Consumers Care About Security a Lot Less Than They Say They Do

Opinion: Despite surveys showing that consumers say they would shun merchants that have lax security methods, a new earnings report from famed security bad boy TJX shows a better-than-expected 11 percent boost in revenue.

With all the investigations surrounding the massive TJX Companies data breach—including class action lawsuits, dozens of state attorney general probes, congressional inquiries and a Federal Trade Commission investigation, to name just a few—there are only two constituencies that the $16 billion retailer cares about: Wall Street and its customers.

Indeed, that short list can be cut in half because Wall Street also overwhelmingly cares about the retailers customers, which is equal to revenue. If the customers are happy, Wall Street is happy.

So are customers happy? They tell pollsters theyre not, but TJXs earnings report on Thursday suggests they are talking with those pollsters on their cell phones as they are buying jeans at Marshalls.

This is nothing new. This column has written before about the huge unintended impact that credit card zero-liability plans have had on retail security efforts. Consumers believe that they will personally never be ripped off but that if they are, their credit cards will somehow protect them.

The vicious cycle comes down to this: Large retailers are watching the TJX case very closely, and they are going to learn some very bad lessons. They already assume that they probably wont get hacked and that if they do, it wont be bad. And if it is bad, theyll be able to keep it somewhat quiet. (Reality is not the execs friend in these thought processes.) And if word does get out, whats the worst that could happen? TJX has gotten an avalanche of horrible publicity, and its revenue grew 11 percent.

Yes, the various probes will likely result in some fines, but such fines are not likely to materially impact profits. (Heaven forbid.) Even the class action lawsuits will likely merge, fizzle and quietly be settled out of court with lots of confidentiality agreements. Here again, zero-liability programs limit how much financial harm any consumer is likely to feel, which makes it difficult to get huge settlements.

But consumers dont always understand how theyll act. In a report this week from Javelin Strategy & Research, a nationwide survey of 1,200 credit or debit cardholders found that "only 20 percent said they would likely continue shopping at a store if they learned it had a data breach that may have compromised their card account information, while 78 percent said they would be unlikely to continue to shop there."

The problem with analyzing such results is that people make decisions about survey answers in a hypothetical ideal state. Indeed, they may like to say they would never frequent such a merchant. But when they need clothing for their children and theres this awesome sale at TJ Maxx two blocks away, the Platonic ideal of punishing reckless security deployments pales in comparison with finding jeans that fit well at a good price.

Retail Center Editor Evan Schuman has tracked high-tech issues since 1987, has been opinionated long before that and doesnt plan to stop any time soon. He can be reached at

To read earlier retail technology opinion columns from Evan Schuman, please click here.


Check out eWEEK.coms for the latest news, views and analysis on technologys impact on retail.