With record numbers of people shopping online as the coronavirus rages on, retail companies are mining ever-increasing amounts of consumer data — but experts say this new gold rush poses fresh questions about privacy, transparency and security.
From how customers browse to what they buy and how to get them to keep them coming back, retailers are doubling down on their efforts to capture and use customer-level data in increasingly sophisticated ways.
“The pandemic has obviously accelerated the tectonic shift of offline retailing to online retailing,” Russ Klein, chief commercial officer with BigCommerce, an e-commerce platform, told NBC News. “What is really clear is that it’s no longer acceptable for an offline retailer to rely solely on brick-and-mortar and it has forced retailers to recognize the value and necessity of using data.”
The coronavirus pandemic has accelerated retail into the world of online commerce by a few years, Klein said. With the holiday shopping season under way, e-commerce sales are expected to skyrocket even further. Online sales between November and December are estimated to grow by 33 percent this year compared to last year, to a record $189 billion, according to Adobe Analytics.
"What is really clear is that it’s no longer acceptable for an offline retailer to rely solely on brick-and-mortar."
CVS Pharmacy told NBC News it uses data from its loyalty program, ExtraCare, to analyze individual baskets, amount spent, shopping frequency and categories a consumer shops. Nordstrom said it used its newly launched “Wishlist” to understand popular items for its annual anniversary sale and adjust in real time to customer demand. At Home Group said it analyzed several data sets that showed as early as September that its "Snowed In" collection would be a top seller, and it was able to increase its marketing leading up to the holiday season.
“The online-inclusive approach to retail is here to stay,” Klein said. “We’ve accelerated the fundamental shift to online, and retailers who employ offline will need to do that online in order to survive and thrive.”
Before the eruption of e-commerce, retailers relied on more tedious measures to capture consumer sentiment, such as sales figures, social media listening and organized focus groups, said Frances Zelazny, chief marketing officer at Signals Analytics, a firm that uses artificial intelligence to analyze online consumer data to extract market intelligence. With more people shopping online, retailers are using AI to analyze chatbot messages and product reviews, including photos and videos of a product, to collect information on a shopper or a particular item.
“This is the big opportunity that they didn’t have before,” Zelazny said. “Now they can look at it freeform and extract from sets that are very different.”
Shoppers may not always be aware of how much information about them is collected and used. Retailers deploy an average of 23 behavioral advertising cookies on their homepage, according to a December 2019 survey authored by David Zetoony, former co-chair of global data privacy and security with Bryan Cave Leighton Paisner Law. However, they are significantly less likely than other companies to use cookie notices, according to the report, which surveyed a sample of Fortune 500 retail companies.
"What are the malevolent practices out there? We don't know yet."
Retailers obscure their level of insight to avoid what marketers call “the creep factor” in order to keep consumer trust, said Joe McCarthy, director of performance marketing at Klaviyo, a marketing automation platform. Instead, they opt for more subtle personalization online such as recommending a metal straw to shoppers with a reusable mug in their cart.
“When you mention something in front of a device at home and you see ads all of a sudden online, [people] say they feel like they’re being followed around,” McCarthy said. “How can you intelligently and smartly use that data so that it does truly feel subtle?”
As advertising technology advances, California leads the country in tightening its consumer privacy laws. California’s Consumer Privacy Act requires retailers to let consumers opt out of having their personal information sold to third parties, leading companies to focus on developing their own proprietary customer databases, according to Zetoony, who is now co-chair of the U.S. data, privacy and cybersecurity practice at Greenberg Traurig Law.
“A lot of retailers were really concerned about future proofing,” he said. “The law caused a lot of companies to pivot to be safer from a privacy perspective and develop their own information instead of collecting it from a third party.”
To incentivize people to share their data, retailers use discounts and offers connected to their loyalty programs. For instance, Target Circle members earn 1 percent on every purchase to redeem on a future purchase and a 5 percent birthday discount. Consumers are often willing to share their information for a good offer, according to a 2019 Deloitte report. Nearly three in four consumers said they would share personal data in exchange for better pricing, discounts or offers.
“There is a whole continuum of how far consumers will go,” Rod Sides, vice chairman and leader of Deloitte's U.S. retail and distribution practice, told NBC News. “Can you have my name? Yes. Can you have my address? Yes. That we all give up.”
This picture is further complicated by a wave of first-time shoppers online as a result of the pandemic, raising questions about how marketers or retailers might profile certain customers as “undesirable” shoppers, said Kelly Martin, a professor of marketing at Colorado State University. And with more seniors shopping online for the first time, it could mean they may be more vulnerable to a data breach because they may not be as well versed in strong privacy practices, she said.
“I think we’ll need to see what unfolds as far as the dark side of this,” Martin said. “Companies are pretty invested in keeping [data] safe because they want to keep using it. But what are the malevolent practices out there? We don’t know yet.”