Many companies see Customer Relationship Management (CRM) software as an incredible opportunity to enhance their share of wallet of their customers. For large-scale retailers like Wal-Mart, Target or Albertson's, the ability to maintain detailed transaction-level data, when coupled with advanced data mining and analytics tools promises the ability to offer customers the right promotions at the right time as well as better predicting what inventory to have available at which store. This Sunday's New York Times led the business section with just such a tale about Wal-Mart and their use of data mining tools to know that they should get beer and strawberry toaster pastries to stores in regions under threat from Hurricane Frances. (I'm not kidding about the Poptarts, they apparently are big sellers before a hurricane.) But there is a potential downside to having all that data as well.
Kroger is currently facing litigation in Washington state based on a failure to warn their loyalty card holders that may have purchased recalled mad cow-tainted meat. Of course no such claim could be made against a tiny grocer that maintains no loyalty program or customer transaction history, so why would Kroger be different? Well, clearly stores have no duty to collect this sort of customer data, however, the legal claim goes, if they do collect the data, they have the ability, at a negligible cost, to warn consumers, and therefore are assuming the duty to warn. (There is apparently additional statutory support in Washington state for this claim as well.)
Don't suspect that this sort of claim could be unusual, it could have far-reaching implications, consider for example a toy sold by Wal-Mart, Target and Toys R Us that is later recalled, the potential for the retail channel to be brought into certain types of product liability suits could skyrocket based on the outcome of the Kroger case. Beyond these obvious cases of recalled products, I am sure some plaintiff's attorneys may find new and creative ways to invent causes of action based on this sort of duty of care.
Now, from a technical point of view, it may not be as easy to pull this data as one would presume. As is commonly the case, many enterprise data warehouses are designed for fairly selective data extraction or analysis.Of course, anyone who has waited days or weeks for IT to get around to filling a request for a report knows that it may indeed be easier said than done to get the names and phone numbers of loyalty card holders who purchased a particular SKU at a particular set of stores during a particular range of dates. However, this is the sort of flexibility that may be required of companies depending on the outcome of the case.
Professor Anita Ramasastry at University of Washington School of Law provides some legal analysis of the issue at Findlaw. I would encourage readers to speak with their general counsel to fully understand all the legal implications of maintaining extensive customer data.
If you have comments about this topic, suggestions for future topics, or questions related to the governance of the IT function or the business-centric use of technology, feel free to e-mail me at eyetoIT@gmail.com.
Comments