Sears Christmas Spyware Surprise
The above links provided extensive detail, with screen captures galore. But the facts at issue appear to be under minimal debate, which frees us to look at the big picture: Sears seems to have gone out of its way to alienate its customers. The worst part: None of it was necessary. This particular Sears incident reminds me of the politician who liesout of habitwhen the truth would actually have served him better. Or the product manager who goes out of her way to fabricate four things about her product when the truth of her product would have been sufficient to make the sale.But Sears is a smart outfit, so I am inclined to not think that this was something overlooked. No, the more likely scenario is that Sears knew precisely what it was doing and that it feared that a consumer who knew that he or she was being watched would be self-conscious and would not act normally. In other words, Im suggesting that Sears understood that the only way to be able to track the way consumers truly behaved on the Web was to track consumers who didnt realize they were being tracked. To trick them, deceive them. Like any plan that depends on ones customers to be gullible or overly trusting, this risks violating a fundamental trust. Thats a dangerous thing to do when customers can move to a competitor with Web-click ease. One of the more astute technology observers Ive run into, Dave Taylor, president of the PCI Vendor Alliance, was talking about the Sears incident on Thursday and had a fascinating take. "This is a classic example of a company going overboard in an effort to understand its customers. There is no reason that Sears would need to know all the Web sites a customer visits, or how long they stay, since 95 percent of that activity is not going to change what Sears offers or how it offers those goods or services," Taylor said. "This is simply another blunt instrument that Sears is deploying to gather data. The other issue is: What if this data were stolen? Im sure Sears isnt immune to security breaches. Why collect data and risk major liability should the data wind up being compromised, by unauthorized employees or by external hackers? The ROI, when these risks are considered, simply isnt there." The scariest part of this incident is what Sears continues to say on its "My SHC Community" page. In a very prominent part of the pagesurrounded by lots of white spaceis this proud claim: "My SHC Community does NOT sell personal information." Thats true. It doesnt sell it. It steals it and uses it for its own purposes. The headline on the page reads: "Changing the Way Retail WorksOne Experience at a Time." Thats perhaps a lot more true than the copywriter had intended. Editors Note: This story was updated to include comments from Dave Taylor, president of the PCI Vendor Alliance. Retail Center Editor Evan Schuman has tracked high-tech issues since 1987, has been opinionated long before that and doesnt plan to stop any time soon. He can be reached at email@example.com. To read earlier retail technology opinion columns from Evan Schuman, please click here. Check out eWEEK.coms for the latest news, views and analysis on technologys impact on retail.
Sears has put together a decent little package of consumer incentives. If it simply and explicitly said, "In exchange for all of this, we only ask that we can track your every Web effort for seven days," this wouldnt have been an issue. The irony is that such a candid approach would likely have yielded a good group of consumer guinea pigs.