The Federal Trade Commission has finally settled with Sears.jpg)
on allegations from 2007 that the retailer was collecting your personal data, without warning, and warehousing it with an outside third party. Sears, of course, admitted no wrongdoing, but privacy advocates screamed loud enough that the FTC stepped in and filed a formal complaint. The company agreed to destroy the data collected and change future disclosures to reflect what they were actually doing.
Customers were invited to join My SHC Community, a Sears’s program, and when they did, tracking software was downloaded on their computers to monitor their online browsing. The invitation came from both Sears and K-Mart. The application, when installed, ran in the computer’s background at all times, transmitting any detected information from simply filling your shopping basket at another online retailer to all your secure business transactions, including banking and credit card purchases.
The sensitive data was sent to ComScore, a marketing research firm, when, in fact, Sears told participants it would be maintained by My SHC Community. Some of this data even included individuals’ health and prescription information that had 
been stored on the Internet. In addition, registration information involved your name, address and age. The spyware was extremely efficient in picking up a large percentage of Sears customers’ online transactions.
Benjamin Googins, a senior engineer with CA Community working on anti-spyware products, ran into the Sears program one day online. Being the expert he is, he actually tracked the tracking that the My SHC program was doing, from his registration process, until his private information was hustled off to ComScore. You can see Googins’ complete article on this fiasco with the program here.
Back in 2008, Scott Kamber of KamberEdelson was seeking plaintiffs for a class-action suit against Sears’s My SHC Community and Phoenix residents can contact him at: skamber@kamberedelson.com. Earlier, another class-action had been filed against Sears’s ManageMyHome.com site charging the company’s website revealed the private information of customer purchases dating back ten years..jpg)
The ManageMyHome incident was discovered by Ben Edelman, Harvard Business School asst. professor and privacy expert, who said Sears offered no security whatsoever to prevent users from accessing a third party’s purchase history. All you had to do was create an account at MMH, enter the name, address and phone number of the person’s shopping record you wanted, then select “Find Products.”
Sears vice president Chris Braithwaite commented that the My SHC Community campaign enrolled fewer than 5,000 people, which doesn’t say much for Sears’s marketing techniques. When you compare that with the TJMaxx/Marshalls data breach of 94 million customer credit records in 2007, it seems insignificant. But it isn’t quantity that is in question here, it is the judgment of a huge corporation that has been around for years, and which collects billions of pieces of their customers’ personal data each year.
Large corporations make mistakes but, based on my 35 years experience as a junk mail data broker and database consultant, what Sears did is something that is covered in Direct Marketing 101. Plus the fact that this company can trace its history back to one of the original catalogs in mail order. There is no excuse for what they did.
Please leave your comments or E-mail me: jack.dundiv@cox.net
For more info:
Lawyers & Settlements free lawsuit evaluation
Comments