Mastercard has thorough information of the credit card holders’ spending patterns, which it later sells to unaffiliated businesses, frequently without the customers’ knowledge.
According to a report released on Thursday by the U.S. Public Interest Research Group (PIRG), Mastercard has established a distinct division just for the sale of consumer transaction data, which has grown to be a significant source of income for the multinational payments technology corporation. Data about customers was not sold, according to a statement from Mastercard to CBS MoneyWatch.
The issue is that the majority of customers are unaware of how much of their data is being collected and sold, or that the sale of such personal data exposes them to identity theft and scams in addition to “creepily invasive” advertising, according to the consumer advocacy group warns.
According to R.J. Cross, policy analyst for U.S. PIRG, “Mastercard is so secretive about its data sales that it’s almost certain that most cardholders are unaware of what the company is doing with their data.”
According to the PIRG research, the data Mastercard sells is “aggregated and anonymized,” meaning that third parties do not have access to specific client information. While that lessens some of the dangers for consumers associated with data monetization, the consumer agency claims that it does not stop businesses from “reaching people on an individual level based on data” or from being inundated with intrusive advertisements.
In light of this, nine consumer advocacy groups, including the American Civil Liberties Union and the Center for Digital Democracy, wrote to Mastercard CEO Michael Miebach this week requesting that he stop selling user data.
To be clear, Will Tsang, a company spokesperson, told CBS MoneyWatch on Thursday that Mastercard does not sell personal cardholder data for marketing, location monitoring, or targeted advertising. “When Ms. Cross first contacted us, we responded, months ago. Our attempts to clarify the situation and invite her to a meeting, however, received no response.
Increase in data brokers
American businesses have recently realized there is money to be made in storing and selling customer spending patterns. Data broker companies are those that engage in this practice.
Data brokers sell the consumer information they have gathered to third-party marketers, who use it to create and deliver tailored advertisements to people according to their race, location, age, education, or other factors.
Congress and authorities have recently expanded their monitoring of the data-broker industry, which is predicted to generate $462 billion by 2031. Legislators have questioned senior executives of big IT firms as well as smaller data brokers to learn how they handle the location data that customers provide through their mobile devices and what precautions they have taken to preserve users’ privacy rights.
Card companies and automobile manufacturers
Of course, Mastercard isn’t the only issuer of credit cards using this tactic. According to the news site Marketing Brew, American Express sells data through a third-party analytics firm called Wiland. According to Marketing Brew, Visa, the biggest credit card issuer in the country, sold its cardholder data for a while until ceasing the practice in 2021.
Additionally, data generated by clients utilizing apps is sold by phone companies.
Consumer data is also abundant for automakers, according to Cross. “It’s shocking how much personal information cars collect, and they also frequently experience data breaches,” she said.
According to Mozilla, modern automotive systems like touch sensors, cameras, and GPS gather information from drivers and passengers that is frequently saved by the car manufacturer. According to a Mozilla Foundation study released this month, automakers sell the personal information that they’re ready to give to governmental or law enforcement organizations without a court order.
In connection with a probe by state attorneys general into how the business tracked users’ whereabouts, Google agreed to pay a $391.5 million settlement to 40 states in 2022. According to the states’ inquiry, Google kept tracking people’s locations even after they turned on a privacy setting that forbade the corporation from doing so.
According to Cross, she just applied for a Mastercard to check if the corporation offers clients the chance to choose not to have their data sold to outside parties.
“In all the materials I saw, none of them clearly stated what’s happening, and I never was given a box to check saying ‘Yes, I consent to Mastercard selling my data,'” she claimed. In other words, Cross said that possessing a Mastercard automatically results in the sale of your personal information.