All your data is ours - you mean you didnt read the T's and C's on page 12,378, paragraph 74, line 1054 (no 1 point is not too small, that's why it is called small print, dummy!)
All my data leaking mut be my fault then.
Visa Inc and Mastercard Inc are working on a system for delivering online behavioural adverts to consumers based on what they buy in shops, according to media reports. The US-based credit card networks have developed "preliminary" plans to place shoppers into groups based on their in-store purchasing history and sell the …
Hardly. EU and UK law requires a very specific opt in when it comes to passing your data to third parties. IOW the companies could not hide this deep within the Terms and Conditions. If you have not checked the box that says they can pass your data to third parties then they cannot sell or otherwise pass on your data without breaking the law.
I have never purchased a single item online. Nor am I ever likely to. Why would I? I can get anything I will ever need in life within a two hour's round-trip from where I sit as I type ... with the added benefit of being able to look the seller in the eye whilst sealing the deal with a handshake.
I don't wear hats. Of any kind.
"I can get anything I will ever need in life within a two hour's round-trip from where I sit as I type"
Do you have nothing better to do than spend a couple of hours driving to buy something when, instead, you could get it with a few clicks of a mouse?
And how much petrol (or diesel) do you burn whilst doing that? And how much does that item cost? Are you really willing to spend extra time and money buying something from someone with a steady gaze and a firm handshake (something which any con-man worth his salt naturally practices carefully) when you can get it cheaper and more easily and delivered to your door just so you can avoid using cards?
Me & mine travel all over Northern California & most of the this side of the Rockies. It's a hazard of breeding & showing dogs & horses. Fortunately, we know how to multi-task. Dawg show, horse show, eyeballing a used water truck, or a cylinder head for the Perkins in my Monterey Clipper ... the trick is to make the minutes work in your favo(u)r.
Con-artists, at least in this scenario, are laughable. Purchasing stuff on TehIntraWebTubes[tm]? Maybe not so much.
"If I need to use credit to purchase something, I get a cash loan. The banker never gets a chance to observe what I do with the funds. Nor should he."
Who in god's own name DOWNVOTED this post ?
They should be handed over, plastic cards held high, all personal pecadillos exposed, no shame whatever in their brainless faces, to the grasping gormless godforsaken minions of the Great Lord High Finance and His Prophetness on Earth - the Most Exalted Anonymity of the Financial Services Industry, on whose blessed being we pour all our wealth and trust.
How do they plan to link my card number to my browser unless I log onto something first using the same email address I associated with my card? Cookies aren't much good - I could buy something online from a shared computer (yes, not wise for other reasons, but it could happen) - would the "targeted ads" then be shown to all users of that pc?
Perhaps (probably!) I missed something, but it doesn't stand up as an efficient working model to me. Perhaps it is just a marketing wet dream that accidentally escaped the asylum.
And it would be really annoying to think it was being done anyway of course...
But that only works once you've made a purchase, which reduces the usefulness of the advertising.
Not that marketeers show much sense in this respect, I've taken several surveys that go along these lines:
When did you last purchase a TV set? Three weeks ago.
Are you planning on purchasing a new TV set in the next month? No.
Why not? Er....
I was wondering the same.
They'd have to use a persistent cookie in case you purge cookies when closing the browser, at which point why not simply put a list of group ID's in the cookie so they aren't selling your data, they're just selling the definition of their own groups.
How would they get the cookie on your PC? Well, I suspect the only time people have direct contact with Visa or Master is when we're making an online purchase and we use their secure payment system. At that point, yes, they could put a cookie on your PC.
But at that point why not simply put a list of groups they've put you in into the cookie? Then they sell the group definitions to other companies, or they sell a plug in for advertisers that reads the cookie for them and simply tells them what market group you fit in (according to the credit card's interpretation of your purchases, that is). That way they never send any information you have given the card company directly: They only sell their classification of you based on their assessment of your purchases. May be how they intend to get around data protection laws...
link the card number to your browser. Every time you buy something with your Mastercard or Visa, the transaction is recorded by them regardless of where you use the card. You know, the data presented to you on your credit card statement each month?
This is the data - your card's purchase history - that these fuckers are planning to sell.
I've already sent an email to Mastercard advising them that my purchase history is my personal data and therefore my intellectual property. I've explained that I am willing to sell them this data for use in their advertising campaigns in exchange for a permanent waiver of any and all interest and credit card fees. Unauthorised use of my data will result in an infringement case being brought against Mastercard in my local court. I have yet to receive a reply, but rest assured, I will not sit still for this.
The only thing I can think of is that they wait for the first online purchase with VbV and whatever the MasterCard equivalent is then set cookies for every advertising network under the sun, or every advertising network under the sun makes use of a 3rd party cookie hosted by Visa/MC.
Pretty easy to defeat with something like NoScript or RequestPolicy.
One answer to your question; Facebook (or Google+ come to that).
Simply get your mindless sucker, I mean, customer, to "like" your card/bank/insurance/discounts scheme/any-other-subsidiary-you-care-to-mention and you've got them. Bang. Online identity synced with Financial identity. Sit back and await the social networking revolution to do its work.
Why do you think companies of all sorts are falling over themselves inventing spurious reasons for you to visit them on Facebook?
"Why do you think companies of all sorts are falling over themselves inventing spurious reasons for you to visit them on Facebook?"
That and the NSA / MI5 / MI6 / CIA etc have been dreaming of having this kind of "database" for years and now people are willingly putting any and all info about themselves online for them to search/profile etc.
Even if someone follows Visa/MC on Facebook, Visa/MC wouldn't be able to work out that this is Mr(s) XYZ with card number 1234 5678, their offline purchases are made in these shops, therefore they can be shown targeted advertising for these things on the web via several advertising networks. Or I don't think they will be able to.
I still believe it will either require a degree of opting in which crosses the creepy line (logging in to VbV/MC Securecode and giving them your e-mail address, Facebook ID, G+ ID, etc...) or setting up cookies after the first purchase by VbV/MC SC.
Either way people can opt out in the first case by not giving this info as there's no law which says that people have to have an e-mail address or Facebook profile or in the second case telling the browser to delete cookies on closing.
They don't need a cookie to identify you, whenever you make a purchase with your card, your card goes through their authorisaton platform which gets to see how much you are spending and where you are spending it. they also get the chance to store this information for mining later.
That information alone is gold dust to marketeers
I have in the past cut up a card and returned it because I didn't like a change of conditions (the one imposing a fee, most often). Whether you'd get enough people prepared to do the same for privacy is another matter.
I like to think that they'd lose far more by me closing the account than they'd gain from selling the data.
2 words for the abusive duopoly ... the second word is "off".
May habits... my personal data... not for sale - especially not to ass-hats that I have no relation ship with.
This has to be a huge invasion of privacy!..I'll go back to cash shopping then, and save on all the interest too.
I guess the ICO will sleep though all this too... the system is corrupt... which makes me wonder about the corruptibility of those controlling it.
Assume that I use my visa card to go on a mammoth shopping spree.
Assume that Visa are allowed to, and do, track the purchases I make with that card.
I now go online and start browsing t'intewrwebs.
How do visa intend to tie my card purchase history to my web browsing? The only way they can do this is if they tie something that identifies me online (IP address, cookie, etc) to my card account, which means that they can only do this when / if I enter my card details online, which requires the collusion of web retailers.
Now, I'd imagine the last thing that an online retailer like Scan, Dabs, etc want is for me to be bombarded by competitor's ads because they pimped me to Visa.
Shocking proposal, in any case. Do these people not learn? Did they not see the shitstorm of bad publicity that arose from the BT/Phorm debacle?
I had the misfortune to work with a "data aggregation" company back in dot com days and was astonished at the level of information these fuckers could provide and that was in 1997/1998 FFS! I shiver to think about how they have evolved since.
This is something that needs to be regulated very strictly, but I imagine it will carry on in the same half arsed fashion in its current form on both sides of the Atlantic.
I can't imagine they'd go as far as 'agree to this or we close your account' - remember with a credit card, you owe them money, not vice versa. They have thw authority but at the end of the day you have the money as a bargaining chip. If they say "right, we're going to close your account because you didn't agree, give us the money' and you say 'haven't got it, sue me', are they really going to do that? For thousands of people? With all the publicity that entails, telling everyone exactly why they are changing the T&C?
They will want to sneak this through on the quiet. They'll go with opt-in for existing customers (with incentives to do so) and make it a standard clause in new contracts. That way they get the same effect in a few years with no noise and much less publicity.
This makes me wonder about how much data supermarkets know about our shopping habits, even if you've never signed up to a loyalty scheme.
I've never signed up to [for example] Tesco Clubcard, but that doesn't mean they can't track my shopping habits through my debit card number. It must be very valuable data to them.
you are making the assumption that this will be targeted ads at you _directly_, which is where I believe you are making a mistake.
The way I read the article, Visa and Mastercard will look and see what did people in 'Block A' buy from brick and motor stores (and even online). Then it will sale that information as: Block A is interested in beer.... give them adverts for pubs and liquor stores.
So expect targeted ads in you mail box based on what the people in your street have bought!
what you write implies that you still think that this will have to do with online advertisement or online tracking. The point I am trying to make is: this whole thing will be _offline_.
They will see what type of stuff is being bought by the people in your area, then sale that info to advertisers. Advertisers will then deliver physical adverts to your mail box.
note, the online online tracking they will do is, they will see where the physical product get delivered to, and sale that. Although, now that I think about it.... advertisers will have a better chance with ebay and Amazon (and other such places), just let they know what type of product each household is interested in and they will be delivering very very VERY targeted adverts! (this is worrying).
This is one thing that drives me mental on forms. There should be a law created outlawing the use of "opt out" boxes because they are a trick in essence. People are far, far too busy doing other things, if you don't tick something it should not under any circumstances include you in something. Seems obvious really.. So incredibly tedious. The local council got one of my relatives with this, all of a sudden you can find her address, phone number, how many people live in her house, etc quite easily on the internet because apparently even the local f*****g council is selling details on... and for paying a damned tax of all things. It's disgusting.
Financial organisations couldn't give a toss about their customers; they see us simply as a commodity to be exploited. If they're not charging us high interest rates they're selling our details to other organisations. But one thing's for sure... they hate the ICO! Pop a question to any financial organisation and they're likely to quote their code of practice rather than data protection law in response. I've made the FSA aware of this on a number of occasions because in the majority of cases, their code of practice is not legally binding whereas the DPA98 is. The FSA are just not interested.
Your best bet is to section 11 all financial services organisations that you do business with. Section 11 of the DPA98 requires an organisation to cease processing your personal data for direct marketing purposes - by whatever means. Failure to comply with a section 11 request can result in criminal prosecution, non-criminal enforcement or audit against the offending organisation. All my banks have to remove the advertising from the envelopes that contain my bank statements - I love it!
I wonder ...
add this to your email signature :
tick box and return email to indicate this email is not de facto accepted as a written instruction to apply section 11 of the DPA98 act; failure to do this will mean your organisation accepts this as a written request to apply section 11 of the DPA98 with immediate effect
a sort of consumers revenge for all those sodding opt out boxes ....
This post has been deleted by its author
Visa and Mastercard do not issue cards. Repeat - DO NOT ISSUE CARDS
Banks issue cards under license from the Handler (Visa, Mastercard), however it is the BANKS who set your terms and conditions. Don't like the T&Cs, CHANGE BANKS. Complain to the banks if you think your data is being sold.
(that aside, the cynic in me thinks *anyone* using my purchasing history to target advertising or other services is a bad idea)
It is not about about web browsing.
Visa or Mastercard don't care about about what you look at on the web.
They exactly know who you are, what you buy, from which seller, where you live, where you are buying from, and using what kind of method (online, in the shop).
So yes, they are sitting on a pile of data that just begs to be analyzed.
Also, it might not have escaped you that Visa just made a deal with Google?
Often get cash from a machine located near the nightclubs in town? See adverts for alcoholic beverages.
Often get cash from a machine outside the supermarket? See adverts for rival supermarkets.
PS: Card companies- this idea is (c) 2011 Anonymous Coward, please do not steal.
This is just one of the (many) reasons I only ever make day to day purchases in cash.
I cut all my credit/debit cards up 5 years ago, never looked back.
Debit & Credit cards only really benefit the banks & government. They've conned people into giving up freedom and anonymity in the name of convenience.
Plus, a lot of small businesses will give you a nice discount for cash.
They don't even know who you are.
The absolute maximum they (Visa & Mastercard) know is that a specific card issued by a member bank was used to make a purchase from a particular merchant. They know the date, time, amount and risk score of that purchase but nothing else. They don't even know your name - that field isn't sent from the acquirer (the shop's bank) through Visa/Mastercard to the issuer (the bank you got your card from).
They do have the history of the card's usage though and that data is what is likely to be analysed on behalf of issuing banks. That data can only be made available to the bank that issued the card and it's the bank that would/could use it for marketing purposes - not Visa/Mastercard.
Some pretty shoddy reporting by the WSJ here.
It'll just mean the signup will have and link and a checkbox at the end. The checkbox will be to agree to the Ts&Cs, the link will be to a separate "PDF for your convenience" set of Ts&Cs you can optionally download with bolded text at the top that states your data will be sold.
Then all they have to do is rely on the fact that most people are too lazy to even download the Ts&Cs.
Without a major overhaul of the payment network protocols this isn't going to be feasible. I've implemented 3 different payment systems over the past few years, and while one had the option to include a description of what was being purchased I've never seen a reason to include it. All that Visa/Mastercard would see would be a merchant reference, the card details, and an amount - how are they ever going to figure out what has been purchased? Amazon (or Tesco, or any other retailer selling a wide variety of items),will likely have 1 merchant services account for all transactions, so if you spend £10 with them there's no way to identify what that £10 was spent on - it could be books, DVDs, shampoo, food, toys, paint, anything!
So, we're back to the first line - a major overhaul of the payment network and forcing all retailers to specify merchandise category codes in transactions. Considering that the payment network doesn't even handle addresses (only address numerics are passed around as the system doesn't support non-numeric values) there's little chance of adding a system to handle these codes in the forseeable future, and even then a significantly smaller chance of retailers implementing these codes as that would require major changes to all commerce platforms.
Is it April already?
Ah, now I've read a few more articles I see what Visa are planning - aggregating offline purchases in an "area" with the types of purchases made (which would still have to assume that a purchase at Tesco would be for groceries rather than a new TV, for instance) and then the advertisers would use geo-location (most likely by IP address as they'll be little else to go on without any personal data) to figure out which area you're in and show ads ... so if you live in an area with a large number of people buying things at Pet City then you'll end up with pet related ads. Short term looks like it'll be a utter waste of time for advertisers; geo-location is often a mess, my home IP comes up as being around 200 miles from where I live, and my work one about the same distance from where I work ... and ads based on aggregated data will be irrelevant for most browsers as the ads will be based on offline sales, not online, which likely has a wildly different purchasing demographic (I buy food in Tesco but never online, for instance, so online ads for food wouldn't give me a sudden impulse to buy food online).
Maybe it's not April, but Visa/Mastercard will be having the last laugh with this.
...the ratfuck weasel bastards were selling the data already. Presumably this latest idea is to tag use of a card for online shopping then associate that transaction with whatever other details can be raped from the shopper.
My card is just used to pillage the local cashpoint. The card companies are cordially invited to put that in an appropriate segment.
I seem to recall an anecdote/urban myth about someone getting their card automatically blocked for suspicious activity. When he queried it he was told it was because there were two transactions of over £50 in one day, and neither was in an off-licence or pub.