Poor Data Quality as a Mechanism for Avoiding Privacy Legislation and other Compliance Requirements

website@infoadvisors.com — Fri, 02 Jun 2006 21:16:00 GMT

As many of you know, one of my practice areas is tailoring IT development methodologies to address privacy and other compliance-related requirements. If you have attended one of my presentations, you'd know that I advocate the start of privacy and compliance issues at the beginning of the project -- at Project Charter time.

One organization here in Canada, MBNA, appears to have missed out on the cluetrain when it comes to protecting their customers and the public. Every month or so, I get a new offer of credit: credit cards, lines of credit, loans, you name it, they offer it. And offer it, and offer it.

We have Federal privacy legislation here and in the US they have Federal privacy legislation in the financial sector. So I should be able to call the toll free number on the offer to opt out of all future mailings. But as many of you have experienced with some of the more aggressive organizations that fill our mailboxes with unsolicited snail mail, sometimes those requests get lost...or expire. Being a privacy advocate when it comes to unwanted messages, I don't hesitate to call to opt out for offers that include a great deal of personal information like my name and address, plus some fictitious pre-approved credit limit. I'd say that about half my requests "take", and almost never with those mail-spamming organizations that hit your mailbox every day.

So what does this have to do with data quality? Well MBNA has a huge data quality problem. Every month or so they send me a new offer. Unfortunately, my name is misspelled, reversed, or my certification is used as my first name or last name. And since their heavily touted opt out application only allows the opt out of a specific spelling of a first name, last name. street address, city and postal code, I can't stay ahead of them.

With MBNA, I'd have to know all the potential spellings and name-calling they'd attempt to opt out a head of time. I can't opt out an address. So between my husband and me, they have lots of combinations to try before they finally hit all the permutations of Karen, Karena, Karin, Kay, Lopez, Lopes, Loper, ISP, I.S.P., etc.

Can't I just throw away the offers? No, because I have to shred them due to identity fraud. Can't you just shred them an be happy? No, because if they can randomize my name, what's to stop them from randomizing my address? Why is this important to me? Because their constant filling of my mailbox with open invitations to anyone to fill it out and send it in, then watch my mailbox for the return card is an attractive nuisance that I can't seem to stop or mitigate.

Suzanne, whom I spoke with today, tells me also that MBNA has no Privacy Officer, no ombudsman, no supervisors working, only one phone number, the one printed on my offer, and no other people who can ensure that their data quality problem is addressed. Oh, and she informed me that they have all the rights in the world to collect data from anywhere, any time they want. She specifically mentioned that they get information from catalog requests, buying something in a store, or ordering magazines. So perhaps I'll just stop ordering catalogs and ordering magazines.

Or maybe I'll just keep calling them, seeing what story a customer service rep can make up every week. And I definitely don't what to have a credit card or a line of credit with an organization that has such bad data quality during the sales process. I mean, if their systems randomly change my name, wouldn't they randomly change interest or charges or other transaction?. As I remind everyone:

Karen Lopez: Musings on Data, Process, and Architecture

Poor Data Quality as a Mechanism for Avoiding Privacy Legislation and other Compliance Requirements

They will never treat you as well as they did while trying to close the sale.