When Databases Attack
By Richard Romano on January 28th, 2014
Last week in this space, variable-data printing guru (guress?) Heidi Tolliver-Walker wrote about Geico’s VDP misstep, where they had sent out a letter “personalized” to someone who no longer lived at her address. As I’ll point out in a moment, VDP missteps can even be worse than that.
Since the very beginning of so-called variable-data printing—indeed, even going back to the very first rudimentary mail-merges—one of the biggest challenges, if not the biggest challenge, in making 1:1 marketing effective, let alone successful, has been the quality of the data used for the mailing. Remember those old personalized letters we used to receive:
Dear Mr. Ramono,
We very much want to put you, Mr. Ramono, in a new car. Mr. Ramono, have you ever seen yourself behind the wheel of a luxurious yet sporty new vehicle. Have you ever envisioned your own vehicle, Mr. Ramono, being the envy of your neighborhood? Surely the entire Ramono family would derive nothing but benefits from this…
You get the idea, and that’s actually not much of an exaggeration. Nothing says “hey, someone is writing to me personally!” like not only using my name in every single sentence (because who doesn’t do that?), but misspelling it every time. And now we can see our names misspelled in snowflakes, Alpha-Bits, letters etched in the sand, and so forth. Even when our names are spelled correctly, often direct mail comes addressed to us at a company we no longer work for or which no longer exists. Sometimes we move faster than the speed of databases.
Now, these little glitches are more amusing than anything, at least for the recipient. And on the plus side, I can use persistent errors like the above to figure out who has procured my name from whom. (One local organization has me in their database as “Ms. Romano,” which is a real drag.) And sometimes when I see something addressed to me at “Digital Imaging magazine”—which still does happen even though it’s been 15 years—it does trigger off a little sentimental remembrance of good old times… It’s kind of like Proustian direct mail, in a weird way.
However, a far more serious personalization glitch made the news, the Twitterverse, and cropped up on The Facebook Machine a couple of weeks ago. From the L.A. Times:
An off-and-on customer of OfficeMax, Mike Seay has gotten the office supply company’s junk mail for years. But the mail that the grieving Lindenhurst, Ill., father said he got from OfficeMax last week was different.
The envelope appeared to be a typical discount offering. But this one was addressed to “Mike Seay, Daughter Killed in Car Crash.”
Seay’s daughter Ashley, 17, was killed last year in a car crash along with her boyfriend.
The first question Mr. Seay—and anyone reading about the incident—had was, “how did Office Max know that?” Here’s a clue:
In a statement, Naperville, Ill.-based OfficeMax said the mailer was “a result of a mailing list rented through a third-party provider”.
It’s actually not hard to figure out how that happened. Whoever compiled the database entered that particular datum in the wrong field and it was got included in the output fields. Anyone who has ever used a database program (I regularly used Filemaker a million years ago) has had that problem. Now, the real question is: why would this information be in any field in a database?
Phenomenal amounts of data on each of us are freely available to anyone who wants it. And most of it is perfectly legal. Death records (like birth records) are public, and there may even have been a death notice in the local paper. Property transfers are matters of public record, so if you have ever bought a house you know you are immediately included in “new home/homeowner” databases. Health records are supposed to be private, but information leaks out in a thousand different ways. From the L.A. Times article:
Dixon’s group [the World Privacy Forum] has found companies selling data on rape victims, seniors suffering from dementia and people diagnosed with HIV and AIDS. She said companies created powerful data sets by combining personal information available from public records, census information and social media.
This is not a new debate, and in some ways it’s rather quaint to talk about privacy when so many people put virtually every aspect of their lives on Facebook, Instagram, etc. And Facebook makes the data you willingly share available to advertisers and marketers. The Office Max blunder doesn’t really tell us anything we didn’t already know or at least suspect—or fear.
As marketers, and those who facilitate the efforts of marketers, we need to be careful about what we collect on potential customers—either directly or indirectly. We can’t stop the collection of sensitive information, but we can be careful about how we use it.