Read the three cases below and for each one, think if this is something you might be doing already or would feel ok to do... or not. Then you'll be invited to vote and comment (anonymously).
- For an ecommerce site using your web analytics vendor of choice, the transaction id, along with traffic source data (referrer, campaign, search keywords, etc.) and micro-conversions info (which other business valuable tasks were completed) are extracted using the API. The transaction id are then looked up against your sales database in order to do further segmentation and build a customer list (name, address, purchase details, demographics, etc.) that will be used to send a "thank you" snail mail, along with a 50% discount on a future purchase. Clearly, there is a customer-vendor relationship in place and the information for the purchase was collected with user consent.
Is this legal? Is this allowed by your vendor TOS? Is this ethical?
- Still for the same ecommerce website, you extract the product SKUs, along with item quantity sold and the same source data and micro-conversions info. The data is merged against the back-end inventory database using the SKU and predictive models are developed to know which stock levels are optimal for each SKU.
Is this legal? Is this allowed by your vendor TOS? Is this ethical?
- A financial institution typically has several types of requests: credit card, mortgage and other financing inquiries, retirement simulator, insurance quotes, etc. Completed requests are stored in back-end systems for processing - those transactions are frequent targets of fraudulent behavior or are abandoned along the way. One way to generate a unique key is this: first 3 letters of last name + 1st letter of first name + 4 digits zip code (or last 3 characters of postal code) + last 4 digits of phone number. The result, for me, would be HAMS4C02637.
Is this legal? Is this allowed by your vendor TOS? Is this ethical?
Update: to make it clearer, this type of key could be used for lookups against other systems - and could be encrypted using MD5 to make it more obscure - but it is still built from input data even if the transaction isn't fully completed.
The question is... what would you do?
If you are up for it, head over here to vote and comment.