It is clear that one’s name is personal information.  It is understandable how one’s credit card can be personal information.  But how can one’s history of shopping purchases be personal information? 

On February 6, 2024 the FBI arrested a Jan. 6 rioter in the State of New York based on online purchases made on eBay and Amazon.  Despite the rioter being masked, federal authorities matched his online purchases with what he was wearing to confirm his identity. 

It should come as no surprise that online retailers display privacy policies that detail what personal information is collected or disclosed. However, what may be surprising is that brick-and-mortar  stores may also need to have a privacy policy to be in compliance with the relevant privacy laws.

Despite the popularity of e-commerce, brick-and-mortar  retail stores are adapting technology to make them more competitive with online stores.  For example, brick-and-mortar stores may adopt facial recognition technology and capture biometric information; use beacon technology to offer promotions; and track customer shopping habits using radio frequency identification devices.  Even the use of omnichannel technology can identify what items a consumer does not purchase and send “reminders” to consumers in the hopes of completing a sale.  Accordingly, even the non-digital commercial world may have the same obligations as their electronic counterparts.  As brick-and-mortar stores implement new technology, a myriad of privacy issues may be triggered.  If a business collects any information about a person – whether such information identifies a person or not –consultation with a data privacy attorney can be significant in running afoul of the law.


No responses yet

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Comments