I recently read about a California ruling that prohibits most offline merchants from collecting ZIP codes for credit card transactions. According to the LA Times:

The high court determined that ZIP Codes were "personal identification information" that merchants can't demand from customers under a state consumer privacy law.”

One justice was more specific about the ruling, saying that the privacy law in question was intended to prohibit retailers from collecting and storing consumer information that wasn't necessary to the transaction.

The attorney who brought the law suit took the implications further saying that, “the decision would help protect consumers from credit card fraud and identity theft.”

So there are actually 2 issues here:

1)       The collection of non-essential data
2)      Security problems that facilitate the use of the data for illegal purposes

The marketing and privacy discussion is full of complex issues being conflated in similar ways. Even terms like “consumer data” and “privacy” are so loaded that there are conversations between parties using the same words, but not talking about the same thing.

Most marketers are interested in data that gives them a better understanding of their audiences overall. Generally, we’re not talking about marketers collecting the kind of personal information on your credit report — complete address, bank accounts, etc. Most of you reading this post are well acquainted with this distinction, but are consumers? I suspect most aren’t.

“Privacy” itself may mean not collecting unneccessary data, or collecting data and sharing it only with companies that the consumer specifies. Sometimes it’s a question of whether the data will be shared publicly.

This last one often comes up related to Facebook, which has responded by defaulting settings to private on many of its newer applications. But even this part of the privacy conversation conflates 2 issues:

1) Whether a user’s posts are visible to or can be shared by other users
2) Whether a user's posts, which are subject to privacy settings that they control, can be shared with marketers and advertisers

Like others, I have opinions about all of this, but I don’t have answers. I believe that for the conversation about privacy and marketing to make progress, it needs to be broken down into its discrete parts and tackled methodically. We’re trying to solve problems that we haven’t clearly defined — a problem that wouldn’t get past my Forrester editor and shouldn’t get past marketers and legislators. 

In the meantime, marketers must follow the laws that do exist, while educating consumers and lawmakers about the nature of the data they’re seeking and why they’re seeking it.  Above all, interactive marketers must always consider the user and temper each new decision with a healthy dose of common sense.