When Databases Attack

By | January 28, 2014

Last week in this space, variable-data printing guru (guress?) Heidi Tolliver-Walker wrote about Geico’s VDP misstep, where they had sent out a letter “personalized” to someone who no longer lived at her address. As I’ll point out in a moment, VDP missteps can even be worse than that.

Since the very beginning of so-called variable-data printing—indeed, even going back to the very first rudimentary mail-merges—one of the biggest challenges, if not the biggest challenge, in making 1:1 marketing effective, let alone successful, has been the quality of the data used for the mailing. Remember those old personalized letters we used to receive:

Dear Mr. Ramono,

We very much want to put you, Mr. Ramono, in a new car. Mr. Ramono, have you ever seen yourself behind the wheel of a luxurious yet sporty new vehicle. Have you ever envisioned your own vehicle, Mr. Ramono, being the envy of your neighborhood? Surely the entire Ramono family would derive nothing but benefits from this…

You get the idea, and that’s actually not much of an exaggeration. Nothing says “hey, someone is writing to me personally!” like not only using my name in every single sentence (because who doesn’t do that?), but misspelling it every time. And now we can see our names misspelled in snowflakes, Alpha-Bits, letters etched in the sand, and so forth. Even when our names are spelled correctly, often direct mail comes addressed to us at a company we no longer work for or which no longer exists. Sometimes we move faster than the speed of databases.

Now, these little glitches are more amusing than anything, at least for the recipient. And on the plus side, I can use persistent errors like the above to figure out who has procured my name from whom. (One local organization has me in their database as “Ms. Romano,” which is a real drag.) And sometimes when I see something addressed to me at “Digital Imaging magazine”—which still does happen even though it’s been 15 years—it does trigger off a little sentimental remembrance of good old times… It’s kind of like Proustian direct mail, in a weird way.

However, a far more serious personalization glitch made the news, the Twitterverse, and cropped up on The Facebook Machine a couple of weeks ago. From the L.A. Times:

An off-and-on customer of OfficeMax, Mike Seay has gotten the office supply company’s junk mail for years. But the mail that the grieving Lindenhurst, Ill., father said he got from OfficeMax last week was different.

The envelope appeared to be a typical discount offering. But this one was addressed to “Mike Seay, Daughter Killed in Car Crash.”

Seay’s daughter Ashley, 17, was killed last year in a car crash along with her boyfriend.

The first question Mr. Seay—and anyone reading about the incident—had was, “how did Office Max know that?” Here’s a clue:

In a statement, Naperville, Ill.-based OfficeMax said the mailer was “a result of a mailing list rented through a third-party provider”.

It’s actually not hard to figure out how that happened. Whoever compiled the database entered that particular datum in the wrong field and it was got included in the output fields. Anyone who has ever used a database program (I regularly used Filemaker a million years ago) has had that problem. Now, the real question is: why would this information be in any field in a database?

Phenomenal amounts of data on each of us are freely available to anyone who wants it. And most of it is perfectly legal. Death records (like birth records) are public, and there may even have been a death notice in the local paper. Property transfers are matters of public record, so if you have ever bought a house you know you are immediately included in “new home/homeowner” databases. Health records are supposed to be private, but information leaks out in a thousand different ways. From the L.A. Times article:

Dixon’s group [the World Privacy Forum] has found companies selling data on rape victims, seniors suffering from dementia and people diagnosed with HIV and AIDS. She said companies created powerful data sets by combining personal information available from public records, census information and social media.

This is not a new debate, and in some ways it’s rather quaint to talk about privacy when so many people put virtually every aspect of their lives on Facebook, Instagram, etc. And Facebook makes the data you willingly share available to advertisers and marketers. The Office Max blunder doesn’t really tell us anything we didn’t already know or at least suspect—or fear.

As marketers, and those who facilitate the efforts of marketers, we need to be careful about what we collect on potential customers—either directly or indirectly. We can’t stop the collection of sensitive information, but we can be careful about how we use it.

Share this post


3 thoughts on “When Databases Attack

  1. Heidi Tolliver-Walker

    Yes, and we all remember Target’s misstep when it was caught use profiling to target suspected women who were pregnant. A great idea until a teenager was outed in her pregnancy by her father who wondered why she was getting mailings from Target focused on pregnancy and infant needs. We’ve got the data, but how we use it is another thing entirely.

  2. Patrick Whelan

    And as Kevin Keane pointed out in his post about this, printers and mailers need to make sure they have legal protections in place when this sort of thing happens.

  3. Kate Dunn

    Nice article. I think though there could be another explanation that doesn’t have anything to do with purchased data. The data company may have just been a convenient scapegoat.

    Years ago we had an account that was incredibly focused on customer service. A very similar thing happened to them. It was learned by a teller that a customer who frequented the branch often had lost his wife. The teller learned this unfortunately when she asked the gentleman how is wife was during a transaction. Not wanting another employee to make the same inquiry she typed the description into the gentleman’s record in the name field where she knew it would be the first thing that another employee would see when they called up the account.

    Unfortunately, the same name field was used in a cross sell direct mail campaign some months later and viola – an offended customer when all intentions were to spare the gentleman’s feelings.

    If this is the case, I wonder what would have happened if Staples had just owned up to a bad choice for all the right reasons? Probably a more understanding customer.

Comments are closed.