Supermarket Loyalty Programs Are More Privacy Invasive Than They Appear

Jon Keegan, the Markup:

When you hit the checkout line at your local supermarket and give the cashier your phone number or loyalty card, you are handing over a valuable treasure trove of data that may not be limited to the items in your shopping cart. Many grocers systematically infer information about you from your purchases and “enrich” the personal information you provide with additional data from third-party brokers, potentially including your race, ethnicity, age, finances, employment, and online activities. Some of them even track your precise movements in stores. They then analyze all this data about you and sell it to consumer brands eager to use it to precisely target you with advertising and otherwise improve their sales efforts.


“I think the average consumer thinks of a loyalty program as a way to save a few dollars on groceries each week. They’re not thinking about how their data is going to be funneled into this huge ecosystem with analytics and targeted advertising and tracking,” said John Davisson, director of litigation at Electronic Privacy Information Center (EPIC) in an interview with The Markup. Davisson added, “And I also think that’s by design.”

Some people surely understand that loyalty programs have at least a minor privacy trade-off, in that they permit stores to track which items are popular among specific demographics. Like so many privacy-hostile practices enabled by insufficient regulation and a collect-it-all mindset, this goes so far beyond reason and expectation. Kroger brags of holding “over two thousand” data attributes for each shopper. Allowing a margin for some marketing bullshit, that is still a staggering amount of information to collect about people buying groceries. Even the most fundamental building block of life — food — has been leveraged as yet another piece of this abhorrent data marketplace.