed by cyber thieves
are those who wonder exactly how they got on the list in the
If you didn't give Target your email address, how did they
Target is renowned in the retail world for its data
collection and analysis, grabbing bits and pieces wherever it
can - from your store purchases to visits to its website to
surveys you've taken to things you've posted on Facebook.
It all goes into Target's customer relationship management
database for analysis.
"A lot of consumers are just not aware to the extent to
which they are collecting data," says Paul Stephens, director of
policy and advocacy for Privacy Rights Clearinghouse.
Other retailers mine customer data by getting them to opt
into loyalty or reward programs. Some retailers with established
loyalty programs include CVS Caremark Corp, Sears
Holdings Corp, Gap Inc, and Starbucks Corp
What sets Target apart from the crowd is an aggressive
datamining of customer interactions. That includes customers'
cell phones, web cookies, purchase histories, prescription and
other health information.
Andew Pole, who heads a 60-person team at Target that
studies customer behavior, boasted at a conference in 2010 about
a proprietary program that could identify women - based on their
purchases and demographic profile - who were pregnant.
That's because women often control the purchasing power of
baby furniture, equipment, clothes and diapers. "This is a very
profitable acquisition," Pole told those gathered to discuss
Target goes further than that. The company can identify by
name more than half the customers who walk into their stores and
browse their website, according to Pole's presentation.
Each consumer's spending and demographic information - such
as age, marital status and address - is the foundation for a
"guest profile" which enables the store to identify brands you
are loyal to, what offers tempted you and whether you can be
persuaded to shift spending from other stores to Target.
"There's a lot of Big Brother," Pole said. Target follows
the law and uses datamining to better connect with its
customers, he added.
Target spokeswoman Molly Snyder pointed to the company's
In addition to name, address and email, Target collects
driver's license numbers, phone numbers, credit and debit card
numbers, purchases, returns and exchanges, and dates of birth,
information from outside sources and gathers information
customers post online that can be publicly viewed.
For users of a Target debit card or credit card, information
collected includes income and credit history.
WHY THEY KNOW SO MUCH
Target is doing nothing nefarious by collecting and
analyzing all that data, says Gerald Storch, president of the
New Jersey-based management consultancy Storch Advisors.
"You're trying to market to the segment of one," says
Storch, who stepped down last year as CEO of Toys R Us
and prior to that was vice chairman of Target. "This is the holy
grail of consumer marketing."
Mass marketing through newspaper and TV ads used to be the
standard for reaching consumers, Storch says, but most "forward
thinking" companies - retailers or otherwise - use purchasing
patterns and other data to predict what a consumer is likely to
buy and give them offers as an incentive.
"If you bought a lot of carpet shampoo, they deduced you're
likely to have had a pet," Storch says.
So far, in addition to credit card and debit card
information, Target has acknowledged that names, addresses and
emails were compromised.
Target has disclosed what it has learned to date about the
data breach, Snyder notes. Details about opting out of the data
collection process and the sharing of that information is
included in the policy, which is posted on Target.com. ()
The key to identity theft - the most worrisome of crimes for
those whose data has been exposed - is the thieves obtaining
Social Security numbers. Applicants for Target's REDcard would
have provided that information, but the company has said it is
not aware that specific information was among the data stolen.
Being able to scam victims out of their Social Security
numbers - an easier task when the criminals know so much about
you - is where consumers need to be on guard.
Target can't stop you from giving out even part of your
Social Security number to a con artist. Given that it's tax
season, when dispensing that number is part of the process, the
potential for victimization is even higher.
"The burden has now shifted from them to you," says Adam
Levin, chairman of IDentity Theft 911 LLc, an identity theft
protection and remediation firm.