Privacy Implications of Targeted Direct Mail Recalls

Privacy Implications of Targeted Direct Mail Recalls

Solveig Singleton's Remarks Before the Consumer Product Safety Commission, Bethesda, Maryland
July 25, 2003

The term “privacy” best refers to a set of problems arising, in a very loose sense, from the misuse of information, but nonetheless very different from each other and having very different solutions. Spam is very different from identity theft, and that, in turn, is different from problems arising from police surveillance, and so on. This approach to privacy follows the American legal tradition, in which freedom of information is the general rule, with privacy as the narrow exception in special cases, such as medical information.  

Following this tradition, it would be peculiar to suggest that norms of human rights are violated by a business’s attempts to identify consumers that might be harmed by one of its products, for the purpose of fixing it. The general rule of freedom of information in this case offers a real benefit to the consumer. This holds even when the consumer has no previous relationship with the business, but has acquired the goods second-hand. And this holds whether the consumer has voluntarily filled out a recall form, or not; most probably won’t.

But now let’s break the issue down into sub-issues. What if the product in question is a medical product, or is used by children? Medical information and information about children is more sensitive. But even here, there is a strong case for freedom of information. There may be little reason to worry about the low response rate to recalls for some products, such as the wooden armadillos now listed on CPSC web site. I may have a few of those lead-painted armadillos, and I like them, and I’m not giving them back, nor do I intend to gnaw on them. But a collapsing crib or cracked crutch could do substantial harm; and the collection of information by the business is unlikely to do any harm.

Still, there are some commonsense practices to avoid. I offer a couple here:

  • Sending out mail notices with personal information on them, other than an address. Chances are that even with targeting, a lot of notices will go to the wrong addresses. The more targeting the company is able to do beforehand, however, the less this will be a concern.
  • Sending out email notices except to very recent buyers; this will just clog up ISPs and get filtered as spam. And companies can too easily be sabotaged by fake recall notices.

 _________________________________________________________________________

* Solveig Singleton is a lawyer and senior analyst at the Competitive Enterprise Institute. She has authored many papers on privacy and business use of consumer information, and can be reached at ssingleton@cei.org.