Programming Note: This site will be on break through the holidays and return in January. Be sure to subscribe or check back for updates!

Snippet: Forget Milk and Eggs: Supermarkets Are Having a Fire Sale on Data About You ☇

Shared on February 17, 2023

Jon Keegan for The Markup (via Nick Heer):

When you hit the checkout line at your local supermarket and give the cashier your phone number or loyalty card, you are handing over a valuable treasure trove of data that may not be limited to the items in your shopping cart. Many grocers systematically infer information about you from your purchases and “enrich” the personal information you provide with additional data from third-party brokers, potentially including your race, ethnicity, age, finances, employment, and online activities. Some of them even track your precise movements in stores. They then analyze all this data about you and sell it to consumer brands eager to use it to precisely target you with advertising and otherwise improve their sales efforts. […]

In October 2022, Kroger and another top supermarket chain, Albertsons, announced plans for a $24.6 billion merger that would combine the top two supermarket chains in the U.S., creating stiff competition for Walmart, the overall top seller of groceries. U.S. regulators and members of Congress are scrutinizing the deal, including by examining its potential to erode privacy: Kroger has carefully grown two “alternative profit business” units that monetize customer information, expected by Kroger to yield more than $1 billion in “profits opportunity.” Folding Albertsons into Kroger will potentially add tens of millions of additional households to this data pool, netting half the households in America as customers.

While Walmart has a large share of the grocery market, I think comparing it to store that are mostly-grocery is disingenuous. For the record, I’m against the proposed Kroger-Albertsons merger, and think collecting as much data as Kroger does is especially creepy. This probably explains why Kroger is one of the largest chains (along with Walmart) to have NFC-capable payment terminals, but disables it to prevent use of Apple Pay. Also, don’t expect your anonymous data to be that anonymous:

While Kroger and Albertsons stress that they only share “de-identified” or aggregated shopper data, research has shown that the unique combinations of things we purchase, and the time and place of those purchases, can be as re-identifiable as mobile phone location data. A 2015 MIT study found that in a large set of anonymous shopping data, 90 percent of shoppers could be re-identified using as few as four purchases with a known price, purchase date, and store location.

But in this day and age, isn’t it an expectation to collect all the data? How will your business survive otherwise?!

Some grocery chains like Trader Joe’s choose not to offer loyalty programs and say that they do not sell shopper data. Trader Joe’s website notes “…we don’t have sales, we don’t offer coupons, and there are no loyalty programs or membership cards to swipe at our stores. Trader Joe’s believes every customer should have access to the best prices on the best products every day.” In a recent episode of the grocery chain’s podcast, a company spokesperson said, “We don’t collect any data on our customers.”

We need better consumer protection and privacy laws in general, as California is the consistent “exception” to many of these things. I don’t know if it’s a bit of a snowball in that the foundations were there before we ended up in the data-mining hellscape that we’re in now, but it seems that even trying to get lawmakers in many other states to budge is hopeless.

Snippets are posts that share a linked item with a bit of commentary.