In the US apparently it is ... but could it happen here?
In yet another example of what is becoming more and more commonplace, came a throwaway line in an article about a US based retailer who bought the brands and intellectual property of bankrupt sports retailer Sporting Authority. The article indicated that the biggest win for the purchaser was not the trade marks or brands etc. but the 114 million customer files which included around 25 million customer email addresses.
Dick's Sporting Goods, the purchaser (and yes that's actually its name) now has the right to leverage those customer details to drive its sales.
More companies are starting to understand the value of data, including customer's personal information, as a significant business asset. It is also an asset, which like other more tangible assets, can be sold or transferred.
But this couldn't possibly happen to me I hear you say - New Zealand and Australia have strong privacy (and unsolicited electronic correspondence) laws.
While that is true, the restrictions may not always stop sharing or leveraging customer data, which includes your personal information.
Briefly, the Australia and New Zealand:
Privacy Acts: contain a number of privacy principles restricting a company's (or other organisation) use or disclosure of your personal information. However, both privacy regimes allow companies to use and disclosure of your personal information where you have consented to, or otherwise authorised, any such use and disclosure. This is of course, provided the company meets the other privacy requirements - such as protecting your information against loss or misuse, and allowing you access to and the ability to correct your information. While the default position in both Acts is that your personal information cannot simply be sold as an unfettered asset, consent as part of your agreement to a company's trading terms can override those restrictions.
'Spam' Acts (which is actually the name of the Australian Act): provide that a company can send you commercial emails (i.e. emails trying to sell you things you probably don't really need) provided you consent to it doing so, it identifies itself and provides an option for you to unsubscribe.
And that's assuming that those Acts all apply. Most online retailers are based overseas – think ASOS, Book Depository or Amazon, and some which you may come into contact with are headquartered in ‘tax efficient’ jurisdictions with little or no privacy protection.
The main takeaways from this are:
To all those out there who buy from online retailers, and I include myself in this boat, the old adage of caveat emptor (albeit with a slightly different bent) still applies.
For companies who collect personal information, well we suggest you get in touch to check that your terms and privacy policies are not only compliant with the New Zealand and Australian Privacy Acts, but also allow you to extract the value from a still emerging asset class.
Sports Authority said "everything must go" and literally the company put up everything for auction which started on Wednesday including the trove of personal information of its customers. On Thursday, it was reported that Dick's Sporting Goods a sporting goods competitor won with its bid of $15 million for the brand name and other intellectual property of Sports Authority. Dick's Sporting surpassed, Sports Direct International, a British retailer's $13 million bid at the auction. It was a big win for Dick's as it won access to almost 114 million files of the company's customers and approximately 25 million email addresses. According to the experts, the huge treasury of information will help the Findlay Township, Pennsylvania based company to benefit and tap those customers who are looking for a new place to shop.