Earlier this week, the Huffington Post’s Jennifer Kerr reported on the practice of tracking of merchandise returns by retailers.  According to the article, some retailers track merchandise returns to identify “chronic returners or gangs of thieves trying to make off with high-end products that are returned later for store credit.”  The article notes that many retailers request that consumers provide driver’s license information to help track merchandise returns and that some use third-party service providers to track the information and identify patterns of fraudulent activity.  

The article quotes consumer advocates as suggesting that some retailers may not provide users with adequate notice that their information is being collected and used for this purpose.  An official from FTC’s Division of Privacy and Identity Protection is quoted as saying, “[m]ost people think when they hand over a driver’s license that it’s just going to confirm identity and not be kept to be used for future transactions. . . . It shouldn’t be that a third party is keeping a profile on someone without them being informed what’s going to happen when they hand over their driver’s license or some other information to a retailer.”

Retailers typically do not provide consumers with privacy notices or disclosures at physical retail locations, though the practice may be evolving, particularly in the wake of lawsuits under the Song-Beverly Act in California and a similar proscription in Massachusetts on collecting personally identifiable data at the point of sale, which we previously blogged about here and here.  As a general matter, the FTC has taken the position that its March 2012 Privacy Report applies to both online and offline data collection practices, though, with the exception of the above-referenced quote, it does not appear that the FTC has elaborated on this particular return-related practice.  

Still, as noted in the article, some major retailers have begun to provide offline notices of this particular practice to consumers.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Libbie Canter Libbie Canter

Libbie Canter represents a wide variety of multinational companies on privacy, cyber security, and technology transaction issues, including helping clients with their most complex privacy challenges and the development of governance frameworks and processes to comply with global privacy laws. She routinely supports…

Libbie Canter represents a wide variety of multinational companies on privacy, cyber security, and technology transaction issues, including helping clients with their most complex privacy challenges and the development of governance frameworks and processes to comply with global privacy laws. She routinely supports clients on their efforts to launch new products and services involving emerging technologies, and she has assisted dozens of clients with their efforts to prepare for and comply with federal and state privacy laws, including the California Consumer Privacy Act and California Privacy Rights Act.

Libbie represents clients across industries, but she also has deep expertise in advising clients in highly-regulated sectors, including financial services and digital health companies. She counsels these companies — and their technology and advertising partners — on how to address legacy regulatory issues and the cutting edge issues that have emerged with industry innovations and data collaborations.

As part of her practice, she also regularly represents clients in strategic transactions involving personal data and cybersecurity risk. She advises companies from all sectors on compliance with laws governing the handling of health-related data. Libbie is recognized as an Up and Coming lawyer in Chambers USA, Privacy & Data Security: Healthcare. Chambers USA notes, Libbie is “incredibly sharp and really thorough. She can do the nitty-gritty, in-the-weeds legal work incredibly well but she also can think of a bigger-picture business context and help to think through practical solutions.”